IT：如何在Windows Server 2008 R2上安装Active Directory

Active Directory is essential to any Microsoft network built on the client-server network model–it allows you to have a central sever called a Domain Controller (DC) that does authentication for your entire network. Instead of people logging on to the local machines they authenticate against your DC. Lets take a look at how to install Microsoft’s Active Directory.

Active Directory对基于客户端-服务器网络模型构建的任何Microsoft网络都是必不可少的-它使您可以拥有一个称为域控制器(DC)的中央服务器，该服务器对整个网络进行身份验证。 他们不用登录本地计算机，而是根据您的DC进行身份验证。 让我们看一下如何安装Microsoft的Active Directory。

安装 (Installation)

Open Server Manager and click on roles, this will bring up the Roles Summary on the right hand side where you can click on the Add Roles link.

打开服务器管理器并单击角色，这将在右侧弹出“角色摘要”，您可以在其中单击“添加角色”链接。

This will bring up the Add Roles Wizard where you can click on next to see a list of available Roles. Select Active Directory Domain Services from the list, you will be told that you need to add some features, click on the Add Required Features button and click next to move on.

这将弹出“添加角色向导”，您可以在其中单击以查看可用角色的列表。 从列表中选择Active Directory域服务，系统将提示您需要添加一些功能，单击“添加所需的功能”按钮，然后单击下一步继续。

A brief introduction to Active Directory will be displayed as well as a few links to additional resources, you can just click next to skip past here and click install to start installing the binaries for Active Directory.

将显示对Active Directory的简要介绍以及一些指向其他资源的链接，您可以单击“下一步”以跳过此处，然后单击“安装”以开始为Active Directory安装二进制文件。

When the installation is finished you will be shown a success message, just click close.

安装完成后，将显示一条成功消息，只需单击关闭。

组态 (Configuration)

Open up Server Manager, expand Roles and click on Active Directory Domain Services. On the right hand side click on the Run the Active Directory Domain Services Installation Wizard (dcpromo.exe) link.

打开服务器管理器，展开“角色”，然后单击“ Active Directory域服务”。 在右侧，单击“运行Active Directory域服务安装向导(dcpromo.exe)”链接。

This will kick off another wizard, this time to configure the settings for you domain, click next to continue.

这将启动另一个向导，这次将为您的域配置设置，单击“下一步”继续。

The message that is shown now relates to older clients that do not support the new cryptographic algorithms supported by Server 2008 R2, these are used by default in Server 2008 R2, click next to move on.

现在显示的消息与不支持Server 2008 R2支持的新加密算法的旧客户端有关，这些默认在Server 2008 R2中使用，单击下一步继续。

Choose to create a new domain in a new forest.

选择在新林中创建一个新域。

Now you can name your domain, we will be using a .local domain the reason why will be explained in an upcoming article.

现在您可以命名您的域名了，我们将使用.local域名，其原因将在以后的文章中进行解释。

Since this is the first DC in our domain we can change our forest functional level to Server 2008 R2.

由于这是我们域中的第一个DC，因此我们可以将林功能级别更改为Server 2008 R2。

We want to include DNS in our installation as this will allow us to have an AD Integrated DNS Zone, when you click next you will be prompted with a message just click yes to continue.

我们希望在安装中包括DNS，因为这将使我们拥有一个AD集成DNS区域，当您单击下一步时，将提示您一条消息，只需单击“是”即可继续。

You will need to choose a place to store log files, it is a best practice to store the database and SYSVOL folder on one drive and the log files on a separate drive, but since this is in a lab environment I will just leave them all on the same drive.

您将需要选择一个存储日志文件的位置，最佳做法是将数据库和SYSVOL文件夹存储在一个驱动器上，而日志文件存储在单独的驱动器上，但是由于这是在实验室环境中，因此我将它们全部保留在同一驱动器上。

Choose a STRONG Active Directory Restore Mode Password and click next twice to kick off the configuration.

选择一个强Active Directory还原模式密码，然后单击下一步两次以启动配置。

You will be able to see what components are being installed by looking in the following box.

通过查看以下框，您将能够看到正在安装什么组件。

When its done you will be notified and required to reboot your PC.

完成后，系统将通知您并要求您重新启动PC。

That’s all  there is to it guys, now you have a working installation of Active Directory.

伙计们就这些了，现在您已经可以正常安装Active Directory。

翻译自: https://www.howtogeek.com/99323/installing-active-directory-on-server-2008-r2/