home » Thing » Installation ad. What is Active Directory and how to install and configure the database

Installation ad. What is Active Directory and how to install and configure the database



Humanity has never reached Mars, a cure for all diseases has not yet been invented, cars do not fly, but, nevertheless, there are areas in which people have reached unprecedented heights. The computing power of computers is one of them. First, let's figure out what is the key parameter when assessing this characteristic of supercomputers. Flops is a value that shows the number of floating point operations that a computer can perform per second. Based on this indicator, our rating of the most powerful computers in the world, according to 2019 data, was compiled.

The ranking was presented at the International Supercomputing Conference; the top 500 supercomputers were compiled by mathematicians from Lawrence National Laboratory and Tennessee State University.

10 Trinity – 8.1 Pflop/sec performance

This supercomputer guards US military security by maintaining the effectiveness of the nation's nuclear arsenal. Given this, you might think that this device is incredibly expensive, however, starting in 2015, new, more powerful supercomputers began to supplant it. Trinity runs on the Cray XC40 system, its performance is 8.1 Pflop/sec.

9 Mira – 8.6 Pflop/sec

Mira is another brilliant product from Cray. It is worth noting that the project of this supercomputer was developed by order of the United States Department of Energy. The main area of ​​application for Mira is government industrial and research projects. The computing power of this computer is 8.6 petaflops per second.

8 K Computer – 10.5 Pflop/sec

The peculiarity of this supercomputer lies in its name, which comes from the Japanese word “kei” and means 10 quadrillion. The productive power of K Computer rests approximately on this figure – 10.5 petaflops. The specificity of this technique also lies in the fact that the system uses water cooling, which can significantly reduce energy consumption and reduce the speed of assembly.

7 Oakforest-Pacs – 13.6 Pflop/sec

The Japanese company Fujitsu, which also developed the K Computer mentioned earlier, has created a new generation supercomputer (Knights Landing generation). The project was commissioned by the Tokyo and Tsukuba universities. Despite the fact that it was originally planned to equip the computer with 900 TB of memory and a performance of 25 quadrillion operations, its computing power is 13.6 petaflops/s.

6 Cori – 14 Pflop/sec

Until 2019, Cori occupied a solid 5th position in the world ranking of the most powerful computers, but in the context of rapidly developing technological progress, it still lost one ranking “line” to the latest supercomputers. It is located at the Lawrence Berkeley National Laboratory in the USA. Cori has already made a unique contribution to the development of science: with its help, Swiss scientists were able to simulate a 45-qubit quantum computing system. 14 petaflops is the productive capacity of this “super machine”.

5 Sequoia – 17.2 Petaflops

Many experts call Sequoia the fastest supercomputer in the world, and for good reason: its arithmetic performance is equal to the speed of 6.7 billion people who would perform an identical task using calculators for 320 years. Sequoia is also distinguished by its size: the computer occupies an area of ​​390 square meters and consists of 96 racks. 17.2 petaflops is its performance, which is equal to almost sixteen thousand trillion operations.

4 Titan – 17.6 Pflop/sec

In addition to being one of the fastest computers in the world, Titan is also considered one of the most energy efficient, with a rating of 2142.77 megaflops per watt of power consumption. The secret to saving energy is using Nvidia accelerators, which provide up to 90% of the total computing power, which, by the way, is 17.6 petaflops. Thanks to them, Titan has noticeably reduced its dimensions - now only 404 square meters are enough to accommodate it.

3 Piz Daint – 19.6 Petaflops

The Piz Daint supercomputer project was launched back in 2013, in the Swiss city of Lugano. It is located there - in the Swiss National Supercomputing Center. Piz Daint has collected almost all the positive characteristics of the above-mentioned analogues, including energy efficiency and high speed, in addition to compactness: the device consists of 28 large racks. Its computing power is 19.6 petaflops.

2 Tianhe-2 – 33.9 Petaflops

Until June 2016, the supercomputer with the romantic name “Milky Way” (translated from Chinese) topped the top 500 most powerful computers in the world. Its power provides a speed of 2507 trillion operations per second, which is equal to 33.9 petaflops. Tianhe-2 found its “vocation” in the field of construction: when calculating buildings and laying roads. It's worth noting that since the beginning of 2013, when Milky Way was released, it has not left the top position in the ratings, which is a truly powerful indicator.

1 Sunway TaihuLight – 93 Petaflops

Inside this computer there are 40,960 powerful processors, which explains its size: Sunway itself occupies an area of ​​​​about 1000 square meters. In 2016, at an international conference in Germany, it was recognized as the fastest of its kind. Today, Sunway TaihuLight is the first in the ranking and the only one in the top 10 supercomputers capable of generating speeds of 93 petaflops.




If we consider technological progress in terms of its impact on people, society as a whole and the environment, it is obvious that it has global shortcomings. Today we have access to a great variety of computers, various devices and robots. But the highest goal is to find worthy use for the great inventions of mankind and direct their use for the benefit of our common future, without turning them into meaningless toys.

Windows Server 2016 comes with some pretty cool new features like temporary AD group membership, Privileged Access Management, etc. I will try to describe them in more detail in the following articles. In this article, I will show you how to install an Active Directory domain in Windows Server 2016. To install AD, the server must meet the following minimum requirements:

CPU:

  • 64-bit processor with a frequency of at least 1.4 GHz
  • support NX, DEP, CMPXCHG16b, LAHF/SAHF, PrefetchW, Second Level Address Translation (EPT or NPT)

Memory

  • at least 512 MB (for Server Core and Nano editions), 2 GB for the Windows Server version with GUI
  • support for ECC (Error Correcting Code) or analogues

Disk controller and space requirements:

The disk controller for installing Windows Server 2016 must be compatible with the PCI Express specification. Windows Server 2016 does not allow the use of ATA/PATA/IDE/EIDE drives for boot, page file storage, or data drives

Minimum partition size per system: 32 GB

Network adapter:

  • Ethernet network adapter with a bandwidth of at least 1 Gb/s
  • PCI Express architecture compatible
  • PXE support (-boot Execution Environment)
  • Support for network debugging (KDNet) is desirable (but not required)

In this example, I am using a virtual machine running on a VMWare ESXi server with Windows Server 2016 installed on it.

1) Log in to the server as local administrators. In addition to the role, a service will also be installed on the server DNS. Let's change the network interface settings by specifying the server's own IP address or the address 127.0.0.1 as the primary DNS server.

2) Then open Server Manager by clicking on the corresponding icon or by running the command in the PowerShell console.

3) In the Server Manager window, click

4) In the Add Roles and Features Wizard window, click Next.

5) In the next window, click Next

6) Because installation is performed on a local server, in the next window leave the switch in its original position and click Next

7) In the next window, in the list of roles, select Active Directory Domain Services. The window that opens will display a list of associated components that must be installed along with the ADDS role. Click the button Add features, and then Next.

8) The list of components should already indicate the components required for installation. Click Next.

9) The next window provides a short description of the role AD DS. Click Next.

10) Review the list of roles and components selected for installation. To start installation, click the button Install.

11) The screen will display the current status of the installation process

12) After installation is complete, click on the link

13) Run the Active Directory Setup Wizard. In my case I am installing a new AD forest. If you are adding an additional domain controller to an existing domain, select the appropriate option. I choose the option Add a new forest and specify the FQDN domain name (test.net).

14) In the next window you need to specify the functional level of the AD domain and forest. I have selected the latest version of AD schema − Windows Server 2016. In addition, this server will act as a DNS server and be a Global Catalog. You also need to specify the administrator password to enter DSRM mode.

15) Because my server will be the first DNS server in the forest, there is no need to configure DNS delegation. So just click Next.

16) NETBIOS domain name will be left unchanged (TEST)

17) On the next screen you need to specify the path to the directories NTDS, SYSVOL And LOG. We will leave all paths as default, assuming that all folders will be stored in the system drive directory C:\Windows.

18) On the next screen you can see the list of selected settings. If everything is OK, click Next, if not, go back and make changes.

20) The domain controller installation process will start

21) After installation is complete, the server will automatically reboot. Log in to the server as a domain administrator.

