The Oracle protection described below can be enabled without changing WorkGroup, but since using domain users simplifies the setup process, this guide will use Active Directory with minimal configuration. Make sios20-bastion Active Directory Domain Server and DNS Server, and join sios20-node1 and sios20-node2 to the domain.
Configuring a bastion server
Perform this procedure as an administrator.
- Start PowerShell for administrators.
- Install Active Directory Domain Service. When executing the last command, you will be asked for the SafeModeAdministratorPassword, so enter it accordingly (ignore the multiple warnings).
- Install necessary features
PS > Import-Module Servermanager PS > Install-WindowsFeature AD-Domain-Services,GPMC -IncludeManagementTools PS > Add-WindowsFeature RSAT-ADDS
- Install Active Directory
PS > Import-Module ADDSDeployment PS > Install-ADDSForest -DomainName "sios20-ad.lk" -InstallDns:$true -CreateDnsDelegation:$false -DomainNetbiosName "sios20-ad" -DatabasePath "C:WindowsNTDS" -LogPath "C:WindowsNTDS" -SysvolPath "C:WindowsSYSVOL" -NoRebootOnCompletion:$false -Force:$true
- Install necessary features
- You will be forced to sign out and log back in via Remote Desktop, but from now on, log in as a domain user (SIOS20-AD\XXX). This time, please log in as “SIOS20-AD\Administrator” because there are still some settings left to be configured.
- Install DNS Server and add the information for sios20-node1 and sios20-node2 as A records.
- Check the installation status of DNS functionality
PS > Get-WindowsFeature DNS
- If DNS functionality is not installed, install it again
PS > Install-WindowsFeature DNS -IncludeManagementTools
- Verify existence of zone sios20-ad.lk in DNS
PS > Get-DnsServerZone
- Set DNS zone sios20-ad.lk if it does not exist
PS > Set-DnsServerPrimaryZone -Name "sios20-ad.lk"
- Check the resource record for the sios20-ad.lk zone on the DNS server
PS > Get-DnsServerResourceRecord -ZoneName sios20-ad.lk
- Add resource records for cluster nodes
PS > Add-DnsServerResourceRecordA -Name sios20-node1 -ZoneName sios20-ad.lk -IPv4Address "10.0.2.11" PS > Add-DnsServerResourceRecordA -Name sios20-node2 -ZoneName sios20-ad.lk -IPv4Address "10.0.2.12"
- Check the installation status of DNS functionality
Configuring active and standby nodes
- Start PowerShell for administrators.
- Register 10.0.1.11 (sios20-bastion) as the preferred DNS server for the primary network adapter.
PS > Set-DnsClientServerAddress -InterfaceAlias <primary_network_adapter_name> -ServerAddress "10.0.1.11"
- Join the sios20-ad.lk domain you created.
PS > Add-Computer sios20-ad.lk
- When the login dialog appears, enter Administrator as the user name and the appropriate password, then restart the OS.
Post your comment on this topic.