AD DS Architecture (Installing a Domain Controller)

As you might know, in previous versions of Windows Server, after using GUI to add the Active Directory (AD), you would use dcpromo to promote your server into a Domain Controller. However, from Windows Server 2012 dcpromo was deprecated.

To make your Windows Server 2012 a Domain Controller first we need to install the role ADDS (Active Directory Domain Services) from the server manager on Windows Server 2012. (Make sure to have all the latest security updates before installing the Role.)

It would be better if you change the server name, you can use names like DC1 or XXDC to indicate the Server is a Domain Controller. (I won’t be following this advice, but keep in mind that changing the name will help you to identify the role of the server much faster).

Note that even thou for this lab I am using Windows Server 2016 Technical Preview 4, the installations steps are the same for Windows Server 2012.


So let’s start the installation by opening the Server Manager. (As you can see in the figure bellow the Server Manager Dashboard looks the same as the one in Server 2012).


Now to Manage, and select Add Roles and Features.


The Add Roles and Features Wizard will open. The page Before you begin provides you with basic information such as configuring strong passwords for the Administrator account, Network settings, static IP addresses and Windows updates. Click Next to continue.


On the Select installation type page, select the first option Role-based or feature-based installation and click Next.


On the Select destination server page, select the option Select a server from the server pool, select the server in which you wish to install the role and click Next.


On the Select server role page, select Active Directory Domain Services to install AD DS.


After you selected the role a new windows will pop-up to add other features and tools needed to install AD DS. Click on Add Features.


With the Active Directory Domain Services role now selected click Next.


On the Select features page, you will notice that Group Policy Management feature is selected (added on the previous pop-up windows) to be installed. Click Next.


The Active Directory Domain Services page, gives you basic information about AD DS. To continue click Next.


On the Confirm installation selections page, review your selections. This page provides you an option to export the configuration settings and an option to restart the server automatically if required. Click Install to continue with the installation.


After clicking Install the selected role will be installed on the server. You can close the Installation progress page without interrupting the running tasks.


After the Active Directory Domain Services role have been installed you will need to promote the server to a Domain Controller. Click on the link Promote this server to a domain controller.


After clicking the link the Active Directory Domain Services Configuration Wizard will open. On the Deployment configuration page, you have three options for deployment operations.


As shown in the figure above, you can 1- Add a domain controller to an existing domain, 2- Add a new child domain to an existing forest, 3- Add a new tree domain to an existing forest, 4- Add a new forest.

Let’s continue the installation by selecting Add a new forest, then write the Root domain name ( in my case). Then click Next.


On the Domain Controller Options page, specify the Forest Functional Level, the Domain Functional Level, whether or not it should be a DNS Server and the Directory Services Restore Mode password. The Global Catalog option is selected by default and it cannot be deselect it (this is because least one DC needs to be a Global Catalog, and you are installing the very first DC of the AD forest therefore the GC option is selected automatically).


On the DNS Options page, click Next. (In windows Server 2012 you will get a pop-up with a DNS delegation warning, just click OK, then click Next).


On the Additional Options page, the NetBIOS name is already assigned. Click Next.


On the Paths page, specify the location of the AD related folders and then click Next.


On the Review Options page, you have a summary of all installation options to review. Click Next.


If you click on View script (above figure), a NotePad windows will open with a single command line PowerShell script for dcpromo.


On the Prerequisite Check page, all prerequisites are checked before the actual install can continue. If all prerequisite checks are passed successfully then click Install.


After the promotion of the server to a DC finished server restart automatically. Remember to sign in to the new domain (contosovlab\AdministratorName)

Once the server is booted and you signed in to it, open the Server Manager, and click on Tools,


You will notice that following have been installed:


Active Directory Administrative Center
Active Directory Domains and Trusts
Active Directory Module for Windows PowerShell
Active Directory Sites and Services
Active Directory Users and Computers
Group Policy Management


2 thoughts on “AD DS Architecture (Installing a Domain Controller)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s