Active Directory is the directory service designed and
implemented by Microsoft. Active Directory, widely known as AD, made its debut
with Windows Server 2000. From the time of its introduction, companies and
administrators are using it for some good reasons.
Active Directory provided the functionality of Identity and
Access (IDA) solution. Active Directory stores information about Users, Groups,
Computers, and other plenty of objects. In a nutshell, AD provides three major
services. Authentication, Access Control and Auditing.Domain Controller is the server that is installed with the
Active Directory Domain Service. Explained below the step by step process of
installing Active Directory on a Windows Server 2012.
What is special with Windows Server 2012 when it comes to AD
installation? AD was installed via the command dcpromo from the time it was available and we used this command even
on Windows Server 2008 R2. On Windows Server 2012, you won’t be ableto use
dcpromo to install Active Directory. What if I give the dcpromo command at Run?
I was curious like you and did typed the command at Run. Here is what you will
see if you try so.
In order to install Active Directory, you have to use Server
Manager. If you have used Windows Server 2008, you must be familiar with Server
Manager but there are considerable changes made to the Server Manager that you
see in Windows Server 2012.
Launch Server Manager by click the Server Manager Icon on
the taskbar or from the Start.
The Server Manager will popup. Active Directory Domain Services can be installed by adding the respective role. To add a new role, Click Add roles and features
Add roles and features can be accessed by clicking Manage. A drop down menu will appear and you can click Add Roles and Features.
The Add Roles and Features wizard will come up
Click Next
You will be provided with two installation types. Role-based or feature-based installation and Remote Desktop Services installation. For installing Active Directory Directory Services, choose Role-based or feature-based installation and click next.
Now choose the server listed under the Server Pool. You will see the server name and the IP address. Click Next to proceed.
Under Server Roles you will see several available roles to install. Choose Active Directory Domain Services.
On choosing the role, the required features wizard will come up. Click Add Features and proceed.
Several other features like Group policy management will also be installed along with the ADDS. Do remember, we can add/remove roles and features as and when needed. You can proceed with the default selection. Click Next.
Next is the AD DS description page where it briefly explains about Active Directory Domain Services.
Click Next
The confirmation page will be displayed where it shows all the roles and features selected.
You can see an option to Restart the destination Server automatically if required. By choosing this option you are actually agreeing to reboot the server if needed after the installation of roles. In the case of AD DS installation, a reboot is not needed soon after the role and feature installation.
Click Install to proceed. But if you have a second thought and decide to add some more feature, you can go back to previous options by clicking the Previous button.
After a few moments you should see the Installation succeeded message. However, there are instances where I met with Installation failed messages. But that's a different story.
Click Close to finish.
You may think the installation of Active Directory has been completed. Not really, but we are half the way. We just installed the Roles and Features for Active Directory Domain Services. We now need to configure it. The next few steps mentions about the configuration part.
Once you finish the role installation, launch the Server Manager. If you look closely you shall see notifications on the top right hand side.
Click on the Notifications and the details will appear as drop down.
You will see the option Promote this server to a domain controller.
Click on it and the Active Directory Domain Services Configuration Wizard will popup.
We cannot install a domain as it is but have to install a new forest and a new tree. I suppose you know why. So if you want to install a new domain, you have to choose Add a new forest. But if you are about to install an additional Domain Controller, you have to choose Add a domain controller to an existing domain and if you are installing a new domain tree to an existing forest, you can choose Add a new domain to an existing forest.
In our case we have to choose Add a new forest and you will see the below screen.
Type the desired root domain name and click Next
Here are some good articles for choosing the domain name
I am using the name testlab.com
On clicking next, you will see the Domain Controller Options where you have to input the DSRM password, Forest and Domain functional level.
If DNS is not installed or configured prior to Domain installation, you can choose the option Domain Name System (DNS) server. This will install the DNS server service which is mandatory for a domain's working.
You must know that the Forest and Domain functional level can be changed to lower levels if required.
Input the DSRM password which should be a complex one and click Next
As I have mentioned earlier DNS is a vital component for the domain and the next option is for DNS. You will see an error message which reads like A delegation for this DNS Server cannot be created because the authoritative parent zone cannot be found. Don't panic, this is perfectly fine.
Click Next to proceed.
Under Additional Options, you will see the NetBIOS name for your domain. You know the merits and de-merits of NetBIOS. If you don't, just hit some search engine and you will be flooded with articles on NetBIOS.
Moving forward the next window would be the Database, Logs and SYSVOL folder location. By default it would be pointing to C:\Windows\NTDS and C:\Windows\SYSVOL. All these folder play a very vital role and should be placed wisely. If you are not so familiar with these, you can proceed with the default options.
Next would be the review page where we can see the consolidated report of all the chosen options. Yes, you have the freedom to go back and change the settings if you wish to.
If everything is fine from your end, click Next
The wizard will now run the Prerequisites check where it will check whether the server and the settings are really up to the mark for Active Directory installation. You may be facing prerequisite check error. Go through the results and you have to rerun the check until you see All prerequisite checks passed successfully.
Click Install to start the Active Directory installation.
The installation will progress and in a few moments the AD installation will be completed.
Once the installation is finished, your machine will reboot.
You can access Active Directory User and Computers through the old dsa.msc command at Run or through the new metro UI Icon.
Voila ! Active Directory Domain Service installation is now complete.
No comments:
Post a Comment