Sunday, February 5, 2012

Installing and Configuring Active Directory Domain Services in Windows Server 2008 R2

Sponsored Links

In Windows Server 2008, Active Directory is designed based on Identity and Access (IDA) technology. IDA comprises of 5 Active Directory technologies. Active Directory Domain Services (AD DS) is one of those technologies which works as a central repository of Active Directory objects across the organization, and supports authentication of resources throughout the network.

In this post, I would like to explain you step by step method of installing and configuring Active Directory Domain Services in  Windows Server 2008 R2. 

Caution: This example is intended to use in a home or test environment. Please do not execute this in a production environment because this installation makes high level administrative changes in the network.

Prerequisites for installing AD DS:

We are going to install AD DS in a new and fresh environment, where we are creating new forest and domain with a single domain controller. Make sure you go through below preparation steps:

1. A Fresh installation of Windows Server 2008 R2.
2. An NTFS partition with enough free space.
3. Network card and Network connectivity (If you are doing this exercise in VMWare Virtual machine, select Host only network)
4. IP Address configuration with Subnet Mask, Gateway, DNS Server etc. 
For This particular example, we can use below configuration:

IP Adress:
Subnet Mask:
Default Gateway: Not required
Preferred DNS Server:
Alternate DNS Server: Not required

5. DNS Server ( We can install DNS service along with AD DS and make this domain control as a DNS server as well, note the Preferred DNS server IP, it is same IP address of the Domain Controller)

6. A Windows Server 2008 R2 CD or ISO file.

Once all the prerequisite are met,  we can start with the installation of AD DS.

1. Go to RUN and type 'dcpromo'. Windows will start installing AD DS binaries. Active Directory installation snap in will be launched once the AD DS binaries are installed.


2. At the welcome window, select 'Advanced mode installation' and click next.


3. Now, you will see the Operating System compatibility page, where  it explains the improved security features of Windows Server 2008 and disability of co-existing with Windows NT domain. Click Next.

4. Deployment Configuration page is very important, which determines if we are going to install the domain controller in an existing forest or creating a new domain in a new forest. In this example we are creating a fresh environment from scratch. Hences, select 'Create a new domain in a new forest' and click Next button.

5. In this window, we have to provide fully qualified domain name for our new organization. In this example we can give Now click Next, and Windows will verify if the domain name already exist in the environment.

 6. Domain NetBIOS Name will be same as the domain name, 'TRAINING'. NetBIOS name helps earlier Windows version to identify the domain controller for authentication.

7. This option allows you to set Forest Funtional Level of the organization. Forest functional level has high significance in a complex domain environment where lowest funcitonal level ensures backward compatibility with legacy domain controllers with limited Windows Server 2008 features while highest functional level (Windows Server 2008 R2) ensures all the features of Windows Server 2008 with limited backward compatibly. In this example, we can select Windows Server 2008 R2 because we don't have any existing legacy domain controllers. Click Next.

 8. In the Additional Domain Controller Options, we should select DNS Server as there is no other DNS server already configured, and as discussed earlier, we are going to make this Domain Controller a DNS server as well. The 'Gloabal Catalog' role will already be checked because the first domain controller in the forest must be a GC. You cannot check RODC because this is a first domain controller in the forest. Only a secondary Domain Controller in the domain can be configured as RODC. Check DNS Server and click Next.

 9. You will get a warning message related to DNS configuration, stating that there is no existing DNS Server. Click Yes to continue.

10. In this window, you can decide the location of Active Directory Database, Log and SYSVOL folder location. In a production environment these files should be stored in a faster and redundant disk group. In this example, leave the default location and click Next.

 11. On the Directory Services Restore Mode Admin Password Window, provide a new password twice. This password is used for Advanced recovery option of Active Directory which can be launched through Safe Mode. Once the password is configured, click Next.

 12. In this Windows, you can see the summary of the configuration and inputs you have provided. Please review the details and click Next.

13. Now, you server will start installation of Active Directory. You can Check Reboot on Completion, because reboot is mandatory to complete the configuration.

14. Once AD DS installation completion window appears, click Finish and restart your server.

Once Server is up, you can see the domain name and log in option. A Domain Controller will not show local computer name in log in option, by confirming this, you can ensure that AD DS is successfully installed. 

To find out additional option to check successful installation of AD DS click HERE.

blog comments powered by Disqus
Related Posts Plugin for WordPress, Blogger...