Export (0) Print
Expand All

Phase 2: Configure Domain Controllers

Updated: April 23, 2014

[This topic is pre-release documentation and is subject to change in future releases. Blank topics are included as placeholders.]

This is the second phase of deploying SharePoint with SQL Server AlwaysOn in Azure, which includes configuring the two domain controllers. You must complete this phase before moving on to Phase 3.

For the previous phase, see Phase 1: Configure Azure.

For the next phase, see Phase 3: Configure SQL Server Infrastructure.

For all of the phases of this deployment, see Deploying SharePoint with SQL Server AlwaysOn in Azure.

This deployment of SharePoint with SQL Server AlwaysOn is designed to accompany the SharePoint with SQL Server AlwaysOn Infographic and incorporate the latest recommendations.

Configuring Domain Controllers

You must now configure the domain controller and its backup.

Add Active Directory Role to the first Domain Controller

  1. Log on to one of the domain controllers VMs created in Phase 1: Configure Azure. For instructions to log on, see Connecting to a VM after its creation.

  2. In the left pane of the Server Manager click Dashboard. Then click Add Roles and Features.

  3. In the Before you begin page click the Next button.

  4. In the Select Installation type, accept the default and click the Next button.

  5. In the Select destination server page accept the default selection (Select a server from the server pool and click Next.

  6. In the Select server roles page, select Active Directory Domain Services., and then click Next.

  7. In the Add features that are required for Active Directory Domain Services dialog, click the Add features button.

  8. In the Select server roles page click the Next button.

  9. In the Select features dialog, accept the defaults, and then click Next.

  10. In the AD DS dialog, click Next.

  11. In the Confirm installation settings dialog, click Install. The installation takes several minutes, but you can close the wizard. When the process is complete, a yellow flag will appear in the upper right corner of the Server Manager Dashboard.

    Role Installed Flag on Server Manager Dashboard

Promote the VM to Domain Controller

  1. In the Server Manager application, in the upper right corner, a yellow flag alert appears next to the Manage link.

  2. Click the icon and click Promote this server to a domain controller.

  3. In the Deployment Configuration dialog, select Add a new forest.

  4. In the Root domain name box type <YourDomainName>. The name ends with the suffix .com, for example contoso.com. For an experimental installation, the domain name can be any acceptable string. The name is not validated against other (actual) domain names.

  5. In the Domain Controller Options dialog, type a password into the Password and Confirm password boxes. (The password is not used in this scenario.) Then click Next.

  6. In the DNS Options dialog click Next. A warning that "a delegation for the DNS cannot be found" appears, but it can be ignored.

  7. In the Additional Options dialog click Next.

  8. In the Paths dialog, for each of the paths, click the ellipsis to set the path. Create a new folder named NTDS on the "F" disk. Set the path for the database folder and the log files folder to the new folder. The paths should be as follows:

    • Database folder: F:\NTDS

    • Log files folder: F:\NTDS

    • SYSVOL folder: F:\Windows\SYSVOL

    Click the Next button.

  9. In the Review Options dialog, click the Next button. After about 30 seconds, a set of warnings appear that can be ignored.

    Active Directory Prequisites Checked Dialog
  10. In the Prerequisites Check dialog, click the Install button. The installation takes a few minutes and restarts the VM.

When the VM returns to the running state, it is ready for the next action, which is to add several user accounts to the domain.

Add new user accounts to the domain

  1. Connect to the virtual machine using the <YourDomainName>\<LocalAdministrator> account.

  2. Open the Server Manager. In the upper right corner, click Tools and click Active Directory Users and Computers.

  3. In the Active Directory Users and Computers dialog, expand the domain name. In the folder with the domain name (for example, Contoso.com), select the Users folder.

  4. Click the Action menu and click New, and click User.

    New Object-User dialog
  5. Use the dialog box to create four new users. The First Name and Last Name fields can be ignored. Only the Full name and User log on name fields are required. Each user requires a password. Uncheck the User must change password at next logon box. Optionally, select the Password never expires checkbox.

