Or not. I attempted to join my existing domain with this server being a member server, and received a message:

An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify that this client is configured to reach a DNS server that can resolve DNS names in the target domain.

OK…I actually know how to fix this, I think… when configuring IP addresses, I didn’t put the local address of my domain controller in as one of the DNS possibilities. Once this change was made…it worked.

So far so good. Now I’m trying to promote the Win 2008 server to a domain controller; it will be interesting to see if this works with Small Business Server as the master domain controller; I recall that one of the restrictions of SBS was that it could be the only DC.

So I can run this remote desktop. I change the permissions to allow logging in under Remote Desktop. Now I can watch this run from my main workstation, with full video support, and avoid the maddening mess on the native monitor screen.

Before actually running the upgrade wizard, there is a utility called adprep which is provided win Win2008. This version is run on the master DC (ie the SBS 2003) to upgrade the AD database to match the level of the Win2008 database. A message suggests that this upgrade takes the existing AD level 30 to AD level 40.
So, I copy the entire adprep folder from the Win2008 machine to the SBS2003 machine, then on SBS2003, I run the following commands:

adprep /forestprep

adprep /domainprep

Then in response to a message from the result of the domain prep, I run the following to update permissions on the group objects:
adprep /domainprep /gpprep

There is a nice help screen which explains this process.

Now, in on the new machine, running the AD Domain Services Installation Wizard, I will “Add a domain controller to an existing domain.”

Now I get an error: “You will not be able to install a read-only DC in this domain because adprep /rodcprep was not yet run. Do you want to continue?” Since I don’t want a RO DC here, that is fine, and I just continue.

It asks to select a site:
Defualt-First-Site-Name

It now asks if I want to install additional services; a DNS server, and a Global catalog. This dialog includes some additional stuff about a Read-Only domain controller, that is irrelevant because I don’t want to install a Read Only domain controller.

So, while I would prefer not to install the DNS server and Global catalog, since eventually I want to promote the Win2008 machine to the master domain controller, I’ll allow these two items to be installed. I hit the “next” button.

Now an error message comes up:

A delegation for this DNS Server will not be created because the authoritative parent zone cannot be found or it does not support dynamic updates. To ensure this DNS Server can be resolved as authoritative for the domain mxdesign.local, you can create a delegation to this DNS Server manually in the parent zone. Do you want to continue?

Well, OK…let’s continue.

Now it asks for locations for the database, log files and SYSVOL, suggesting that these should be on separate volumes. Ain’t gonna happen. Next.

The Directory Services Restore Mode Administrator account is different from the domain Administrator account. Assign a password for the Administrator account that will be used when this domain controller is started in Directory Services Restore Mode.

I give it my normal admin password. There is this talk about the password being the correct complexity and length, and conforming to the correct history.

So far so good, the DNS install goes ahead and completes in about two minutes. This requires a reboot, so I’m psyched to see how this will work when it comes back up.

I’ve installed a beta of Windows Server 2008 on a new partition that I carved out on my secondary workstation. Installation went fairly smoothly, but both my sound card and the onboard Intel graphics chipset are not supported, so I’m stuck with the generic VGA driver which, frankly, looks like hell. Still, since most server management will take place remotely, this shouldn’t be a show stopper.

The install creates a dual-boot menu at startup, which allows me to choose betweein Win 2008 or a “legacy windows system”…that is, my existing Windows XP workstation.

The beta is good until April 2008. After about 20 minutes, everything is copied to the hard drive, and you can start playing.

A major advantage of 2008 is that the wizards previously available on small business server have been added to 2008 to provide “accidental network managers” some additional support.

I quickly changed the default IP address obtained from the DHCP server on my router to a fixed IP4 address. I also nailed down the admin password.

Right out of the box the server doesn’t do a thing; you have to assign “roles” from the extensive list provided:

• Active Directory (several items)
• Application Server
• DHCP server
• DNS server (and is this required for AD as in previous versions?)
• Fax server (the application that apparently will never die)
• File Services (our first role)
• Network Policy and Access services (functionality provided by the previous add-on application, including VPN services and fewalling)
• Print Services (shared printers)
• Terminal Services
• IIS
• SharePoint
• Windows Deployement Services

Picking one of the roles above then allows you to pick additional functionality related to the main role.

Roles that require other roles as a prerequisite will automatically let you know.For example you can’t install Sharepoint without installing IIS and the Net Framework 3.0. Makes sense, of course.

For starters, I’ve installed print services and file services. Once the installation is complete, I received a message saying I had to restart the server.