How to install Active Directory on Windows Server 2008

Unlike previous version of windows, there is an additional step requires to install before we go to dcpromo to promote the server to domain controller and install active directory. This additonal step is to enable active directory domain services role on server, and after that we proceed to dcpromo

Method to add role is very simple

1) Just open Server Manage, by right clicking on “My computer” and then click on “Manager”
2) click on “roles” from left tree, then click on “Add role” at right side.

3) A new windows will open, click on “next”

4) Select Server Roles window, click to select Active Directory Domain Services, and then click Next.

5) Read the provided information if you want to, and then click Next.

6) Confirm installation by clicking on “Install”

7) Wait to complete the process

8) When it finish, click on “close”

9) Go back to Server Manager, click on the Active Directory Domain Services link, and note that there’s no information linked to it, because the DCPROMO command has not been run yet.

10) Now you can click on dcpromo link to proceed or just run dcpromo on run

HINT: If you forgot to add role and ran dcpromo, then no need to worry, command will check for role and will auto install it

DCPROMO

After we have installed active directory domain service role, we need to run dcpromo

1) Go to run, and write dcpromo and pross run

2) Active Directory Domain Services Installation Wizard will appear immediately or after a short while. Click Next.

3) Operating System Compatibility window will appear, read the provided information and click Next.

4) click on “Create a new domain in a new forest” and click Next.

5) Enter a domain name, and make very sure to select correct domain name because it will not possible to change domain on daily basis

6) Pick the right forest function level. Windows 2000 mode is the default, and it allows the addition of Windows 2000, Windows Server 2003 and Windows Server 2008 Domain Controllers to the forest you’re creating

7) Pick the right domain function level. Windows 2000 Native mode is the default, and it allows the addition of Windows 2000, Windows Server 2003 and Windows Server 2008 Domain Controllers to the domain you’re creating.

8) The wizard will perform checks to see if DNS is properly configured on the local network. In this case, no DNS server has been configured, therefore, the wizard will offer to automatically install DNS on this server.

9) You’ll probably get a warning about DNS delegation. Since no DNS has been configured yet, you can ignore the message and click Yes.

10) Next, change the paths for the AD database, log files and SYSVOL folder. For large deployments, carefully plan your DC configuration to get the maximum performance. When satisfied, click Next.

11) Enter the password for the Active Directory Recovery Mode. This password must be kept confidential, and because it stays constant while regular domain user passwords expire (based upon the password policy configured for the domain, the default is 42 days), it does not. This password should be complex and at least 7 characters long. I strongly suggest that you do NOT use the regular administrator’s password, and that you write it down and securely store it. Click Next.

12) In the Summary window review your selections, and if required, save them to an unattend answer file. When satisfied, click Next.

13) The wizard will begin creating the Active Directory domain, and when finished, you will need to press Finish and reboot your computer.

Please follow and like us:
RSS20
Follow by Email
Facebook
Twitter
About shk

shk is a DevOps engineer with more than 12 years of experience in different organizations. He enthusiastic about learning new technologies and shares his knowledge through his blogs.

Comment Policy:

Your words are your own, so be nice and helpful if you can. Please, only use your real name, not your business name or keywords. Using business name or keywords instead of your real name will lead to the comment being deleted. Anonymous commenting is not allowed either. Limit the amount of links submitted in your comment. We accept clean XHTML in comments, but don't overdo it please.

Tell us what you're thinking...

All comments are moderated.

* Denotes required field.

*

*

Previous Post:
Next Post: