AD DS Architecture (Installing a Domain Controller)

As you might know, in previous versions of Windows Server, after using GUI to add the Active Directory (AD), you would use dcpromo to promote your server into a Domain Controller. However, from Windows Server 2012 dcpromo was deprecated.

To make your Windows Server 2012 a Domain Controller first we need to install the role ADDS (Active Directory Domain Services) from the server manager on Windows Server 2012. (Make sure to have all the latest security updates before installing the Role.)

It would be better if you change the server name, you can use names like DC1 or XXDC to indicate the Server is a Domain Controller. (I won’t be following this advice, but keep in mind that changing the name will help you to identify the role of the server much faster).

Note that even thou for this lab I am using Windows Server 2016 Technical Preview 4, the installations steps are the same for Windows Server 2012.

AD_2

So let’s start the installation by opening the Server Manager. (As you can see in the figure bellow the Server Manager Dashboard looks the same as the one in Server 2012).

AD_3

Now to Manage, and select Add Roles and Features.

AD_4

The Add Roles and Features Wizard will open. The page Before you begin provides you with basic information such as configuring strong passwords for the Administrator account, Network settings, static IP addresses and Windows updates. Click Next to continue.

AD_5

On the Select installation type page, select the first option Role-based or feature-based installation and click Next.

AD_6

On the Select destination server page, select the option Select a server from the server pool, select the server in which you wish to install the role and click Next.

AD_7

On the Select server role page, select Active Directory Domain Services to install AD DS.

AD_8

After you selected the role a new windows will pop-up to add other features and tools needed to install AD DS. Click on Add Features.

AD_9

With the Active Directory Domain Services role now selected click Next.

AD_10

On the Select features page, you will notice that Group Policy Management feature is selected (added on the previous pop-up windows) to be installed. Click Next.

AD_11

The Active Directory Domain Services page, gives you basic information about AD DS. To continue click Next.

AD_12

On the Confirm installation selections page, review your selections. This page provides you an option to export the configuration settings and an option to restart the server automatically if required. Click Install to continue with the installation.

AD_13

After clicking Install the selected role will be installed on the server. You can close the Installation progress page without interrupting the running tasks.

AD_14

After the Active Directory Domain Services role have been installed you will need to promote the server to a Domain Controller. Click on the link Promote this server to a domain controller.

AD_15

After clicking the link the Active Directory Domain Services Configuration Wizard will open. On the Deployment configuration page, you have three options for deployment operations.

AD_18-2

As shown in the figure above, you can 1- Add a domain controller to an existing domain, 2- Add a new child domain to an existing forest, 3- Add a new tree domain to an existing forest, 4- Add a new forest.

Let’s continue the installation by selecting Add a new forest, then write the Root domain name (contosovlab.com in my case). Then click Next.

AD_19

On the Domain Controller Options page, specify the Forest Functional Level, the Domain Functional Level, whether or not it should be a DNS Server and the Directory Services Restore Mode password. The Global Catalog option is selected by default and it cannot be deselect it (this is because least one DC needs to be a Global Catalog, and you are installing the very first DC of the AD forest therefore the GC option is selected automatically).

AD_20

On the DNS Options page, click Next. (In windows Server 2012 you will get a pop-up with a DNS delegation warning, just click OK, then click Next).

AD_21-3

On the Additional Options page, the NetBIOS name is already assigned. Click Next.

AD_22

On the Paths page, specify the location of the AD related folders and then click Next.

AD_23

On the Review Options page, you have a summary of all installation options to review. Click Next.

AD_24

If you click on View script (above figure), a NotePad windows will open with a single command line PowerShell script for dcpromo.

AD_25

On the Prerequisite Check page, all prerequisites are checked before the actual install can continue. If all prerequisite checks are passed successfully then click Install.

AD_26

After the promotion of the server to a DC finished server restart automatically. Remember to sign in to the new domain (contosovlab\AdministratorName)

Once the server is booted and you signed in to it, open the Server Manager, and click on Tools,

AD_28

You will notice that following have been installed:

AD_29

Active Directory Administrative Center
Active Directory Domains and Trusts
Active Directory Module for Windows PowerShell
Active Directory Sites and Services
Active Directory Users and Computers
ADSI Edit
DNS
Group Policy Management

Advertisements

2 thoughts on “AD DS Architecture (Installing a Domain Controller)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s