ROAD-CA, ROAD-CA2
※가상 머신에 각각 10GB 하드디스크를 3개씩 추가한다. (추가할 때 하나씩 따로따로 추가해줘야함.)
ROAD-CA, ROAD-CA2
※powershell 실행
Install-WindowsFeature Failover-Clustering -IncludeManagementTools
restart-computer
ROAD-CA
※powershell 실행
Test-Cluster -Node road-ca,road-ca2 -Include "Storage Spaces Direct"
New-Cluster -Name FAILOVER -Node road-ca,road-ca2 -NoStorage -StaticAddress 192.168.2.100
enable-ClusterS2D
New-Volume -StoragePoolFriendlyName S2D* -FriendlyName ROAD -FileSystem NTFS -UseMaximumSize
※cluadmin.msc 실행
※powershell 실행
Stop-Service CertSvc
mkdir C:\ClusterStorage\ROAD\CertLog
copy C:\windows\system32\CertLog\* C:\ClusterStorage\ROAD\CertLog\
※regedit 실행
※certsrv.msc 실행
+
ROAD-CA2
※서버관리자 실행
ROAD-CA
※cluadmin.msc 실행
※노드를 ROAD-CA로 변경
ROAD-DC2
※adsiedit.msc 실행
ROAD-CA
※powershell 실행
mkdir C:\ClusterStorage\ROAD\Cert
ROAD-CA, ROAD-CA2
※inetmgr 실행
ROAD-CA
※powershell 실행
Add-CACrlDistributionPoint -uri C:\ClusterStorage\ROAD\Cert\ROAD-CA.crl -PublishToServer -PublishDeltaToServer
Add-CACrlDistributionPoint -Uri http://ca.road.com/Cert/ROAD-CA.crl -AddToCertificateCdp -AddToCrlIdp
Add-CAAuthorityInformationAccess -uri http://ca.road.com/Cert/ROAD-CA.crt -AddToCertificateAia
restart-service certsvc -passthru
Get-Childitem –path Cert:\localmachine\my\
※위에서 확인한 ROAD-CA 인증서의 지문을 사용
Export-Certificate -Cert Cert:\LocalMachine\My\E6980338F5E5CD55452AC253504079784E8E9878 -FilePath C:\ClusterStorage\ROAD\Cert\ROAD-CA.crt
certutil –crl
ROAD-DC
※powershell 실행
repadmin /syncall /Aed
Restart-Service dns -PassThru
※dnsmgmt.msc 실행 후, ca와 FAILOVER A레코드가 업데이트된 것을 확인하고, 진행
'OS > Windows Server' 카테고리의 다른 글
| [21전국] 2과제 7. 그룹 정책 (0) | 2021.11.10 |
|---|---|
| [21전국] 2과제 6. 웹 서버 구성 (0) | 2021.11.10 |
| [21전국] 2과제 4. 인증기관 구성 (0) | 2021.11.10 |
| [21전국] 2과제 3. RIGHT SITE 구성 (0) | 2021.11.10 |
| [21전국] 2과제 2. S2S VPN 구성 (0) | 2021.11.10 |
