Skip navigation
All People > SungHoon_Kim > Sung Hoon Kim's Blog > 2015 > August > 18

This is the 2nd virtual machine in my virtual enterprise.

It has the same hardware as the 1st virtual machine(AD2012R2-02).

 

OS : Windows Server 2012 R2 Standard

HDD: 40GB

RAM: 1GB

NIC: 2 (1 x "SECURE.LAB BACKEND", 1 x "VM Network")

 

Install the OS.

Install VMWare Tools.

Activate the Windows.

Manually specify the fixed IP on the "SECURE.LAB BACKEND" NIC.

 

I am setting up the following.

IP: 172.17.8.1

Subnet: 255.255.252.0

DNS: 172.17.8.2

          172.17.8.1

 

(The reason why it is pointing to DNS 172.17.8.2 as primary is because this server 172.17.8.1 does not yet have a DNS to resolve the SECURE.LAB and need to rely on 172.17.8.2 to resolve it.)

ScreenHunter_143.jpg

 

It also has the Active Directory Domain Services role installed (same as the AD2012R2-02).

 

Following is the steps to configure after the steps above has been performed.

 

 

1. Rename the host to "AD2012R2-01" and register to SECURE.LAB at the same time.

ScreenHunter_144.jpg

ScreenHunter_145.jpg

ScreenHunter_146.jpg

For some reason, I am getting the following error.

(I will cover this part later at the bottom of this article).

I clicked "OK" and continue.

ScreenHunter_147.jpg

2. Reboot the machine

3. Promote the server to a domain controller.

ScreenHunter_148.jpg

Unlike the first domain controller, what we are doing here is to add an additional domain controller to an existing domain.

ScreenHunter_149.jpg

In the above, the credential to perform this task is "AD2012R2-01\Administrator" which will not have permission to do this.

Local Administrator only has local privilege, not domain level privilege, so you will need to select a domain administrator.

ScreenHunter_150.jpg

ScreenHunter_151.jpg

ScreenHunter_152.jpg

Ignore the warning and continue.

ScreenHunter_153.jpg

Accept the default and continue. (You have the option to choose from which AD you want to replicate from, but default is alright).

ScreenHunter_154.jpg

ScreenHunter_155.jpgScreenHunter_156.jpg

 

This got stuck after I clicked on "Install".

It seems to have performed everything but did not finish.

Looking at the event log at the AD2012R2-02, it was complaining about duplicate SPN for this AD2012R2-01.

 

After doing some research, I found the following article.

https://support.microsoft.com/en-us/kb/3070083

 

MS site tells me that there is a new feature introduced in 2008 R2 to prevent duplicate SPN from registering.

It is curious why my 2 machines will have same SPN when they were installed fresh separately.

But there is a patch above so I will need to apply it on both servers and see if the issue goes away.


After you apply this patch, it will ask you to reboot.

After reboot, the AD2012R2-01 was recognized as Domain Controller.

 

This is not a pleasant experience and still not really comfortable whether this AD2012R2-01 would work well as a domain controller.

I will monitor and update this article if anything happens.ScreenHunter_157.jpg

On 14/August/2015, the team members under Yvette Essen has awarded her a trophy as a small token of appreciation for all that she does.

This is not an award from CA, it is from "us".

IMG_1052a.jpg

We have a person who has been leading our APJ Security team who we think is the best in the world.

Following is us inviting him(Samuel Yii, Support Delivery Manager) to a meeting room pretending to be a presentation for something else and it's me reading a tribute speech.

Tribute speech:

Tribute Speech for Samuel Yii
True Leader

In every successful organization, there are leaders.

Not a commander like leader who give instruction and demands absolute compliance.

But I am talking about a true leader, a person who sees your true potential and brings out the best in you.

A person who
is humble,
is honest to us,
trusts us,
unites us,
understands where we are coming from,
supports what we are trying to achieve,
inspires us,
makes us innovative,
and does not take credit for himself.

A person who we can talk what is in our mind.
A person who puts pure heart on the table instead of policies.

If we are a successful team, we cannot deny this man is a big part of it.

We've been asked many times, what makes our team so successful.
We cannot deny this man stood right behind us, on every success we had.

We have a true leader that made us an outstanding team.

It is now our turn to let him know that we are proud of him and would like to say Thank you.
We gather here today, to celebrate our true leader and offer a token of our appreciation.

This may be the very first time in CA history where an award is given from bottom up.

I introduce to you our true leader, Samuel Yii.

IMG_1024a.jpg

IMG_1025a.jpg

IMG_1028a.jpg

IMG_1030a.jpg

IMG_1035a.jpg

IMG_1037a.jpg