22) After logging in, start a privileged powershell session and run the command. The Active Directory Administrative Center window opens. You can start managing domain resources

23) Using the following command, you can find out the current functional level of the domain and forest commands Get-ADDomain | fl Name,DomainMode and Get-ADForest | fl Name,ForestMode

Good afternoon everyone. I would like to talk about installing and configuring Windows Server 2012 R2 Essentials. This article is not a call for widespread installation of Windows or promotion of Microsoft products. I would just like to tell you about an interesting product and maybe someone will be interested in this product and find it useful in their work. I tried to write the article for an unprepared reader, so there is a minimum of terminology and a maximum of generalization of some concepts.

A little about the Essentials edition
Windows Server 2012 R2 Essentials is one of the editions of the server operating system from Microsoft. However, it has many differences from the Standard and Datacenter editions. What Essentials can do:
  1. Authorization and authentication of users on your network (Domain Controller Active Directory)
  2. File storage (file server role)
  3. Remote access to the corporate network (VPN and DirectAccess server)
  4. Remote access to file storage via a Web interface (IIS configured for this)
  5. Remote access to desktops of client machines (Remote Desktop Gateway)
  6. Backing up client machines (windows backup)
  7. Backing up the server itself (windows backup)
  8. Integration with Microsoft cloud technologies (Office 365, Azure backup, etc.)
  9. Essentials Unified Configuration Console, which will allow you to configure the features described above even for an untrained system administrator.
To summarize, the Essentials edition has most of the Windows Server roles. Some of these roles are configured, some are fully accessible, some, like Hyper-V, have serious limitations. The trade-off for all these limitations is a lower price, 25 CALs included, and centralized and easy setup. I would also like to note that the licensing process is seriously different. You can use this edition only for organizations where the number of users does not exceed 25. But again, you do not need to purchase any client licenses.
Thus, Essentials is very well suited for small organizations that would like to use most of the modern solutions for ensuring corporate network security, document storage, remote access, and possibly email systems. For those organizations that would not like to spend a lot of money both on the IT infrastructure itself and on the work of highly qualified system administrators.
Installation and initial setup
Installing this OS is a completely standard procedure. If you have ever installed Windows Vista / 7/8/8.1, then you will install Essentials without any problems. However, if you have not installed the above operating systems or any of the latest versions of server operating systems, then I recommend either trusting a professional or at least a second-year student.
The only thing I would recommend during installation, if you have one hard drive, is to split it into two partitions. Those. make sure that after installation the system has a second already formatted hard drive. Of course, this is only a recommendation; you can prepare a second disk later, but you will have to transfer some folders.
After logging into the newly installed OS for the first time, the “Set up Windows Server Essentials” wizard will launch, which will help you perform the initial setup.

In the first step, you need to set the date and time settings.

In the second step, you need to fill in the company name in English. The domain name and server name will be generated automatically in this case, although of course you can change them.

In the next step, you need to fill in the administrator name and set his password.

In the last step, you need to specify the method for updating the operating system and click configure

After this, a process will start that will make all the necessary initial settings. This will take about 30 minutes and require several reboots. During this time, the OS will have time, in particular, to install the necessary roles and configure the server as a domain controller for the new domain.

Settings
The product is very large and extensive, I would like to talk about the most basic configuration options, such as creating users, setting up remote access, creating folders, connecting clients.
All configuration takes place in the dashboard, which can be accessed from the desktop, quick launch panel and start screen.

Creating Users
When you launch this panel for the first time, you will see the installation tab, where you can perform a number of tasks to configure the server.
I'll start by adding users. Click the link to add accounts.

Select the level of access to the shared folders that have been created. At the initial stage, there is only one - the Organization. In the future, you can change access permissions both from the user properties and from the folder properties.

Your account has been created. Click close.

You can create multiple accounts in this manner. Of course, you can use the Active Directory Users and Computers interface that is familiar and familiar to you, but in this case you will have to grant access permissions manually.

Adding server folders
To add folders, there is another wizard that will help you create a folder on the disk, configure shared access for it, and grant permissions. To launch it, you need to click the corresponding link in the dashboard.

In the wizard window that opens, enter a name. You can change the location and add a description. Click next.

On the next page we indicate the required permissions. If necessary, we make it unavailable for remote access.

From the last step of this wizard, you can launch the Archiving Setup Wizard. Click close.

