+- howtothings.co.uk (https://www.howtothings.co.uk)
+-- Forum: Computing (https://www.howtothings.co.uk/forumdisplay.php?fid=4)
+--- Forum: Hardware, Networking and Wireless (https://www.howtothings.co.uk/forumdisplay.php?fid=11)
+--- Thread: [Part 2] [Windows Server 2003] Creating a domain: Users and groups (/showthread.php?tid=689)
[Part 2] [Windows Server 2003] Creating a domain: Users and groups - Mark - 29-12-2010
[Part 2] Creating a domain: Users and groups
This is step two in Setting up and configuring Windows Server 2003. For these series of tutorials we are using Windows Server 2003 R2, Enterprise edition x86.
Part one: http://mcompute.co.uk/showthread.php?tid=689
In step two we are
- Creating a new Organizational Unit
- Creating a new group
- Creating a new user
- Joining the domain from a client
Background knowledge and understanding
What's Active directory? http://en.wikipedia.org/wiki/Active_directory
Active Directory stores information and settings in a central database. Basically, where all of your users and groups are stored.
Detailed information about groups, group scopes and group types: http://technet.microsoft.com/en-us/library/cc755692%28WS.10%29.aspx
Steps: Creating Users and Groups
We're going to be creating a group, adding two clients to that group then later on we will be configuring permissions.
1) Start > All Programs > Administrative tools > Active Directory Users and Computers
![[Image: 1.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/1.png)
2) Within your domain, mine being "mcompute.local" right click and create a new "Organization Unit". This is where we're storing our groups and users.
![[Image: 2.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/2.png)
In an organisation you will have multiple departments, it is wise to create groups for each department for this example i am creating a Managers group.
![[Image: 3.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/3.png)
3) Within your new Managers Organization Unit, create a new group. You can do this by right clicking then New or by clicking the icon on the task bar as shown.
![[Image: 4.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/4.png)
I named my group Managers.
Group scope: Global
Group type: Security
![[Image: 5.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/5.png)
4) Still inside your organizational unit, create a new user.
![[Image: 6.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/6.png)
![[Image: 7.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/7.png)
5) Add the user to the group.
Right click the group, then go to Properties then the members tab.
![[Image: 8.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/8.png)
We're done on the server now for a while, lets head over to a client. In my case an XP virtual machine.
Steps: How to connect to a domain from a client
1) On your client, log on locally like you would normally then go to My computer > Then right click, select Properties > Computer Name > Change
Instead of Workgroup select Domain then type your domain name in the box provided, mine was mcompute.local
If successful you'll be prompted for a username and password, put the credentials of the user that you created on the server, mine was "WoodM"
![[Image: 9.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/9.png)
Restart
*If you're having problems connecting go to the bottom of this thread.
2) After a reboot you'll be prompted with the good, old familiar "Press CTRL + ALT + DEL" screen. Type in your username and password for your account on the DC, make sure the "Log on to:" box is your domain and not local.
![[Image: 10.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/10.png)
3) We're in! Just an evidence shot below. You can see that i'm logged in as WoodM on the domain mcompute.local
![[Image: 11.png]](http://markwood.co.cc/donotdelete/%5BPart2%5DWindows-Server-2003/11.png)
Help! I can't connect
Note: It's less than ideal to do this on your LAN with other computers and your router on. I ran in to an issue with the client not picking up the DNS server, DHCP wasn't a problem though.
After trying to connect, on your client go to start > run and type this:
Code:
notepad C:\WINDOWS\debug\dcdiag.txtYou'll see something similar to below.
Quote:An error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain mcompute.local.
The error was: "No DNS servers configured for local system."
(error code 0x0000267C DNS_ERROR_NO_DNS_SERVERS)
The query was for the SRV record for _ldap._tcp.dc._msdcs.mcompute.local
For more information, click Help.
To combat this i simply set up a static IP on the client, where i entered the IP of the server as the DNS server. Now recognised.
Part 1 of the tutorial: http://mcompute.co.uk/showthread.php?tid=689
Part 3 of the tutorial: