This step-by-step article describes how to verify an Active
Directory installation.
After you have performed an upgrade, you can
verify the promotion of a server to a domain controller by verifying the
following items.
Default Containers
These are created automatically when the first domain is created. Open the Active
Directory Users and Computers Microsoft Management Console (MMC), and then verify that the following containers
appear here:
This holds the first domain controller and
also serves as the default container for new Windows Server domain
controllers. Open Active Directory Users and Computers, and then verify that this
organizational unit appears here.
During the promotion of a server to domain
controller, the Dcpromo.exe program determines the site that the domain
controller can become a member of. If the domain controller that is being created
is the first in a new forest, a default site named "Default-First-Site-Name" is
created and the domain controller becomes a member of this site until the
appropriate subnets and sites are configured. You can verify this item by using
Active Directory Sites and Services.
The
forest root is created when the first domain controller is installed. Verify
your computer network identification in My Computer. The
Domain Name System (DNS) suffix of your computer should match the domain name
that the domain controller belongs to. Also, make sure that your computer
registers the correct computer role. To verify this role, use the net accounts
command. The computer role should be "primary" or "backup," depending on
whether the computer is the first domain controller in the domain.
A Windows Server 2003 domain controller should have a shared system volume
located in the %Systemroot%\Sysvol\Sysvol folder. To verify this item, use the
net share command. Active Directory also creates two standard policies
during the installation process: The Default Domain policy and the Default
Domain Controllers policy (located in the %Systemroot%\Sysvol\Domain\Policies
folder). These policies are displayed as the following globally unique
identifiers (GUIDs):
{31B2F340-016D-11D2-945F-00C04FB984F9} -- representing the Default Domain policy
{6AC1786C-016F-11D2-945F-00C04fB984F9} -- representing the Default Domain Controllers policy
You must have a DNS server installed and configured for Active Directory and
the associated client software to function correctly. Microsoft recommends that
you use Microsoft version of DNS Server as
your DNS server (this is bundled with Windows Server 2003). However, this version of DNS is not required. The DNS server
that you use must support the Service Resource Record (SRV RR) Requests for
Comments (RFC) 2052, and the dynamic update protocol (RFC 2136). Use the DNS
Manager MMC snap-in to verify that the
correct zones and resource records are created for each DNS zone. Active
Directory creates its SRV RRs in the following folders:
_Msdcs/Dc/_Sites/Default-first-site-name/_Tcp
_Msdcs/Dc/_Tcp
In these locations, an SRV RR is displayed for the
following services:
Back to the top