    • sp_farm: manages SharePoint farms.

    • sp_farm_db: user that has sysadmin rights on SQL Server instances.

    • sp_install: user that has domain administration rights needed for installing roles and features.

    • sqlservice: identity that SQL instances can run as.

    New User
  6. In the Users panel, select the sp_install user.

  7. Right-click the selected node and click Add to a group.

  8. In the Select Groups dialog, type domain admins. Then click the Check Names button to resolve the name.

  9. After the Domain Admins group is resolved, click OK to add the user to the group and close the dialog.

  10. Grant further rights to the sp_install account using the Active Directory Users and Computers dialog

    1. In the dialog, click View and click Advanced Features. The option lets you see all hidden containers and hidden tabs in the property windows for AD objects.

    2. Right-click your domain name and click Properties.

    3. In the Properties dialog, select the Security tab and click the Advanced button.

    4. In the Advanced Security settings for <YourDomainName> window, click Add.

    5. In the text box, type <YourDomainName>\sp_install and click OK.

    6. Select Allow for Read all properties and Create computer objects, then click OK three times to close the dialog box.

Creating a Backup Domain Controller

To ensure availability when changes are made, create a second VM that serves as a backup domain controller.

To create a backup Domain Controller

  1. Log onto the VM with the local administrator account that was created with the machine. Use the MachineName\username format.

  2. Initialize the empty disk that was attached to the VM.

  3. In the Server Manager dashboard, click Add Roles and Features.

  4. Use the Wizard to add the Active Directory Domain Services Role to the virtual machine.

  5. After the role has been added to the VM, click the yellow flag alert that appears next to the Manage link

  6. In the Deployment Configuration page, type in the name of your domain into the Domain dialog, for example contoso.com.

  7. Click the Change button.

    Promote a second DC
  8. In the Windows Security dialog, type the user name sp_install into the User name box using the <YourDomainName>\sp_install format. For example, contoso.com\sp_install.

    1. Click the OK button.

    2. Click the Next button.

  9. Type in the password for the user.

  10. Use the Add a domain controller to an existing domain option.

  11. Set the identity of the user to one of the Domain Admins group users. The operation must be run as a user that has domain-level privileges.

  12. In the Paths dialog, for each of the paths, click the ellipsis to set the path. Create a new folder named NTDS on the "F" disk. Set the path for the database folder and the log files folder to the new folder. The paths should be as follows:

    • Database folder: F:\NTDS

    • Log files folder: F:\NTDS

    • SYSVOL folder: F:\Windows\SYSVOL

    Click the Next button.

  13. Complete the promotion using the Wizard and accepting its defaults.

Joining a Virtual Machine to a domain

All Virtual Machines in the SharePoint with SQL Server AlwaysOn deployment must be joined to a domain. To join the VM to the domain, you must have the username and password for one of the user accounts created in Add new user accounts to the domain.

  1. Connect to the new VM using the user name and password created with the VM. For more details, see Connecting to a VM after its creation.

  2. After connecting, open the Control Panel.

  3. Click System and Security.

  4. Click System.

  5. Under Computer name, domain, and workgroup settings, click Change settings.

  6. In the System Properties dialog, in the Computer Name tab, click the Change… button.

  7. Select the Domain option, and type the name of your domain, for example contoso.com, and click OK.

  8. In the Windows Security dialog, type one of the user names created earlier in the format: username@domain.com, for example sp_install@contoso.com. Type the user's password into the Password box and click OK. The machine will be joined to the domain after restarting.

Next Steps

For the next phase of the deployment, see Phase 3: Configure SQL Server Infrastructure.

For all of the phases of this deployment, see Deploying SharePoint with SQL Server AlwaysOn in Azure.

Community Additions

ADD
Show:
© 2014 Microsoft