How to set up a win2kAS box as a domain controller at home...

[loosbrew]

Hey all...i know i should know this but....im trying to set up my home systems so that i can practice my MCSE class stuff on them. well, the senerio is this...
one box to be the router/gateway/DHCP/DNS etc server for my other win2k AS box. it will be directly connected to the INET via cable modem. i planned on hooking the other win2k AS box, mainly used for normal stuff, directly to the router/gateway.etc win2k box via crossover. i would like to make the router box be the domain controller so i pratice making computer objects in AD and the like and test them out to make sure they work. how would i go about doing this? i plan on administering the router box via terminal client service on my main box, due the lack of monitor on the server box.
any thoughts?

tia
loosbrew

 

[Garion]

Not to be a spoiler, but if we tell you exactly how to do everything you're not going to stand much chance at passing your MCSE on your own. Why don't you come up with some ideas as we'll comment on them?

- G

 

[Marqui]

<< Not to be a spoiler, but if we tell you exactly how to do everything you're not going to stand much chance at passing your MCSE on your own. Why don't you come up with some ideas as we'll comment on them?

- G >>



Isn't that what he just did?

 

[loosbrew]

ewll from what i gather, to setup the &quot;domain&quot; i dont necesarily need to install service, but rather name the PDC server what i want the domain to be. but i need to add accounts to the domain first in order for the domain to authenticate the computer. do i need anything else installed in order for that to work properly? any special protocols? i plan on using tcp/ip between the two to make things a bit easier to setup for now, until i get the hang of this, then ill dive into netbeui. i am more familiar with tcp/ip right now.

thanks for making trying to figure it out, it does help, i guess its something i shuoldve done in the first post
loosbrew

 

[pissedoffwookie]

Hint for your domain controller:

START--->RUN--->DCPROMO

Tip:

WINS is a nice addition for less client broadcasting

Tip:

disable NetBIOS on the NIC connected to the cable modem

Tip:

share the &quot;%windir%\system32\clients\tsclient\win32\disks&quot; directory for ease of terminal server client install

Tip:

when you install server Apps create an account associated with that application, so as to avoid using the administrator account for services to log into. for example backup software often needs to login to perform its tasks create a user called bck_admin or something like that just for that app. (this is so people don't break services if they should change the administrators password it also creates the situation that lesser admins, like your backup lackey, do not know the admin password)

Tip:

Create template user accounts for each type of user and configure accordingly using the %username% variable in place of the username. Name the template account for the type of account it is such as _template_admin_users and _template_accounting_users. Preface each template account name with a special character (I use underscores) to group them and place them at the top of the userlists. Disable the template accounts. Copy the template account whenever you create an new user, Windows will automatically enable the account and apply the username to the areas you used the variable and since the account is preconfigured the users security and acces privelages will already be set

Have fun, and BTW the Last tip is a habit you should get into early on in your server building career, you'll learn to love yourself later on if you develop server &quot;habits&quot; even if they seem unnecessary at the time, they will save your ass.

 

[loosbrew]

i knew to share that folder. i actually plan on sharing the entire c drive at this point, so i can have access to it entirely at first. with a one client network, i dont think ill need wins, unless itmakes that much of a difference the netbios thing is a great idea on the incoming NIC. what the hell does the isp need me to have netbios on fer ? im not planning on installing server apps, but ill keep that in mind, actually ill copy that into a txt file to reread later. same for the user accounts, i will try that when i set it up to VPN.

thanks again, and keep them coming!!

loosbrew

 

[loosbrew]

up

 

[Moonark]

Just wondering why you are using Advanced Server... Unless you plan on using about 8 processors and the built in load balancing feature I would honestly use Win2K server. I will probably run more efficiently on the system you are using. It too can act as a DC as well as run TS. It can act as a rounter or VPN server as well. I really see no need to use advanced server, unless there is something I am overlooking

 

[pissedoffwookie]

I'll tell you why......he can play with clustering with his 2 Win2kAS boxes

that was another tip for loosebrew BTW

concerning WINS, in an active directory WINS is unnecessary, but the presence of a wins server and pointers to it in the DHCP advanced scope settings will help clients connect to computers on the network more quickly and cut down on unnecessary network chatter because the clients need not broadcast for computername requests, they already know who to ask.

TIP

make sure your clients only use the server as a DNS server and configure your server to forward internet DNS requests to your ISP

 

[loosbrew]

Great tip about the forwarding POW!!! the reason i am using Win2k AS is because i get free copies from every class i attend for my MCSE exams. so i have two copies at the moment, and granted they are only 120 day evals, theres always something in the registry to change that, if i need to. I doubt it though, 4 months should be plenty for me to get this thing working and pass a few exams, then i can either reinstall and replicate the global catalog from ont to the other, or just crack it, but i would like to keep this as legal as possible
thanks for all of the tips...btw...how can i clutser my two pcs??
loosbrew

 

[Santa]

Another tip to perhaps investigate further is to read up on Domain Forest and Trees so that you can practice creating Domain Forest and the Trees underneath it.

Me and a friend are about to attempt this over Cable and DSL and have high hopes in getting a reliable network running to simulate a corperate enviroment over say Site-to-Site VPN links if need be.

Clustering is another excellent thing to play with since you do have 2 copies and two boxes give it a shot but you can't do both.