With the rapid development of computer network technology application in Vocational colleges, it is self-evident that network services bring convenience to information-based campus, and efficient security management of data center servers is also essential. This paper mainly analyses the key technology of network migration on domain controller to prevent the serious impact of migration failure, so as to improve the efficiency of network management. Domain Controller is a server with Active Directory installed. It contains a writable copy of AD database. It participates in AD replication and controls access to network resources. Domain Controller provides AD directory service for network users and computers.
This service can store and copy directory data and manage user-domain interaction, including user’s login process, authentication and directory search. Therefore, this service is generally used to assist domain to authenticate users or devices.
Usually after network setup, it is basically There are few changes, especially when it comes to the corresponding host name or network details. However, in the actual management and operation process, we must make corresponding changes to the network settings, thermostatic element such as the entry of a new subnet.
Taking Windows Server 2008 as an example, this paper introduces the migration method of domain control server. View the owner of five master roles (FSMO) on the master server (172.16.1.10), install the support tools in the Support directory of Windows Server 2008 system CD-ROM, and then open the prompt input: netdom query FSMO to see if the five role hosts of the domain control host are on the master server or backup. On the domain control server. Transfer the domain control role to the backup domain server (172.16.1.20) and execute the following commands on the main domain server (172.16.1.
10): ntdsutil, roles, connections, and finally enter connect to server 172.16.1.20 (connect to the backup domain controller) to prompt the successful binding and exit.
The above commands will be prompted whether to transfer roles to the new server after the input is completed, and then exit after the confirmation is completed. Finally, enter 172.
16.1.20, check whether all of them are transferred to the backup server 172.
16.1.20, open the prompt input: netdom query fsmo, and check again whether the five roles of the domain controller are all above 172.16.1.20. Right-click NTDS Settings and click Properties to tick the tick before the global catalog. Then expand 172.16.1.10 and right-click NTDS Settings to remove the tick before the global catalog. Modify the IP address of the original primary domain controller to 172.16.1.20 for use as a backup domain server. The client uses intra-domain account login to test and verify whether the domain is working properly. With the rapid development of server hardware, migration may be an indispensable task for every administrator. Redundant domain controllers have been set up in the network, so it is easier to migrate a subnet, because backup domain controllers are set up in the domain.
By grabbing roles, backup domain control becomes the main domain control, and network migration can be easily carried out. Two or more subnets are migrated at the same time, which may lead to the failure of clients to find domain controllers based on previous IP addresses, and ultimately the failure of normal network services due to network interruption. From Windows Server 2000 to the latest Windows Server 2016, the whole migration process and ideas are basically similar. The following are the key technologies for successful migration of domain controller network. Firewall rules can cause unexpected trouble in complex environments. Therefore, first of all, we need to ensure that the necessary traffic between subnets can be applied to the possible communication between clients and domain controllers, and between domain controllers. Use existing sites and subnets in active directories for communication, replication, and other background operational tasks. Therefore, setting up the subnet of active directory is very important to ensure that the domain environment can run continuously and healthily. In principle, add subnets as needed and carefully review various configurations related to the domain environment. At the same time, do not remove any outgoing subnets in advance until they are indeed abandoned.
DNS recording is one of the important conditions to ensure that clients can continuously communicate smoothly with their domain controllers.
If it is a dynamic DNS, the DNS records of the domain controller will be updated when the IP address of the domain controller changes, but if it is a static record, it needs to be adjusted manually. Check any other static records associated with these hosts, including the forward and reverse DNS regions, of course. In summary, with the increasing role of informationization in the development of colleges and universities, the level of informationization has become one of the important factors restricting its development. Therefore, while the scale of the network is becoming larger and more complex, how to maintain the network more effectively and safely has become the most important issue for IT personnel to think about. Relevant managers should When we deeply explore and analyze the problems and unsafe factors in the use of active directory domain controller, it will greatly protect the information security of users.