The Oracle protection described below can be enabled without changing WorkGroup, but since using domain users simplifies the setup process, this guide will use Active Directory with minimal configuration. Make sios20-bastion Active Directory Domain Server and DNS Server, and join sios20-node1 and sios20-node2 to the domain.

Configuring a bastion server

Perform this procedure as an administrator.

  1. Start PowerShell for administrators.
  1. Install Active Directory Domain Service. When executing the last command, you will be asked for the SafeModeAdministratorPassword, so enter it accordingly (ignore the multiple warnings).
    • Install necessary features
      PS > Import-Module Servermanager
      PS > Install-WindowsFeature AD-Domain-Services,GPMC -IncludeManagementTools
      PS > Add-WindowsFeature RSAT-ADDS
      
    • Install Active Directory
      PS > Import-Module ADDSDeployment
      PS > Install-ADDSForest -DomainName "sios20-ad.lk" -InstallDns:$true -CreateDnsDelegation:$false -DomainNetbiosName "sios20-ad" -DatabasePath "C:WindowsNTDS" -LogPath "C:WindowsNTDS" -SysvolPath "C:WindowsSYSVOL" -NoRebootOnCompletion:$false -Force:$true
      
  1. You will be forced to sign out and log back in via Remote Desktop, but from now on, log in as a domain user (SIOS20-AD\XXX). This time, please log in as “SIOS20-AD\Administrator” because there are still some settings left to be configured.
  1. Install DNS Server and add the information for sios20-node1 and sios20-node2 as A records.
    • Check the installation status of DNS functionality
      PS > Get-WindowsFeature DNS
      
    • If DNS functionality is not installed, install it again
      PS > Install-WindowsFeature DNS -IncludeManagementTools
      
    • Verify existence of zone sios20-ad.lk in DNS
      PS > Get-DnsServerZone
      
    • Set DNS zone sios20-ad.lk if it does not exist
      PS > Set-DnsServerPrimaryZone -Name "sios20-ad.lk"
      
    • Check the resource record for the sios20-ad.lk zone on the DNS server
      PS > Get-DnsServerResourceRecord -ZoneName sios20-ad.lk
      
    • Add resource records for cluster nodes
      PS > Add-DnsServerResourceRecordA -Name sios20-node1 -ZoneName sios20-ad.lk -IPv4Address "10.0.2.11"
      PS > Add-DnsServerResourceRecordA -Name sios20-node2 -ZoneName sios20-ad.lk -IPv4Address "10.0.2.12"
      

Configuring active and standby nodes

  1. Start PowerShell for administrators.
  1. Register 10.0.1.11 (sios20-bastion) as the preferred DNS server for the primary network adapter.
    PS > Set-DnsClientServerAddress -InterfaceAlias <primary_network_adapter_name> -ServerAddress "10.0.1.11"
    
  1. Join the sios20-ad.lk domain you created.
    PS > Add-Computer sios20-ad.lk
    
  1. When the login dialog appears, enter Administrator as the user name and the appropriate password, then restart the OS.

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment