Release the ping command ( basic )
Method 1: Turn off the firewall
Method 2: Create a new rule for inbound rules: allow the ping command (customized IPv4 port)
Network connection mode is set to bridge mode
Enable the two networks to ping each other
Every win server system needs to release the ping command (check interoperability)
The first domain controller DC 1 configuration
Step 1: Environment preparation
Build the system environment of winserver2019
We first clone it as win-server-2
Computer Rename DC 1
Control Panel—System and Security—System—Advanced System Settings—System Properties—Computer Name DC1
Step 2: Set the password for the Administrator account
Settings—Account Settings—PIN Password—Set Password
Step 3: Configure network information
IP address: 192.168.10.1
DNS address: 192.168.10.1
Step 4 : Create the first domain controller long .om
Add roles and features ---Promote this server to a domain controller
Note: We have not created other domain controllers. Here we choose to add a new forest.
Wait for the machine to restart before you can proceed to the next step (the startup time is a bit long, please wait patiently)
Added: Downgrade domain server to member server
Server Manager—Removing Roles and Features
Before removing functionality, the domain controller needs to be demoted first
Restart the computer and the operation will be successful
Add member server MS 1
Step 1: Set the password for the Administrator account
Step 2: Configure network information
IP address: 192.168.10.10
DNS address: 192.168.10.1
Start the machine at the same time: DC1 long.com (the two networks need to ping each other)
Ipconfig /all View network configuration information, ping DC1, and observe whether the ping can be successful
Ping 192.168.10.1, the network can ping successfully before proceeding to the next step.
Step 3 : Run sysprep on this computer
File location: C:\Windows\System32\Sysprep, run the program, click General and click OK directly
Step 4 : Add Member Server MS 1
Control Panel—System and Security—System—Advanced System Settings—System Properties—Computer Name
Install additional domain controller with ROOC (DC 2 )
Step 1: Set up network configuration
IP address: 192.168.10.2 DNS address: 192.168.10.1
Start the machine at the same time: DC1 long.com (the two networks need to ping each other)
Ipconfig /all View network configuration information, ping DC1, and observe whether the ping can be successful
Computer Rename DC 2
Control Panel—System and Security—System—Advanced System Settings—System Properties—Computer Name DC2
Step 2: Run sysprep on this computer
Step 3: Configure Domain Controller
Configuration is complete after rebooting
Create subdomain (DC 20 )
Step 1: Configure network information
IP address: 192.168.10.2
DNS address: 192.168.10.1
Start the machine: DC1 long.com (the two networks need to ping each other)
Computer Rename DC 2
Control Panel—System and Security—System—Advanced System Settings—System Properties—Computer Name DC2
Step 2: Create subdomain action
Server Manager---Add Roles and Features---Promote this service to a domain controller
The subdomain china\administrator is created successfully. Restart the computer to complete the operation.
You can see the subdomain you created in Active Directory Users and Computers in DC2
You can also query it in the DNS in DC1
Step 3: Verify the parent-child trust relationship
In DC1, click the Start menu, Windows Administrative Tools --- Active Directory Domains and Trusts
Long.com right-click the properties and click Trust; China.long.com right-click the properties and click Trust
Inspection completed