Setting up remote access
This is probably one of the most difficult steps in setting up Windows Server 2012R2 Essentials. Configuration also occurs using a wizard. The wizard is traditionally launched from the dashboard.

The first thing you need to configure is your router - the wizard tells you about this. You actually need to configure port forwarding on your router. To do this, the router must have a “white” IP address. It is better to configure a static IP address on the server itself. You need to redirect the following ports 80, 443, 1723, 987 to the IP address of your server. In general, the setup procedure can be performed by the wizard himself if your router supports UPnP. I did the settings manually, so I skipped this step.

After this, a new domain name setup wizard opens. Click next.

The wizard will prompt you to enter the name of the external domain or create a new one. For your own domain you will need a certificate, so we will consider here the setup option using a Microsoft domain. Select a different domain name and click next.

Let's consider the option with a Microsoft domain.

Enter the domain name and check availability, click configure.

Well, we figured out the domain name. Let's continue further.

We choose which features will be available.

We select whether remote access will be available to current users.

Well, that’s all, you can try going to wiseguy.remoteweaccess.com.

From this website it is possible to access shared folders and access to user desktops.

Connecting workstations
If we open the monitoring panel this time and go to the computer connection page, we will see only instructions for action there

Following the instructions on the client in the browser, open the page http://<Имя сервера>/connect. Click the download link.

We choose to execute.

We accept the license and wait.

Enter the username and password of the user of this computer or administrator. I entered the user account.

Reboot the server.

We choose who will use the computer.

Enter a description of the computer.

Archiving options.

Hooray! Ready.

We log into the computer under a user account.

You can work. The desktop already has all the necessary shortcuts.

Post scriptum
Of course, Windows Server 2012R2 Essentials is not a panacea. Much of it is automated, but not everything. However, for small organizations, this is a very interesting solution and should be considered. In this article, I only talked about the most basic settings of Essentials. If you would like to get to know the product a little closer, you can watch my video reports on the website Techdays.ru.

Windows Server 2012 R2 Essentials first look: www.techdays.ru/videos/7351.html - here you can carefully study the Essentials installation process.

Windows Server 2012 R2 Essentials configuration: www.techdays.ru/videos/7370.html - configuration of all features is discussed, setting up remote access for your domain is shown.

Windows Server 2012 R2 Essentials Office 365 integration: www.techdays.ru/videos/7380.html - integration with cloud office from Microsoft.

Active Directory provides systems management services. They are a much better alternative to local groups and allow you to create computer networks with efficient management and reliable data protection.

If you have not previously encountered the concept of Active Directory and do not know how such services work, this article is for you. Let's figure out what this concept means, what are the advantages of such databases and how to create and configure them for initial use.

Active Directory is a very convenient way of system management. Using Active Directory, you can effectively manage your data.

These services allow you to create a single database managed by domain controllers. If you own a business, manage an office, or generally control the activities of many people who need to be united, such a domain will be useful to you.

It includes all objects - computers, printers, faxes, user accounts, etc. The sum of domains on which data is located is called a “forest”. The Active Directory database is a domain environment where the number of objects can be up to 2 billion. Can you imagine these scales?

That is, with the help of such a “forest” or database, you can connect a large number of employees and equipment in an office, and without being tied to a location - other users can also be connected in the services, for example, from a company office in another city.

In addition, within the framework of Active Directory services, several domains are created and combined - the larger the company, the more tools are needed to control its equipment within the database.

Further, when such a network is created, one controlling domain is determined, and even with the subsequent presence of other domains, the original one still remains “parent” - that is, only it has full access to information management.

Where is this data stored, and what ensures the existence of domains? To create Active Directory, controllers are used. Usually there are two of them - if something happens to one, the information will be saved on the second controller.

Another option for using the database is if, for example, your company cooperates with another, and you have to complete a common project. In this case, unauthorized persons may need access to domain files, and here you can set up a kind of “relationship” between two different “forests”, allowing access to the required information without risking the security of the remaining data.

In general, Active Directory is a tool for creating a database within a certain structure, regardless of its size. Users and all equipment are united into one “forest”, domains are created and placed on controllers.

It is also advisable to clarify that services can only operate on devices with Windows server systems. In addition, 3-4 DNS servers are created on the controllers. They serve the main zone of the domain, and if one of them fails, other servers replace it.

