Microsoft KB Archive/816106

= How to Verify an Active Directory Installation in Windows Server 2003 =

Article ID: 816106

Article Last Modified on 12/3/2007

-

APPLIES TO


 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Small Business Server 2003 Standard Edition
 * Microsoft Windows Small Business Server 2003 Premium Edition

-





For a Microsoft Windows 2000 version of this article, see 298143.



IN THIS TASK
 SUMMARY 

Default Containers

 

Default Domain Controllers Organizational Unit

 

Default-First-Site-Name

 

Active Directory Database

 

Global Catalog Server

 

Root Domain

</li> 

Shared System Volume

</li> 

SRV Resource Records

</li></ul>

<div class="summary_section">

SUMMARY
This step-by-step article describes how to verify an Active Directory installation.

After you have performed an upgrade, you can verify the promotion of a server to a domain controller by verifying the following items. <ul> 

Default Containers
These are created automatically when the first domain is created. Open the Active Directory Users and Computers Microsoft Management Console (MMC), and then verify that the following containers appear here: <ul> Computers</li> Users</li> ForeignSecurityPrincipals</li></ul>

Back to the top </li> 

Default Domain Controllers Organizational Unit
This holds the first domain controller and also serves as the default container for new Windows Server domain controllers. Open Active Directory Users and Computers, and then verify that this organizational unit appears here.

Back to the top </li> 

Default-First-Site-Name
During the promotion of a server to domain controller, the Dcpromo.exe program determines the site that the domain controller can become a member of. If the domain controller that is being created is the first in a new forest, a default site named &quot;Default-First-Site-Name&quot; is created and the domain controller becomes a member of this site until the appropriate subnets and sites are configured. You can verify this item by using Active Directory Sites and Services.

Back to the top </li> 

Active Directory Database
Your Ntds.dit file is the Active Directory database. Verify that it resides in the %Systemroot%\Ntds folder.

Back to the top </li> 

Global Catalog Server
By default, the first domain controller becomes a global catalog server. To verify this item: <ol style="list-style-type: lower-alpha;"> Click Start, click Administrative Tools, and then click Active Directory Sites and Services.</li> Double-click Sites, expand Servers, and then select your domain controller.</li> Double-click the domain controller to expand the server contents.</li> Below the server, an NTDS Settings object is displayed. Right-click the object, and then click Properties.</li> On the General tab, make sure that the Global Catalog check box is selected (this is the default setting).</li></ol>

Back to the top </li> <li>

Root Domain
The forest root is created when the first domain controller is installed. Verify your computer network identification in My Computer. The Domain Name System (DNS) suffix of your computer should match the domain name that the domain controller belongs to. Also, make sure that your computer registers the correct computer role. To verify this role, use the net accounts command. The computer role should be &quot;primary&quot; or &quot;backup,&quot; depending on whether the computer is the first domain controller in the domain.

Back to the top </li> <li>

Shared System Volume
A Windows Server 2003 domain controller should have a shared system volume located in the %Systemroot%\Sysvol\Sysvol folder. To verify this item, use the net share command. Active Directory also creates two standard policies during the installation process: The Default Domain policy and the Default Domain Controllers policy (located in the %Systemroot%\Sysvol\Domain\Policies folder). These policies are displayed as the following globally unique identifiers (GUIDs):

{31B2F340-016D-11D2-945F-00C04FB984F9} -- representing the Default Domain policy

{6AC1786C-016F-11D2-945F-00C04fB984F9} -- representing the Default Domain Controllers policy

Back to the top </li> <li>

SRV Resource Records
You must have a DNS server installed and configured for Active Directory and the associated client software to function correctly. Microsoft recommends that you use Microsoft version of DNS Server as your DNS server (this is bundled with Windows Server 2003). However, this version of DNS is not required. The DNS server that you use must support the Service Resource Record (SRV RR) Requests for Comments (RFC) 2052, and the dynamic update protocol (RFC 2136). Use the DNS Manager MMC snap-in to verify that the correct zones and resource records are created for each DNS zone. Active Directory creates its SRV RRs in the following folders: <ul> <li>_Msdcs/Dc/_Sites/Default-first-site-name/_Tcp</li> <li>_Msdcs/Dc/_Tcp</li></ul>

In these locations, an SRV RR is displayed for the following services: <ul> <li>_kerberos</li> <li>_ldap</li></ul>

Back to the top </li></ul>

Keywords: kbactivedirectory kbhowtomaster kbinfo KB816106

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.