OCSP环境搭建--Windows Server 2016--(二)
三. 环境搭建步骤1. 服务器1环境准备配置Fixed IP:https://img-blog.csdnimg.cn/20210318201129954.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_702. 添加DNS服务器角色在服务器1上,添加域之前,使用本地管理员账户登录,先添加DNS服务器角色,以备支持后续域的DNS结构:打开“服务器管理器”,仪表板上点击“添加角色和功能”或者右上角“管理”中,选择“添加角色和功能”,在“服务器选择”中,确认选择正确的服务器,“服务器角色”中选择“DNS服务器”,没有特殊配置,都是默认下一步,直至添加完成。3. 新建域(添加域服务AD DS以及升级为域控制器AD DC)在服务器1上,添加域:https://img-blog.csdnimg.cn/20210318201905133.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/2021031820192190.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318201938216.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318201958435.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318202010139.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70下一步,直至进行安装。因为是第一个域,所以选择“建新林”,根域名设置为“test.com”。输入目录服务还原模式密码:https://img-blog.csdnimg.cn/20210318202106623.pnghttps://img-blog.csdnimg.cn/2021031820212718.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70因为是新建的第一个域,这个警告可以忽略,直接下一步,直至安装完成。升级为域控制器DC后,会提示需要重启,重启后使用域管理员用户登录。重新登录后,查看计算机属性,会看到加入了test.com域中。4. 在服务器1上添加证书服务(AD CS)https://img-blog.csdnimg.cn/20210318202253215.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70
此处的服务器名称,与之前不同的是,带了域。https://img-blog.csdnimg.cn/20210318202327323.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318202344688.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318202353644.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318202412523.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318202428512.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318202444634.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318202504225.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70点击安装,直至完成。https://img-blog.csdnimg.cn/20210318202524320.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70在服务器管理器--仪表板的右上角,旗帜图标上点击,选择“配置目标服务器上的Active Directory证书服务”:https://img-blog.csdnimg.cn/20210318202551118.pnghttps://img-blog.csdnimg.cn/20210318202611359.pnghttps://img-blog.csdnimg.cn/20210318202623817.pnghttps://img-blog.csdnimg.cn/20210318202636481.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318202654455.png可以对CA的公用名称进行设置。https://img-blog.csdnimg.cn/20210318202733638.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70https://img-blog.csdnimg.cn/20210318202740763.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0NzZG5DSG9uZ181NjY=,size_16,color_FFFFFF,t_70点击下一步,直至完成。
页:
[1]