After a brief overview of Active Directory for Dummies, you are naturally interested in the question - why change a local group for an entire database? Naturally, the field of possibilities here is many times wider, and in order to find out other differences between these services for system management, let’s take a closer look at their advantages.

Benefits of Active Directory

The advantages of Active Directory are:

  1. Using a single resource for authentication. In this situation, you need to add on each PC all accounts that require access to general information. The more users and equipment there are, the more difficult it is to synchronize this data between them.

And so, when using services with a database, accounts are stored in one point, and changes take effect immediately on all computers.

How it works? Each employee, coming to the office, launches the system and logs into his account. The login request will be automatically submitted to the server and authentication will take place through it.

As for a certain order in keeping records, you can always divide users into groups - “HR Department” or “Accounting”.

In this case, it is even easier to provide access to information - if you need to open a folder for employees from one department, you do this through the database. Together they gain access to the required folder with data, while for others the documents remain closed.

  1. Control over each database participant.

If in a local group each member is independent and difficult to control from another computer, then in domains you can set certain rules that comply with company policy.

As a system administrator, you can set access settings and security settings, and then apply them to each user group. Naturally, depending on the hierarchy, some groups can be given more stringent settings, while others can be given access to other files and actions in the system.

In addition, when a new person joins the company, his computer will immediately receive the necessary set of settings, which includes components for work.

  1. Versatility in software installation.

Speaking of components, using Active Directory you can assign printers, install the necessary programs for all employees at once, and set privacy settings. In general, creating a database will significantly optimize work, monitor security and unite users for maximum work efficiency.

And if a company operates a separate utility or special services, they can be synchronized with domains and simplified access to them. How? If you combine all the products used in the company, the employee will not need to enter different logins and passwords to enter each program - this information will be common.

Now that the benefits and meaning of using Active Directory become clear, let's look at the process of installing these services.

We use a database on Windows Server 2012

Installing and configuring Active Directory is not a difficult task, and is also easier than it seems at first glance.

To load services, you first need to do the following:

  1. Change the computer name: click on “Start”, open Control Panel, select “System”. Select “Change settings” and in Properties, opposite the “Computer name” line, click “Change”, enter a new value for the main PC.
  2. Reboot your PC as required.
  3. Set the network settings like this:
    • Through the control panel, open the menu with networks and sharing.
    • Adjust the adapter settings. Right-click “Properties” and open the “Network” tab.
    • In the window from the list, click on Internet protocol number 4, again click on “Properties”.
    • Enter the required settings, for example: IP address - 192.168.10.252, subnet mask - 255.255.255.0, main gateway - 192.168.10.1.
    • In the “Preferred DNS server” line, specify the address of the local server, in “Alternative...” - other DNS server addresses.
    • Save your changes and close the windows.

Set up Active Directory roles like this:

  1. Through Start, open Server Manager.
  2. From the menu, select Add Roles and Features.
  3. The wizard will launch, but you can skip the first window with a description.
  4. Check the line “Installing roles and components”, proceed further.
  5. Select your computer to install Active Directory on it.
  6. From the list, select the role that needs to be loaded - in your case it is “Active Directory Domain Services”.
  7. A small window will appear asking you to download the components required for the services - accept it.
  8. You will then be prompted to install other components - if you don’t need them, just skip this step by clicking “Next”.
  9. The setup wizard will display a window with descriptions of the services you are installing - read and move on.
  10. A list of components that we are going to install will appear - check if everything is correct, and if so, press the appropriate button.
  11. When the process is complete, close the window.
  12. That's it - the services are downloaded to your computer.

Setting up Active Directory

To configure a domain service you need to do the following:

  • Launch the setup wizard of the same name.
  • Click on the yellow pointer at the top of the window and select “Promote the server to a domain controller.”
  • Click on add a new forest and create a name for the root domain, then click Next.
  • Specify the operating modes of the “forest” and the domain - most often they coincide.
  • Create a password, but be sure to remember it. Continue further.
  • After this, you may see a warning that the domain is not delegated and a prompt to check the domain name - you can skip these steps.
  • In the next window you can change the path to the database directories - do this if they do not suit you.
  • You'll now see all the options you're about to set - check to see if you've selected them correctly and move on.
  • The application will check whether the prerequisites are met, and if there are no comments, or they are not critical, click “Install”.
  • After installation is complete, the PC will reboot on its own.

