Chapter 5: Installing Active Directory

Overview

An administrator who is not yet closely acquainted with Active Directory must be aware of the two following postulates:

• The terms "creating a domain controller", "installing Active Directory", and "promoting a server" are, in a sense, synonymous because they describe the same process. You cannot install Active Directory without creating a domain controller and vice versa.

• Active Directory-based (Windows 2000 and Windows .NET) domains simply do not work without DNS.

Administrators, even those who are quite experienced, should always remember that the DNS is the "heart" of Active Directory domains, and many, many faults, all very different by nature (e.g., issues related to the authentication process, or applying group policies to users and computers), can derive from an improperly configured DNS system. That is why troubleshooting practically every domain-level problem should begin with verifying the DNS configuration. And that is why the DNS related issues are mentioned in this chapter again.

This chapter does not contain step-by-step descriptions of all typical operations; instead, it deals with only the most important issues.