Pre requis au deploiement d'un controleur de domaine Windows Server 2008
Bonjour
Suite à différentes questions reçues concernant la préparation d'un domaine à l'installation de contrôleur de domaine Windows Server 2008: voici les informations utiles
en résumé: c'est tout pareil comme avant :)
Install a new Windows Server "2008" domain in an existing Windows 2000 Server or Windows Server 2003 forest
When you install AD DS to create the first domain controller in a new Windows Server 2008 domain, keep the following considerations in mind:
• |
Before you create a new Windows Server 2008 domain in a Windows 2000 Server or Windows Server 2003 forest, you must prepare the forest for Windows Server 2008 by extending the schema (that is, by running adprep /forestprep). |
• |
You must make domain functional level decisions that determine whether your domain can contain domain controllers that run Windows 2000 Server, Windows Server 2003, or both. |
We recommend that you host the PDC emulator operations master role in the forest root domain on a domain controller that runs Windows Server 2008.
Install a new Windows Server "2008" domain controller in an existing Windows 2000 Server or Windows Server 2003 domain
When you install a new Windows Server 2008 domain controller in an existing Windows 2000 Server or Windows Server 2003 domain, keep the following considerations in mind:
• |
If this domain controller is the first Windows Server 2008 domain controller in the forest, you must prepare the forest for Windows Server 2008 by extending the schema (that is, by running adprep /forestprep) on the schema operations master if this has not already been done. |
||||
• |
If this domain controller is the first Windows Server 2008 domain controller in a Windows 2000 Server domain, you must first prepare the domain by running adprep /domainprep /gpprep on the infrastructure master. |
||||
• |
If this domain controller is the first Windows Server 2008 domain controller in a Windows Server 2003 domain, you must prepare the domain by running adprep /domainprep on the infrastructure master.
|
||||
• |
Before you can install an RODC in a Windows 2000 Server or Windows Server 2003 forest, you must prepare the forest by running adprep /rodcprep. You can run adprep /rodcprep on any computer in the forest. You can run it multiple times if necessary. If the operation is unable to reach all the application partitions that must be updated to allow RODC installation, you receive a message that says that not all application partitions have been updated. In this case, rerun the adprep /rodcprep command. If the RODC will be a global catalog server, then you must also run adprep /domainprep in all domains in the forest, regardless of whether the domain runs a Windows Server 2008 domain controller. By running adprep /domainprep in all domains, the RODC can replicate global catalog data from all domains in the forest and then advertise as a global catalog server. |
||||
• |
The first Windows Server 2008 domain controller in an existing Windows 2000 Server or Windows Server 2003 domain cannot be created as an RODC. After a Windows Server 2008 domain controller exists in the domain, additional Windows Server 2008 domain controllers can be created as RODCs. |
After you have prepared the forest and the domain, you can install AD DS to create a new Windows Server 2008 domain controller.
Performing a staged RODC installation
In addition to enabling the scenarios just described, Windows Server 2008 provides a new way for you to install a domain controller in a branch office. This installation process lets you deploy a read-only domain controller (RODC) to a branch office in two stages. First, you create an account for the RODC and delegate its installation and management to nonadministrative personnel at the branch office. Then, the branch office personnel can complete the installation by attaching a server to the RODC account you created for it. This eliminates the need to use a staging site for branch office domain controllers or to send installation media and a domain administrator to the branch location.
When you install an RODC, keep the following considerations in mind:
• |
The RODC must replicate domain data from a writeable domain controller that runs Windows Server 2008. |
• |
By default, the RODC does not cache the passwords of any domain users. You must modify the default password replication policy for the RODC to allow the RODC to authenticate users when the WAN link to the hub site is offline. |