- Domain is called Client/server mode
- In a Domain environment there is a domain controller responsible for authentication and authorization of users on the network.
- Domain controller checks the permissions and security on the network.
- Centralized management! There is no need to create users on every single computer on the network.
- Once users are authorized through a domain controller; they can connect to any server and access any resources permitted by the domain controller.
- Network Administrators have full access to the network resources remotely and users probably can make limited changes on their computers.
- In a domain environment there is consistency among computers.
- There is no limitation on the number of computers in a domain
- Peer to peer network
- No server and controller (all computers have the same amount of control)
- All network user accounts should be configured on all computers so users can connect to each other’s devices.
- No more than 15 computers in a workgroup is recommended.
- Homegroup is a workgroup that computers need to type the password once to join to the homegroup.
- The recommended way to share printers, documents and videos on a home network.
- There is no server or domain controller on a homegroup.
More Related information:
How to know which network the computer is member of?
Go to Control Panel, then click on System and Security and select system.
How to Change a computer name?
Refer to Control Panel then click on System and Security and click on System
The System window will open
Click on the Change Settings in front of the computer name.
The System properties window will open; Click on Change button and change the computer name in the “Computer name field”
Any change in the computer name or domain membership require the server to reboot.
Installing Active Directory:
- First recommended step in installing AD is to configure an static IP address on the server.
- Installation of Active Directory can be done through Server manager or PowerShell.
- DCPROMO command is deprecated in Server 2012 and the configuration wizard should be launched after the Active Directory role is installed on the server
Installing Active Directory Domain Services in the PowerShell
Install-WindowsFeature -name AD-Domain-Services
Installing Active Directory from Media (IFM)
- The feature has been first implemented in the windows 2008 R2.
- If there are multiple physical locations and there is a need to install additional Domain Controller in the branch office and receive the database from the headquarters this feature will be best beneficial to reduce the replication bandwidth.
- If WAN speed is low and the connection is unreliable then we need to use IFM for AD installation in the remote office.
What Is Global Catalog?
- Repository of information of Active Directory is called the Global Catalog. It is not the Database of AD.
- Global Catalog is Active Directory partition that contains data about all AD objects. It is like indexing of AD. Not all AD data is stored in Global Catalog and only the most useful searchable information is stored in Global Catalog.
Especially when the logical structure of AD is more complex; Global catalog plays a more important role. For instance in a multi-domain forest.
- Helps differentiate identical user names in different domains in the forest.
- Listening traffic port of Global Catalog is 3268 and 3269
Where are FSMO roles located?
Who has the FSMO roles:
- The easiest way is Netdom query FSMO
Commands to configure NTP (Time Servers)
The following command configures the time servers for a device and restarts the time service on the server.
w32tm /config /manualpeerlist:”pool.ntp.org 0.pool.ntp.org 1.pool.ntp.org 0.us.pool.ntp.org 2.north-america.pool.ntp.org 1.us.pool.ntp.org 3.north-america.pool.ntp.org ” /syncfromflags:MANUAL
The following command Queries the server about the current configured time server:
w32tm /query /status
The below command forces the re-synchronizing with the Time servers:
If you want to force the client to resync, run:
Sending resync command to local computer
The command completed successfully.