A step-by-step guide to installing Active Directory Domain Services (AD DS) on Windows Server. Learn the essential prerequisites, configuration process, and best practices for setting up your domain controller and foundational network infrastructure
Active Directory Domain Services (AD DS) is the cornerstone of any Windows-based enterprise network, providing the essential infrastructure for centralized user identity management, security policies, and resource control. This detailed guide walks you through the complete installation process on Windows Server, with specific descriptions for the visuals that should accompany each step.
The 10 Essential Steps to Deploying Your Domain Controller
Before you begin, ensure your server has a static IP address configured, as this is a prerequisite for a stable domain controller.
Phase 1: Adding the AD DS Role
Step 1: Open Server Manager
The installation process begins immediately upon logging into your Windows Server.
* Action: Locate and open the Server Manager dashboard.
* Image Description: A screenshot of the Windows Server desktop, with the Server Manager icon in the taskbar clearly highlighted.
Step 2: Launch Roles and Features Wizard
From the Server Manager dashboard, you will initiate the role installation.
* Action: Click "Manage" in the top-right, then select "Add Roles and Features." On the first page, choose “Role-based or feature-based installation” and click Next.
* Image Description: A snapshot of the "Add Roles and Features" wizard window, with the radio button for "Role-based or feature-based installation" checked.
Step 3: Select Destination Server
Specify the server where AD DS will be installed (this will be the future Domain Controller).
* Action: Select the relevant server from the server pool (typically the local server is auto-selected). Click Next.
* Image Description: A screenshot showing the "Select destination server" wizard page, with the target server selected and highlighted in the list.
Step 4: Select Active Directory Domain Services Role
This is where you designate the server’s primary role.
* Action: Under the "Select server roles" page, check the box for "Active Directory Domain Services." A prompt will appear asking to add required management features; click "Add Features."
* Image Description: A screenshot of the "Select server roles" wizard page. The "Active Directory Domain Services" checkbox is ticked, and the small pop-up dialog box titled "Add Features that are required for Active Directory Domain Services" is open and visible.
Step 5: Confirm and Install
Review your choices and start the installation process.
* Action: Review the description pages for Features and AD DS, then click "Install" on the final "Confirmation" page.
* Image Description: The Confirmation screen displaying a summary of the selected roles and features before the installation begins.
Phase 2: Promoting to Domain Controller (DC)
After the feature installation completes, the server is ready to become a Domain Controller, but it is not one yet.
Step 6: Promote the Server
The post-installation configuration is crucial for establishing the domain.
* Action: After the installation completes, a yellow warning notification symbol will appear in the Server Manager. Click on the flag icon, and then click "Promote this server to a domain controller" to launch the AD DS Configuration Wizard.
* Image Description: A close-up view of the Server Manager notification area showing the yellow warning flag and the option "Promote this server to a domain controller" highlighted.
Step 7: Deployment Configuration
You must now define the nature of your new domain structure.
* Action: In the Deployment Configuration wizard:
* Select "Add a new forest."
* Enter your desired Root Domain Name (e.g., company.local).
* Image Description: A screenshot of the "Deployment Configuration" page, clearly showing the three deployment options. "Add a new forest" is selected, and the domain name has been entered into the text field.
Step 8: Domain Controller Options
Set the functional levels and the crucial restore password.
* Action:
* Specify the Forest functional level and Domain functional level (typically set to the latest server version).
* Ensure Domain Name System (DNS) server and Global Catalog (GC) are checked.
* Set the Directory Services Restore Mode (DSRM) password and confirm it. This password is vital for recovery operations.
* Image Description: A screenshot highlighting the "Domain Controller Options" page, showing the functional levels dropdowns, the DNS and Global Catalog checkboxes, and the input fields for the DSRM password.
Step 9: Paths and Prerequisites Check
Finalizing the physical file structure and validating the setup.
* Action:
* Paths: Review the default locations for the Database, Log files, and SYSVOL folders. You can change these if necessary, then click Next.
* Prerequisite Check: Wait for the wizard to confirm all prerequisites have passed. Once the check is complete and successful, click "Install."
* Result: The installation process will begin, and the server will automatically restart upon completion.
* Image Description: A composite image or two separate screenshots: one showing the configuration wizard page where the file paths (Database, Log, SYSVOL) are set, and a second image or dialog showing a message confirming "All prerequisite checks passed successfully."
Phase 3: Verification
Step 10: Verifying the Installation
Ensure the promotion was successful and the new tools are available.
* Action: Log back into the server using the new domain administrator account credentials. Open Server Manager and navigate to Tools. Launch the Active Directory Users and Computers (ADUC) console.
* Validation: Check that your new domain is listed, and under the "Domain Controllers" container, your server is present.
* Image Description: A screenshot of the Active Directory Users and Computers (ADUC) console window. The navigation tree on the left is expanded to show the new domain name and the "Domain Controllers" container, with the server listed inside.
إرسال تعليق