FavoriteLoading
0

Windows Server 2016中添加AD域控制器

AD域控制器一台往往都是不够的,一般都是需要两台或者两台以上,这样不至于一台AD域控制器瘫痪,导致整个架构无法运行,AD域是整个架构的核心;在上个文档中已经说了[如何创建一台AD域](http://blog.51cto.com/lumay0526/2046844),接下来我们看看如何在现有的AD域中添加域控制器。

## 主题:

- [部署环境](#部署环境)
- [先决条件](#先决条件)
- [安装角色](#安装角色)
- [添加域控制器](#添加域控制器)

## 部署环境

| 编号 | 服务器名称 | IP地址 | 操作系统 |
| :---: | :-----: | :------: | :-----|
| 001 | AD1 | 192.168.100.250 | Windows Server 2016 Datacenter Evaluation |
| 002 | AD2 | 192.168.100.251 | Windows Server 2016 Datacenter Evaluation |

## 先决条件

1、已经有一台AD域控制器,[创建AD域](http://blog.51cto.com/lumay0526/2046844)
2、设置IP地址,DNS指向第一台域控制器,这里就不多讲了,我只附一张图
![](http://i2.51cto.com/images/blog/201712/16/5953f8627117a7da3898116bf378ecda.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
3、设置计算机名
![](http://i2.51cto.com/images/blog/201712/16/49e12b28cf9deaf05b97d78e9b01a708.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)

## 安装角色

在需要添加为域控制器的服务器上打开“服务器管理器”,点击“添加角色和功能”
![](http://i2.51cto.com/images/blog/201712/16/e5974f96bcbfa939c54178d3bcadfa2d.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
弹出“添加角色和功能向导”,点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/f614875098ef18a0f1d1d79afadde661.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
安装类型选择“基于角色或基于功能的安装”,点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/944ce1fec82e25468c20ad04519f62ce.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
服务器选择“从服务器池中选择服务器”,选中“AD2”,点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/27dfca8b6c550c714afb5cc03ccb6f2e.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
服务器角色选择“Active Directory域服务”,会弹出“添加Active Directory域服务所需的功能?”,点击“添加功能”
![](http://i2.51cto.com/images/blog/201712/16/7811ebf1765c64ef6f45ffc03c13c1aa.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
选中“Active Directory域服务”后,点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/5e9f0e291398f9299dc570722384c224.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
功能这里直接点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/c0d4ab4eb060e090e1e5b5fe7c433a12.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/6a423628f0615400d42b1512fd0a0acc.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
确认配置这里将“如果需要,自动重新启动目标服务器”打勾,点击“安装”
![](http://i2.51cto.com/images/blog/201712/16/e9b5bb7fabbdbbc3f6ebfd1b74ac2047.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
AD域服务角色安装完成,点“关闭”,当然也可以点击“将此服务器提升为域控制器”来添加域控制器,这里不这么做
![](http://i2.51cto.com/images/blog/201712/16/0c88fc9f79f998b5b2d1bf0f82d9c302.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)

## 添加域控制器

回到该服务器的“服务器管理器”,点击“通知”-“将此服务器提升为域控制器”
![](http://i2.51cto.com/images/blog/201712/16/71af8e641d4ddb9a43d0b626a103f313.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
部署配置如下
选择部署操作“将域控制器添加到现有域”选中
指定此操作的域信息
域:“contoso.com”
然后点击“更改”
![](http://i2.51cto.com/images/blog/201712/16/6e9fe88beca76dd9c7dde8ae89fe87b1.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
输入部署操作的凭据,点击“确定”
![](http://i2.51cto.com/images/blog/201712/16/e5914f076f37226ece26a68c486c6368.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
部署配置配置完成,点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/dae01044dc584a7d1d63674d2da0d3a4.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
域控制器选项这里只配置“键入目录服务还原模式密码”,点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/e01f66439f7bd06a90c950d7b36d2b9b.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
DNS选项这里直接点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/6ad077754402f0ba9c93b6fc896d5022.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
其他选项,选择复制自的域控,这里为“AD.contoso.com”,点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/fa916ddaffeb0f44a94231e98136bde8.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
指定AD DS数据库、日志文件和SYSVOL的位置都放置D盘,点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/5050db94bdbf0e698e485bcc7d763689.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
确认配置,点击“下一步”
![](http://i2.51cto.com/images/blog/201712/16/650ac2b3be6dee8ba1aec75e7e22bdc5.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
先决条件检查已通过,点击“安装”
![](http://i2.51cto.com/images/blog/201712/16/ea4843987f332fe09413c7ef4de7e3fc.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
正在配置
![](http://i2.51cto.com/images/blog/201712/16/525f6efc8e22b824abbc758356440581.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
配置完成后会自动重新启动服务器
![](http://i2.51cto.com/images/blog/201712/16/c94278856404c14573442226d921192a.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
服务器重新启动之后,输入密码,这里需要输入域管理员密码
![](http://i2.51cto.com/images/blog/201712/16/2c3f1f4abc2f9165f1a99b08d95fbe5d.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
进入桌面后,在“服务器管理器”中点“工具”-“Active Directory用户和计算机”
![](http://i2.51cto.com/images/blog/201712/16/9a37fe7b8d411427c101abf94f11a45b.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
打开“Active Directory用户和计算机”后,展开contoso.com域,点击“Domain Controllers”可以看到AD1和AD2
![](http://i2.51cto.com/images/blog/201712/16/3b7febff082462272a19c01f5d62231f.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
到这里添加域控制器就部署完成了