Setting up Active Directory Domain Services (AD DS) on a Windows Server involves a two-part process: installing the role and then promoting the server to a domain controller. This can be done using either the Server Manager graphical user interface (GUI) or PowerShell.
Prerequisites
Before you begin, ensure your server meets these requirements:
- A static IP address is configured on the server's network adapter.
- The server's hostname is set to what you want, as changing it after promotion can cause issues.
- You are logged in with a local administrator account.
Method 1: Using Server Manager
This is the most common method and uses the graphical interface.
1. Install the AD DS Role:
- Open Server Manager and click on Add roles and features.
- Follow the wizard, selecting Role-based or feature-based installation.
- On the Server Roles page, check the box for Active Directory Domain Services. A new window will pop up; click Add Features to include the necessary management tools.
- Click Next through the remaining screens until you reach the Confirmation page, then click Install.
2. Promote the Server to a Domain Controller:
-
- Once the installation completes, a yellow warning icon will appear at the top of Server Manager. Click it and select Promote this server to a domain controller.
- On the Deployment Configuration page, select Add a new forest and enter the desired Root domain name (e.g., yourcompany.com).
- On the next page, specify a Directory Services Restore Mode (DSRM) password. This is a crucial password for disaster recovery.
- The wizard will automatically configure DNS and other settings. Review the options and proceed through the final steps.
- After the prerequisite checks pass, click Install. The server will automatically restart to complete the promotion.
Method 2: Using PowerShell
This method is faster and ideal for automation or scripting.
1. Install the AD DS Role:
- Open PowerShell as an administrator.
- Run the following command:
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
2. Promote the Server to a Domain Controller:
- After the role is installed, run the Install-ADDSForest cmdlet, replacing the placeholders with your information.
- Example command for a new forest:
Install-ADDSForest -DomainName "yourcompany.com" -DomainNetbiosName "YOURCOMPANY" -InstallDns:$true -LogPath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -CreateDnsDelegation:$false
- You will be prompted to enter and confirm the DSRM password. The server will reboot automatically upon completion.
Related Posts
How to configure “Licensing Mode” and “License Server to Use” on a Windows Server?
Configuring the Remote Desktop Services (RDS) licensing mode and license server on a Windows Server is a critical step for allowing more than two concurrent remote connections. The process can be done through Server Manager or Group Policy, with the steps being very similar across recent Windows Server versions (2016, 2019, 2022, and 2025). Before…
Everything you need to know about Microsoft RDS CALs
What are Microsoft RDS CALs? RDS CALs (Remote Desktop Services Client Access Licenses) are a type of license required for a user or device to connect to a Windows Server running the Remote Desktop Session Host (RDSH) role. They are legally and technically required in addition to the standard Windows Server CALs. Function: RDS CALs…
How to Remove or Delete all RDS CALs from a Windows Server?
The process for deleting all Remote Desktop Services (RDS) CALs from a Windows Server can be done through a few different methods. The most reliable method is to rebuild the license database. This process is similar across Windows Server 2016, 2019, and 2022. Warning: Deleting the license database will permanently remove all installed RDS CALs…
How to revoke Per-Device RDS CALs on a Windows Server?
Revoking per-device Remote Desktop Services (RDS) Client Access Licenses (CALs) can be a complex and often misunderstood process in a Windows Server environment. The key takeaway is that direct revocation of a single per-device CAL is not always possible or straightforward. The Challenge with Revocation You cannot directly revoke an RDS CAL that has been…