You might also be wondering how to add a user to the database. To do this, use the “Active Directory Users or Computers” menu, which you will find in the “Administration” section in the control panel, or use the database settings menu.

To add a new user, right-click on the domain name, select “Create”, then “Division”. A window will appear in front of you where you need to enter the name of the new department - it serves as a folder where you can collect users from different departments. In the same way, you will later create several more divisions and correctly place all employees.

Next, when you have created a department name, right-click on it and select “Create”, then “User”. Now all that remains is to enter the necessary data and set the access settings for the user.

When the new profile is created, click on it by selecting the context menu and open “Properties”. In the “Account” tab, remove the checkbox next to “Block...”. That's all.

The general conclusion is that Active Directory is a powerful and useful system management tool that will help unite all employee computers into one team. Using services, you can create a secure database and significantly optimize the work and synchronization of information between all users. If your company or any other place of business is connected to electronic computers and networks, you need to consolidate accounts and monitor work and confidentiality, installing an Active Directory-based database will be an excellent solution.

Good afternoon, dear readers of the blog site, today I would like to tell you in this article how to install a domain controller. Once upon a time I also began to dream of being an administrator, and at my first job I saw what AD was and realized the full power of MS :). As time went on, I grew a little professionally in my eyes and decided to make a test bench, there will be a separate article on how to do it, and the first thing I decided to try was to set up my own domain.

When you have already installed Windows Server 2008R2, updated everything, configured statics, named your computer as needed (), I will have this as a DC for example, then you can get started.

How to install active directory

Open Server Manager, this is Microsoft’s centralized and cornerstone tool for adding roles, but the same thing can be done through powershell. Click add roles

A wizard will open with help information, click next. I advise you to immediately check the box below and skip this page; I doubt that you will read it.

Select Active Directory Domain Services.

In the next window we will be introduced in detail to Active directory, click NEXT

Click install. The process is quick in just a couple of minutes.

We see that Active Directory was installed successfully

After installation, in the role manager we see an error and its text, they say, enter dcpromo.exe in start and you will be happy, so we will do so.

Open Start and write dcpromo.exe

We create a new domain in a new forest.

Let's come up with a name for our domain, I chose contoso.com for test purposes, but I would like to advise you to read the article on how to choose the right Active Directory domain name,

The new forest name will be checked for uniqueness.

We select the windows server 2003 domain operating mode, I chose this mode to show how the operating mode rises, but you choose 2008R2 right away to get all its advantages, which will be discussed later.

We also choose the forest level, Windows Server 2003, for the same reasons.

They will ask about delegation, click YES.

In the next window, we will be shown and offered the Database placement folders.

You will be asked to create and enter an Administrator password; the password must include a capital letter, a small letter and a number and be at least 6 characters.

After the reboot, we will look in the server manager what events occurred and whether there are any errors there.

Sometimes it may turn out that the network is seen not as a domain network, but as unidentified. This happens when a DNS server of the form 127.0.0.1 is specified in the IP settings. It needs to be changed to the normal type 10.10.10.1.

After which we turn off and on the interface, we will see that everything is ok and the network is defined as a domain one.

Views

Cooking cutlets with cabbage and minced meat: the most tempting recipes Instead of white cabbage - cauliflower
Cooking cutlets with cabbage and minced meat: the most tempting recipes Instead of white cabbage - cauliflower
How to fry hake in a frying pan Hake fish in batter
How to fry hake in a frying pan Hake fish in batter
Currant compote for the winter - the best recipes for a delicious vitamin drink White currant compote recipe
Currant compote for the winter - the best recipes for a delicious vitamin drink White currant compote recipe
Sea buckthorn and apple compote Is sea buckthorn compote healthy?
Sea buckthorn and apple compote Is sea buckthorn compote healthy?
Recipe: Cheese donuts - in a frying pan Donuts with cheese and herbs
Recipe: Cheese donuts - in a frying pan Donuts with cheese and herbs
White currant compote recipe for the winter White currant compote for the winter
White currant compote recipe for the winter White currant compote for the winter