- Introduction
- Windows Clustering 101
- Forest Creation Process
- Installation
- Installation of Root Domain
- Quality Assurance
- Forest Preparation, DNS, and Exchange
- Installation of Bridgehead Servers and the Child Domain
- Installing DHCP and WINS Services
- Patching and Updating Domain Controllers
- Exchange Domain Preparation
- Creation of Initial Service and Administration Resources
- Clustering
- Time-Out
This chapter is from the book
This chapter is from the book
This chapter is from the book
Forest Preparation, DNS, and Exchange
This section covers the preparation of the forest for the addition of Exchange 2003 and the creation of a child domain. Before the child domain can be created, the schema is extended in the forest root to cater to the addition of domains and the installation of Exchange 2003 into the forest. All activities in the root domain on the domain controllers are done using the root domain's Administrator account. In addition, we prepare the first site and associate it with the new subnet and perform some housekeeping. The process of preparing the forest is outlined as follows.
Move Domain Operations Master Roles. HQRDC01 is a GC server and also holds schema and domain naming operations. It is important to move the domain operations roles to HQRDC02.
Start Active Directory User and Computers on HQRDC01.
Right-click the root node and select Connect to Domain Controller. Choose HQRDC02 and click OK. You are now on RDC02.
Right-click the MCITY.CTY domain and select Operations Masters.
The RID Master Role appears first. Select Change to move it to HQRDC02. You are able to select the target computer from a list if necessary.
Click Yes to confirm the transfer.
Repeat these steps for the PDC Emulator and Infrastructure Master roles.
Configure DNS Forwarders. We cannot leave the DNS Servers in the root domain as root servers because they assume they have root authority and users are unable to resolve addresses in the external namespaces the county owns and on the Internet. To add DNS forwarding, we first have to delete the root DNS zone (if it exists) and add DNS forwarder addresses. This is done as follows:
Right-click the "." folder under the Forward Lookup Zones and select Delete.
Right-click the DNS Server name HQRDC01 and select Refresh.
Right-click the server name again and select Properties. Click the Forwarders tab and check the Enable Forwarders check box.
Enter the IP addresses of the external, private DNS server (primary and alternate) for MCITY.CTY (most likely these are your external domain's ISP) and click Add. (The addresses of these servers are usually obtained from the Datacom or Network Group in your enterprise.)
When all addresses are entered, click OK to close the dialog box.
Perform ASR backups of the root domains controllers.
Verify Credentials of the root domain's Administrator Account. Before continuing with schema changes, it is worthwhile to confirm the credentials of the Administrator because, at this stage, no other account has the rights needed to perform forest operations:
Open Active Directory User and Computers (DSA.MSC) and expand the Users folder.
Double-click the Enterprise Admins group and verify whether the Administrator account is present. Add the account if it is not.
Perform the same verification on the Schema Admins group. If Administrator is not present, then add the account. Close down the DSA.
Prepare the forest for Exchange 2003. This process requires the Exchange 2003 Installation CD.
Insert the CD into the drive. If the Exchange installation process boots, then close it down.
Open the command prompt on HQRDC01 and enter the following command: <CDDRIVE>:\setup.exe /ForestPrep. During ForestPrep, you are prompted for the account for the Full Exchange Administrator. Use only the MCITY\Administrator account (which can be removed later).
When the ForestPrep completes, remove the Exchange CD and check for any errors in the event logs. Report any errors related to ForestPrep for review and copy the ForestPrep progress log files to the Service Admin workstation. (It is important that the DC on which you perform this can "see" the DC that has the Schema Master role, otherwise ForestPrep will fail.)
Allow root domain controllers enough time to replicate the changes made before moving onto the next step. Never rush into the next step, and if possible give your new domain at least 12 hours before continuing. You can check to see whether the schema additions have replicated by confirming the presence of the exchange object in ADSI Edit. Connect ADSI Edit to both domain controllers. They should both show the exchange objects in the Configuration container.
Review DCDIAG results during the replication cycle as previously described.
Change the Default-First-Site-Name. This step takes place after all forest changes have replicated and DCDIAG results are normal. To do this, do the following:
Start Active Directory Sites and Services.
Expand Sites.
Right-click Default-First-Site-Name and select Rename. Enter HQ (corporate headquarters).
Do not close down the console.
Add the Subnet Associated with the Site. In this step, we add the subnet and mask associated with HQ.
With the console still open, right-click the Subnets folder and select New Subnet.
Enter the Network ID (10.10.20.0) for the subnet associated with HQ (you need to select HQ in the sites list).
Click OK and close the console.
Perform QA.
Create new ASR media.
You are now ready to move on to a child domain.