How to Check or Verify Active Directory Installation on Server 2003
- Last Updated: Friday, 11 May 2018 13:18
- Hits: 246
How to Check Active Directory Installation on Windows Server 2003 (Win-2k3)
You should now check to see if the AD installation went well.
1. First, see that the Administrative Tools folder has all the AD management tools installed.
[After install active directory five extra administrative tools install :-( 1) Active Directory Domain and Trust, (2) Active Directory Sites and Service, (3) Active Directory Users and Computers, (4) Domain Controller Security Policy, (5) Domain Security Policy]
2. Run Active Directory Users and Computers (or type "dsa.msc" from the Run command). See that all OUs and Containers are there.
3. Run Active Directory Sites and Services. See that you have a site named Default-First-Site-Name, and that in it your server is listed. [Here ""NETWORKINGSTUDY"" is computer name]
4. If they don't (like in the following screenshot), your AD functions will be broken(a good sign of that is the long time it
took you to log on. The "Preparing Network Connections" windows will sit on the screen for many moments, and even when you do log on many AD operations will give you errors when trying to perform them).
Might happen if you did not manually configure your DNS server and let the DCPROMO process do it for you.
Another reason for the lack of SRV records (and of all other records for that matter) is the fact that you DID configure the DNS server manually, but you made a mistake, either with the computer suffix name or with the IP address of the DNS server (see steps 1 through 3).
Open the DNS console. See that you have a zone with the same name as your AD domain (the one you've just created, remember? Duh...). See that within it you have the 4 SRV record folders. They must exist.
To try and fix the problems first see if the zone is configured to accept dynamic updates.
5. Right-click the zone you created, and then click Properties
6. On the General tab, under Dynamic Update, click to select "Nonsecure and secure" from the drop-down list, and then click OK to accept the change.
7. You should now restart the NETLOGON service to force the SRV registration.You can do it from the Services console
In Administrative tools:\services or Run- services.msc
From the command prompt type "net stop netlogon", and after it finishes, type "net start netlogon".
Let it finish, go back to the DNS console, click your zone and refresh it (F5). If all is ok you'll now see the 4 SRV record folders.
If the 4 SRV records are still not present double check the spelling of the zone in the DNS server. It should be exactly the same as the AD Domain name. Also check the computer's suffix (see step 1). You won't be able to change the computer's suffix after the AD is installed, but if you have a spelling mistake you'd be better off by removing the AD now, before you have any users, groups and other objects in place, and then after repairing the mistake - re-running DCPROMO.
8. Check the NTDS folder for the presence of the required files.
9. Check the SYSVOL folder for the presence of the required subfolders.
10. Check to see if you have the SYSVOL and NETLOGON shares, and their location.
If all of the above is ok, I think it's safe to say that your AD is properly installed. If not, read Troubleshooting Dcpromo Errors and re-read steps 1-4 in this article.