askvity

How Do I Create an Active Directory?

Published in Active Directory 5 mins read

Creating an Active Directory (AD) involves installing the Active Directory Domain Services (AD DS) role on a server and then promoting that server to a domain controller. Here's a step-by-step guide:

Prerequisites:

Before you begin, ensure you have the following:

  • A server running a supported version of Windows Server (e.g., Windows Server 2016, 2019, 2022).
  • Administrative privileges on the server.
  • A static IP address assigned to the server.
  • A unique NetBIOS name for your domain (e.g., "example" for "example.com").

Steps to Create an Active Directory:

  1. Configure a Static IP Address:

    • Open the Network and Sharing Center (Control Panel > Network and Internet > Network and Sharing Center).
    • Click on your Ethernet adapter.
    • Click "Properties."
    • Select "Internet Protocol Version 4 (TCP/IPv4)" and click "Properties."
    • Select "Use the following IP address:" and enter:
      • IP address: A static IP address (e.g., 192.168.1.10). Choose an address outside of your DHCP scope to avoid conflicts.
      • Subnet mask: Typically 255.255.255.0.
      • Default gateway: Your router's IP address (e.g., 192.168.1.1).
      • Preferred DNS server: The same static IP address you assigned to the server (e.g., 192.168.1.10). This is critical because the server will become its own DNS server.
      • Alternate DNS server: (Optional) Another DNS server, like your router or a public DNS server (e.g., 8.8.8.8 - Google DNS).
    • Click "OK" on all windows to save the settings.

  2. Open Server Manager:

    • Server Manager should open automatically. If not, search for "Server Manager" in the Start Menu.

  3. Add Roles and Features:

    • In Server Manager, click "Add roles and features."
    • Click "Next" on the "Before You Begin" page.
    • Select "Role-based or feature-based installation" and click "Next."
    • Select your server from the server pool and click "Next."

  4. Select Active Directory Domain Services Role:

    • On the "Select server roles" page, check the box next to "Active Directory Domain Services."
    • A pop-up window will appear asking if you want to add required features. Click "Add Features."
    • Click "Next."

  5. Select Features:

    • On the "Select features" page, you can choose optional features. For a basic installation, you can leave the defaults. Click "Next."

  6. Confirmation and Installation:

    • Review the installation selections on the "Confirm installation selections" page.
    • Check the box "Restart the destination server automatically if required" (optional).
    • Click "Install."

  7. Promote the Server to a Domain Controller:

    • After the installation completes, you'll see a message saying "Configuration required. Installation succeeded on [your server name]."
    • Click the "Promote this server to a domain controller" link.

  8. Active Directory Domain Services Configuration Wizard:

    • Choose a deployment option:

      • Add a domain controller to an existing domain: Use this if you already have an existing Active Directory domain.
      • Add a new domain to an existing forest: Use this if you have an existing Active Directory forest but want to create a new domain within it.
      • Add a new forest: Use this to create a brand-new Active Directory forest. This is the most common option for the first domain controller.

    • For a new forest, enter a Root domain name: (e.g., "example.com").

    • Click "Next."

  9. Domain Controller Options:

    • Select the Forest functional level and Domain functional level. Choose the highest level supported by all domain controllers in your environment. For a new forest, this will be the highest level supported by your Windows Server version.
    • Select the services you want to configure. By default, "Domain Name System (DNS) server" and "Global Catalog (GC)" are selected. Keep these checked.
    • Enter a Directory Services Restore Mode (DSRM) password. This password is used to restore Active Directory in case of a failure. Store this password in a safe place!
    • Click "Next."

  10. DNS Options:

    • You may receive a warning about DNS delegation. Since this is the first domain controller, you can ignore it. Click "Next."

  11. Additional Options:

    • Verify the NetBIOS domain name. This is the short name used to identify your domain (e.g., "EXAMPLE"). It will likely be automatically populated based on your root domain name. Click "Next."

  12. Paths:

    • Specify the location for the Active Directory database, log files, and SYSVOL folder. The defaults are usually fine. Click "Next."

  13. Review Options:

    • Review your selections. You can click "View Script" to generate a PowerShell script to automate this process in the future.
    • Click "Next."

  14. Prerequisites Check:

    • The wizard will perform a prerequisites check. If all checks pass, click "Install." If any checks fail, review the errors and resolve them before proceeding.

  15. Installation and Reboot:

    • The server will install Active Directory Domain Services and then automatically reboot.

  16. Verification:

    • After the server restarts, log in using your domain administrator account (e.g., "EXAMPLE\Administrator").
    • Open Active Directory Users and Computers (dsa.msc) to verify that Active Directory is installed correctly.
    • Open DNS Manager (dnsmgmt.msc) to verify that the DNS server is configured correctly.

You have now successfully created an Active Directory domain.

Related Articles