This topic describes how to specify a Domain Name System (DNS) server of an Active Directory (AD) domain on a Windows server. This topic also describes how to join the Windows server to the AD domain. You can then mount Server Message Block (SMB) file systems to the Windows server by using the AD account.
After you join a Windows server to an AD domain, you can mount an SMB file system to the Windows server by using the AD account. You must change the DNS server that the Windows server uses to the AD domain controller. This applies if you want to use an AD account to mount an SMB file system to a Windows server that is not in an AD domain.
Step 1: Set the DNS server address
Before you join a Windows server to an AD domain, you must specify a DNS server address on which the DNS records of the AD domain controller are stored. In most cases, the AD domain controller is also the DNS server. Therefore, you must set the DNS server address to the IP address of the AD domain controller. We recommend that you use the internal IP address of the ECS instance that serves as the AD domain controller. This applies if the Windows server and the AD domain controller are both Alibaba Cloud Elastic Compute Service (ECS) instances and reside in the same virtual private cloud (VPC).
Perform the following steps to set the DNS server address (Windows Server 2012 is used in this example. ):
- Choose .
- In the View your active networks section of the Network and Sharing Center page, click Ethernet.
- On the Ethernet Status page, click Properties.
- In the This connection uses the following items section of the Ethernet Properties page, select Internet Protocol Version 4 (TCP/IPv4), and click Properties.
- On the Internet Protocol Version 4 (TCP/IPv4) Properties page, select Use the following DNS server addresses. Set the DNS server address to the IP address of the AD domain controller.
After you set the DNS server address, you can run the following command on the command
line of the Windows server:
net use z: \\nas-mount-target.nas.aliyuncs.com\myshare /user:MYDOMAIN.com\USERNAME
PASSWORD. This command mounts an SMB file system to the Windows server by using the AD account.
Step 2: Join the Windows server to the AD domain
After you set the DNS server address, perform the following steps to join the Windows server to the AD domain (Windows Server 2012 is used in this example.):
- Choose .
- In the Computer name, domain, and workgroup settings section of the System page, click Change settings.
- On the Computer Name tab of the System Properties page, click Change.
- In the OK to complete the configurations. section of the Computer Name/Domain Changes page, enter the information of the AD domain. Click
- Restart the Windows server to apply the configurations.
After the Windows server is joined to the AD domain, use the AD account to log on to the Windows server. Run the
net use z: \\nas-mount-target.nas.aliyuncs.com\mysharecommand to create a mount target by using the AD account. You do not need to include
/user:MYDOMAIN.com\USERNAMEin the command.