Deploy and Manage Domain Controllers Part 1

Practice Labs Module
Time
57 minutes
Difficulty
Intermediate

The "Deploy and Manage Domain Controllers Part 1" module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises: Install Additional Domain Controller, Create a New Forest, Install AD DS on Server Core.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

Introduction

The Deploy and Manage Domain Controllers Part 1 module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:

  • Install Additional Domain Controller
  • Create a New Forest
  • Install AD DS on Server Core

Lab Time: It will take approximately 1 hour to complete the exercises in this lab.

Exam Objectives

  • Add a new domain controller
  • Install a domain controller in a new AD forest
  • Install AD DS on a Server Core installation

Exercise 1 - Install Additional Domain Controller

Active Directory Domain Services (AD DS) is one of the roles that can be added and configured in Windows Server 2016. When AD DS is successfully installed, the server assumes the role of an Active Directory Services server or a domain controller. This directory service maintains a database of network objects such as users, groups, computers, subnets, sites among others and collectively organized in an administrative boundary called domain.

For companies that maintain a large Active Directory domain network, it is recommended that an additional domain controller be installed for improved performance and redundancy. Having more than one domain controller enhances recoverability of Active Directory database as a writeable copy is maintained in a separate server. This means that user authentication is processed by any available domain controller in the organization’s network.

When a user logs on to a domain, the credential is verified against directory service database and is granted access to network assets in a domain network based on his role in the organization.

Exercise 2 - Create a New AD Forest

Active Directory (AD) Domain Forest is a single instance of Active Directory. Oftentimes, one AD forest is sufficient for a large company to organize its network assets such as users, groups, computers, printers among others into a directory service called Active Directory.

When Active Directory (AD) is installed in an organization’s network, the directory service is compartmentalized into partitions or naming contexts (NCs). These partitions are Schema, Configuration and Domain.

The Schema NC define the object types and object attributes, there is only one schema naming context for the entire AD Forest. Configuration partition define the network services and sites within the AD forest. There is only one instance of Configuration partition for the entire AD forest. Domain partition stores the users, computers, groups, organizational units, printers and other objects. There can be more than one domain partition in an AD forest.

Exercise 3 - Install AD DS on Server Core

Introduced in Windows Server 2012, the server core variant provides the alternative to installing Windows in computer hardware equipped with slower processor, less system memory and disk subsystems with limited storage.

Server core is command-line variant of Windows Server 2016 where all server administration tasks are handled by the command line tools like Windows PowerShell and the command prompt utility. The Server core demands less system resources compared to Server with GUI and has less system vulnerability because fewer services are running. This makes the Server core an ideal choice for machines with a lower system hardware specifications.

Starting with Windows Server 2016, there is no option to convert a full graphical user interface to server core and vice-versa. Therefore, careful planning must be taken into consideration when opting for server core in Windows Server 2016.

Learning Partner
Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.