Chapter 2. Directories, Controllers, and Authorities—Oh My!
Here in Chapter 2 you’re going to set up the guts of your infrastructure—the plumbing that makes it all go. By the time you’re done you’ll have:
A new Windows domain and corresponding Primary Domain Controller (PDC)
An instance of Active Directory to keep track of the users and computers in your domain
Your own root certificate authority (CA) so you can issue security certificates for certain services like email.
Ready?
Let’s go!
So Young for Such a Big Promotion!
The VPN server you set up in the last chapter won’t likely be overburdened by incoming connections most of the time. So, in an attempt at economy you’ll make it dual-purpose and have it also be the Primary Domain Controller (PDC), Active Directory Server (AD), and root certificate authority (CA).
Windows networks are collections of machines, users, and groups. The machine that keeps track of all those things is our primary Active Directory Server (AD). In earlier times, the primary AD was a different machine than the PDC. As of late, though, it’s been commonplace to make them the same machine.
For this book that’s exactly what you’re going to do.
Right now you have a brand-new machine dedicated to the purpose of being a VPN server. It’s a perfectly fine job to do, but a bit of a waste of its potential. In this section you will:
Give it a permanent name.
Promote it to be your principle AD server.
Make it the primary DNS server for your other VPC instances.
Changing the Name ...
Get Building a Windows IT Infrastructure in the Cloud now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
