We will be setting up our domain controller using Windows Server 2012 R2 X64. I have created a VM template using VMWare Player and have made four copies. Instructions for setting up a VM using VMWare Player will be posted in future. For the domain controller, I have the following settings for the VM. I have two network adapters in every machine: one for private network setup for 10.1.X.X/255.255.255.0 subnet and the other for Internet access from the host machine. I have also configured the binding order so that the “LAN” NIC is first in the binding order. This is important!
Note: After making the copies, please make sure to change the SID by running the following command on every VM:
- Select Start –> Run –> C:\Windows\System32\Sysprep\Sysprep.exe
- You will see the System Preparation Tool 3.14 window. Keeping the defaults, select “Generalize” and select “OK”. The system will be rebooted and you will be restarted with the default setup of Windows 2012 Server R2.
Domain Controller Setup
Follow these instructions to setup the domain controller:
- Start Server Manager.
- Select Manage –> Add Roles and Features. This will start the “Add Roles and Features Wizard”. Select “Next”.
- Select “Role-based or feature-based installation in the next screen and select next. Select “CONTOSO-SP16-DC” from next screen and select “Next”.
-
Select “Active Directory Domain Services” and “DNS”" from the roles. You will be prompted to select the dependent features. Select “Next”.
-
In the next screen we will select the following features and select “Next”.
-
.NET Framework 3.5 Features
-
.NET Framework 4.5 Features with ASP.NET 4.5
-
-
Select “Next” in the “AD DS”, “DNS”, screens. Select “Install” on the “Confirmation” screen.
-
The installation will start.
-
Select “Close”. Additional configuration is required. Select “Notifications” from “Server Manager” and select “Promote this server to Domain Controller”.
-
In the “Deployment Configuration” screen, select “Add a new forest” and specify “contoso.com” in the “Root domain name” and select “Next. Specify a password in the next screen and select “Next.
-
In the “DNS Options’, select “Next”. You can ignore the warning since a default domain will be created with the new domain controller setup. Selecting “Next” will take you to the next screen showing the NetBIOS name of the server. Accept the default and select “Next”"
.
-
The next screen will show you the path of the AD DS databases log files, and SYSVOL folder. Accept default and select “Next” twice. Select “Install” in the “Prerequisite Check” screen. You can ignore the warnings. The system will restart during this process.
-
After the system is restarted, logon using the “Administrator” account. Review “Notifications” to see any pending tasks or warnings.
-
Select “Tools –> DNS” to make sure that the DNS zones are setup properly.
-
For simplicity, we will also disable “Windows Firewall” by going to Control Panel.
![image[187]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJXwltGhxbJWkhChh8Un0M2JyhfL8IL8oYxmHR8XYDl3og1b3JTp-gUPAZliciTicw0g-SV0ZbQi3kQEFMBILnkdy02LQ6QzL5WU7nl0p8bWjNOFoG_fX13lZYT5mymN-XtKNXGhxPXqeV/s1600-h/image%25255B187%25255D%25255B13%25255D.png "image[187]")
Service Account Setup
We will need the following service account for our setup.
| User Name | Name | Description |
| CONTOSO\sp2016-setup | ||
| SharePoint Setup Account | ||
| CONTOSO\sp2016-farm | SharePoint Farm Account | |
| CONTOSO\sp2016-admin | SharePoint Farm Admin Account | |
| CONTOSO\sp2016-sql | SharePoint SQL Account | |
| CONTOSO\sp2016-service | SharePoint Shared Service Application Account | |
| CONTOSO\sp2016-search | SharePoint Search Account | |
| CONTOSO\sp2016-crawl | SharePoint Crawl Account | |
| CONTOSO\sp2016-owebapps | Office Web Apps Account | |
| CONTOSO\sp2016-wfservice | SharePoint Workflow Service Application | |
| CONTOSO\sp2016-c2wts | Claims to Windows Token Service | |
| CONTOSO\sp2016-pfptsvc | PerformancePoint Service Application Account | |
| CONTOSO\sp2016-excelsvc | Excel Services Account | |
| CONTOSO\sp2016-visiosvc | Visio Services Account | |
| CONTOSO\sp2016-ssrs | SQL Server Reporting Services Account | |
| CONTOSO\sp2016-superuser | SharePoint Super User Account | |
| CONTOSO\sp2016-superreader | SharePoint Super User Account | |
| CONTOSO\sp2016-test1 | Test Account | |
| CONTOSO\sp2016-test2 | Test Account | |
| CONTOSO\sp2016-test3 |
Follow these steps to setup user accounts:
- In Server Manager, select Tools –> Active Directory Users and Computers.
- Right click on the domain and select New –> Organizational Unit. Specify “Service Accounts” in the next screen and select “OK”.
- Open PowerShell and copy and paste the following commands to create these users:
New-ADUser -Name "sp2016-setup" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-setup" -DisplayName "sp2016-setup" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-farm" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-farm" -DisplayName "sp2016-farm" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-admin" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-admin" -DisplayName "sp2016-admin" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-sql" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-sql" -DisplayName "sp2016-sql" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-service" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-service" -DisplayName "sp2016-service" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-search" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-search" -DisplayName "sp2016-search" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-crawl" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-crawl" -DisplayName "sp2016-crawl" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-owebapps" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-owebapps" -DisplayName "sp2016-owebapps" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-workflow" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-workflow" -DisplayName "sp2016-workflow" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-c2wts" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-c2wts" -DisplayName "sp2016-c2wts" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-pfptsvc" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-pfptsvc" -DisplayName "sp2016-pfptsvc" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-excelsvc" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-excelsvc" -DisplayName "sp2016-excelsvc" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-visiosvc" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-visiosvc" -DisplayName "sp2016-visiosvc" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-ssrs" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-ssrs" -DisplayName "sp2016-ssrs" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-superuser" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-superuser" -DisplayName "sp2016-superuser" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-superreader" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-superreader" -DisplayName "sp2016-superreader" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-test1" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-test1" -DisplayName "sp2016-test1" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-test2" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-test2" -DisplayName "sp2016-test2" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
New-ADUser -Name "sp2016-test3" -Path "OU=Service Accounts,DC=contoso,DC=com" -SamAccountName "sp2016-test3" -DisplayName "sp2016-test3" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true
In the next article, we will work on setting up SQL Server 2014. Stay tuned!
No comments:
Post a Comment