How to Install Active Directory on a Windows Server?

How to Install Active Directory on a Windows Server

Setting up Active Directory Domain Services (AD DS) on a Windows Server involves a two-part process: installing the role and then promoting the server to a domain controller. This can be done using either the Server Manager graphical user interface (GUI) or PowerShell.

Prerequisites

Before you begin, ensure your server meets these requirements:

  • A static IP address is configured on the server's network adapter.
  • The server's hostname is set to what you want, as changing it after promotion can cause issues.
  • You are logged in with a local administrator account.

Method 1: Using Server Manager

This is the most common method and uses the graphical interface.

1. Install the AD DS Role:

  • Open Server Manager and click on Add roles and features.
  • Follow the wizard, selecting Role-based or feature-based installation.
  • On the Server Roles page, check the box for Active Directory Domain Services. A new window will pop up; click Add Features to include the necessary management tools.
  • Click Next through the remaining screens until you reach the Confirmation page, then click Install.

2. Promote the Server to a Domain Controller:

    • Once the installation completes, a yellow warning icon will appear at the top of Server Manager. Click it and select Promote this server to a domain controller.
    • On the Deployment Configuration page, select Add a new forest and enter the desired Root domain name (e.g., yourcompany.com).

 

  • On the next page, specify a Directory Services Restore Mode (DSRM) password. This is a crucial password for disaster recovery.
  • The wizard will automatically configure DNS and other settings. Review the options and proceed through the final steps.
  • After the prerequisite checks pass, click Install. The server will automatically restart to complete the promotion.

Method 2: Using PowerShell

This method is faster and ideal for automation or scripting.

1. Install the AD DS Role:

  • Open PowerShell as an administrator.
  • Run the following command:
    Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

2. Promote the Server to a Domain Controller:

  • After the role is installed, run the Install-ADDSForest cmdlet, replacing the placeholders with your information.
  • Example command for a new forest:
    Install-ADDSForest -DomainName "yourcompany.com" -DomainNetbiosName "YOURCOMPANY" -InstallDns:$true -LogPath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -CreateDnsDelegation:$false
  • You will be prompted to enter and confirm the DSRM password. The server will reboot automatically upon completion.