Using the Windows 2000 Configure Your Server Tool

The Windows 2000 Configure Your Server tool provides a central location that you can use to install and manage most of the important server tools, such as Microsoft Active Directory, DHCP, DNS, and WINS. However, given the sometimes bewildering number of administrative tools and Microsoft Management Console (MMC) snap-ins available, having an organized and central location from which to access all of these tools is crucial. You don't actually use the Configure Your Server tool to perform many actions, but it serves as an interface for launching the various MMC snap-ins that you use to accomplish your tasks.

The Windows 2000 Configure Your Server tool appears when you first boot your server after completing Setup. If it doesn't appear, set up any additional devices and prepare any additional drives you need for your server programs and data, and then launch the Windows 2000 Configure Your Server tool from the Administrative Tools folder on the Programs menu.

In the Configure Your Server tool, use the topics on the left to choose the services you want to configure, and click the hyperlinks and buttons to set up and configure these services. The Configure Your Server tool launches any necessary wizards to walk you through installing the services you select.

Choosing Whether to Set Up a Domain Controller

The first screen in the Windows 2000 Configure Your Server tool asks whether your server is the only one on your network (Figure 6-12). When you create a new network and this is the first server on the network, choose the This Is The Only Server In My Network option. (See the Configuring the First Server on Your Network section later in this chapter for more information.) This selection sets up your server as a domain controller and installs Active Directory, DHCP, and DNS on your server. Otherwise, choose the One Or More Servers Are Already Running In My Network option. Choosing this option allows you to pick exactly which services you want to install on your system. After choosing an option, click Next to continue.

Figure 6-12. The first screen of the Configure Your Server tool.

You should be extremely careful about adding a domain controller to an existing Windows NT 4 network. Before you can add any Windows 2000 domain controllers to an existing Windows NT 4 domain, you must upgrade the primary domain controller (PDC) to Windows 2000. This upgrade is required because Windows NT domains are single-master networks where the PDC contains the master records for the domain. Windows 2000 servers use full, multimaster replication, and each domain controller acts as a master repository for domain information. If you add a Windows 2000 server or upgrade any machine other than the PDC on an existing Windows NT domain, you'll create a new Windows 2000 domain that looks like the existing domain but is not the same domain. The Windows 2000 domain controller that will work as the PDC for the network won't have the same security identifier (SID) as the PDC of the Windows NT 4 domain you were trying to upgrade. The result is a "network" that doesn't work. Therefore, you must upgrade the PDC on a Windows NT domain to Windows 2000 before attempting to install any other iterations of Windows 2000 Server as domain controllers (member servers can be added at any point).

When upgrading a PDC to Windows 2000, be sure the server's hardware is capable of handling the upgrade. If there's any doubt about whether your existing PDC can function with the additional load, you can do a little juggling by promoting a backup domain controller (BDC) that you're sure of to be the PDC. Then upgrade the new PDC to Windows 2000. See Chapter 7 for more information on upgrading servers.

Configuring the First Server on Your Network

If you're creating a new network or domain and you're setting up the first server in the domain, the Windows 2000 Configure Your Server tool can guide you through the configuration process. Just follow these steps:

1. In the first window of the Windows 2000 Configure Your Server tool, choose the This Is The Only Server In My Network option, and click Next (as discussed in the previous section). Choosing this option helps you configure your server as a domain controller running Active Directory, DHCP, and DNS.
2. Click the Show More Details link to view information about how your server's TCP/IP services will be configured, and then click Back.
3. Click Next, and then enter the domain name you want to use in the first text box, as shown in Figure 6-13.

   

   Figure 6-13. Entering your domain name using the Configure Your Server tool.

4. To use an Internet-registered domain name (such as scribes.com) as the root for your fully qualified domain name, enter the Internet domain name in the second text box. Or, to specify that your domain is a local domain that isn't a part of an Internet-registered domain, type local in the second text box.
5. Verify that the Active Directory and downlevel domain names are correct in the preview boxes at the bottom of the window, and then click Next.
6. Click Next again. Active Directory, DHCP, and DNS are installed in Unattended mode and Windows restarts. Once logged on, Windows displays the Windows 2000 Configure Your Server tool again. (See Chapter 11 for help with any Active Directory installation questions you are asked, or see the sections on installing DHCP and DNS in Chapter 14 for help with DHCP and DNS questions.)
7. Configure your server to use the static IP address specified in the Windows 2000 Configure Your Server tool. To do this, right-click the Local Area Connection icon in the Network and Dial-Up Connections folder, and choose Properties from the shortcut menu. Select Internet Protocol (TCP/IP), and click Properties. Then enter the proper IP address and subnet mask, and verify that the DNS server addresses include your server's IP address.
8. Open DHCP Manager and expand the DHCP server.
9. Select the DHCP server and choose All Tasks-Authorize from the Action menu.
10. Reboot your computer, and then use the Windows 2000 Configure Your Server tool to add any other services you need.

Real World

Special Facts About Windows 2000 Domain Controllers

Although it's true that all Windows 2000 domain controllers are equal, some are more equal than others. The first Windows 2000 domain controller is automatically assigned the role of Global Catalog server. At least one Global Catalog server is needed on every domain. The Global Catalog is a database that contains a full replica of all directory objects in its host domain plus a partial replica of all directory objects in every domain in the forest. The Global Catalog's role is to enable the finding of directory information and to provide universal group membership information during logon. After additional controllers are installed, you can reassign the role of Global Catalog server or designate more than one machine as a Global Catalog server. This process is described in Chapter 11.

The first domain controller is also assigned the operations master roles. A single controller must perform each of these roles because they are functions that can't be executed in different places at the same time. (For example, a single controller must handle the creation of security identifiers to ensure that each identifier is unique.) Under most circumstances, you won't have to change the location for any of the operations master roles, but you should be familiar with each of the roles and what happens in the case of failure. See Chapter 12 for information on operations master roles.