Microsoft's slogan of - 'Easy to deploy, use, and manage' - does have a ring of truth. However, it does rely on you having the knowledge and skill to make your Windows Server 2003 fulfil its potential. I must confess that even though I am familiar with the different types of server, every time I checked with the 'Configure Your Server Wizard', I found at least onefeature that I would otherwise have missed, so my mantra became - 'Give the wizard a chance'.
Roles for your Windows 2003 Server
• Domain Controller
• DNS (WINS)
• File Server
• Print Server
• Application Server
• Mail Server
• Terminal Services
• RAS - Dial-in or VPN
• Streaming Media
Certain server roles are bestcombined, for example domain controller, DNS, and DHCP, whilst other roles are better on their own server, for example I would separate email (Exchange) from Terminal Services.
Active Directory is a huge topic in itself. While DCPROMO is easy to run, planning of both the physical and the logical structure is the key to a trouble free active directory. Good news, in Server 2003you can rename the both the domain itself and the domain controller (Renaming was greyed out in Windows 2000).
Domain controllers do not have to be your most powerful machines, however they must be reliable and always available to answer logon requests. Decide which DCs will hold which FSMO (Flexible single master operations) role. By default, only the first server is a GC (Global Catalog). Having at least one GC on each site will improve any service which makes and LDAP request for Active Directory names.
[pic]Install the Replication Monitor from the Support folder of the Server CD
DNS (Domain Name System) Role
Active Directory absolutely relies on DNS, this is why you must become an expert on configuring DNS. Once DNS is setup, it runs itself thanks to the new dynamic componenthence DDNS. TCP/IP knowledge plus understanding of how DNS works is essential when troubleshooting connectivity problems.
What DNS does is enable client machines to resolve servers IP addresses. Once the client finds the server, Active Directory uses LDAP to locate services like Kerberos, Global Catalog that clients request.
Your first domain controller can be tricky to setup. To begin withplan then check the Computer Name found in the System Icon. Before you run DCPROMO make sure you have the correct Primary DNS Suffix, drill down through the More.. button.
My tactic is to do as little configuring of the forward lookup zone as possible and leave it all to the DCPROMO wizard. Once Active Directory creates the forward lookup zone, I configure Active Directory integration to toreplicate DNS records to the other servers. Then I manually create the reverse lookup zone, add PTR records and check with NSLOOKUP.
[pic]If you are troubleshooting DNS _SRV records, try stopping and starting the Netlogon service.
Make it your reflex to install DNS on domain controllers.
(All I want to say about WINS is plan to phase it out, you only need it for Windows 9x clients.)
DHCP (DynamicHost Control Protocol) Role
I used to think you needed a DHCP server on every Subnet, but now I recommend just two DHCP servers to share each scope, with a DHCP relay agent on each subnet. DHCP fits in well with DNS and domain controllers, so I would install DHCP on selected domain controllers.
Once you have installed DHCP, there is much configuration work. But before you do anything else, youmust Authorize the DHCP servers in Active Directory. I believe this authorization is a device to make you stop and think 'do I need another DHCP server?' Officially the authorization is to prevent rogue techies installing an extra DHCP server when it takes their fancy.
File Server Role
Unlike the above roles, file servers should be member servers, installing Active Directory here would be...