Posts Tagged ‘Active Directory’

Creating an Active Directory Domain on Windows Server 2012

I am back again at the task, which I have likely performed too many times – that of creating a new Active Directory domain (and a domain controller) to join a set of virtualized lab machines to play around with. Only difference being, this time it is on Windows Server 2012. The overall experience is much the same with some minor differences.

This article is an exceptional resource for learning how to do this. All I do here is simplify it to the bare bones linear procedure required for the mentioned purpose.

I am doing this on a Hyper-V virtual machine hosted on a Windows 8 based Virtualization Server. The VM has 512 MB of RAM allocated and Windows Server 2012 was installed and a few networking related pre-requisites tasks were checked off in readiness for this. Most importantly, the virtual machine was set up to use a virtual switch created on Hyper-V to allow communication between all VMs connected to it. A static IP was assigned to the machine.


Started with the new Server Manager dashboard and chose to "Add roles and features"


The friendly Before You Begin screen that I always skip but not by default because it gives me quick link to the Remove Roles wizard. Clicked on Next >.


On the next screen you get to choose to install the role or feature on choose to install remote desktop services (RDS) which allows you to connect to virtual or session-based remote desktops where efficient, centralized, pooling and management of resources can be made possible. To learn more about these options, refer to this TechNet Article. It is also important to note that RDS and AD DS cannot be installed on the same server.

Chose Role-based or feature-based installation and hit Next >.


The following screen gives you the ability to pick a server from the pool. Since I have not added (and in fact do not even have to add) any other servers on this pool, I chose Next > to move on with the default selection. Adding servers to the pool will require going back to the Server Manager and choosing the option Add other servers to manage.


Next step, select to install Active Directory Domain Services.


Upon selection, the wizard presents a list of additional features required to run AD DS. There is really no choice about this. If you want to install AD DS, these are required. You can arguably skip installation of management tools but really, why would you? Clicked on Add Features to move on.


The following screen is the Add Features page and a couple are pre-selected – Group Policy Management and Remote Server Administration Tools. There are other eye-catching options but we shall not lose our focus here. Clicked Next > to move on.


Some best practice guidance and pointers are presented. Important to note here is how the wizard tells you that you will be prompted to install the DNS role on the server during the process. Clicked Next > again.


The next screen presents a summary of selections made. I selected to restart the server after installation if required and said Yes on the warning screen as well. I then went ahead and clicked Install to add the role.


And done. Clicked on Close to exit the wizard.


But now we see this in Server Manager on the AD DS node. All we did was add the role. We did not configure the server as a domain controller (DC) and that’s what this is all about. Clicked on the More… link.


The below is what you are shown. The substitute to good old "dcpromo". Clicked on Promote this server to a domain…


Since there is no existing setup, I added a new forest and chose a domain name to give it. Clicked Next >.


Quick notes on the next screen:

a. Chose no backward functional level compliance.
b. Selected to install the DNS Server role
c. The first DC in a forest is automatically a global catalog and cannot be read-only (no choice here).

Provided matching restore mode passwords and hit Next >.


Since there is a no authoritative parent zone for the server, DNS delegation cannot be configured. For a localized environment, this is just fine so hit Next >.


If you do choose in the above screen to see more information, the following is what you are presented. Essentially, this domain is not discoverable from anywhere and for what I am doing, that is just fine.


After jumping across those hurdles above, you end up on this screen where you choose the NETBIOS name for the domain. Was happy with the selection, so hit Next >.


The next screen is about where the files will go. Never messed with this before. No reason to start now. Hit Next >.


The following is a review screen. You can click on View script to view the PowerShell to run the configuration. I always keep the PowerShell even if I don’t intend to run it.


Here’s the PowerShell.


I hit Next > on the wizard to continue without the script.

A prerequisite check is performed.


A couple of warnings – one we have seen before but overall, ready to move ahead. Clicked on Install.


And since installation was successful, we need a computer restart.


When back, the picture in Server Manager looks different. We have the roles added and the server is now a domain controller in the new AD forest I created.


That’s it for now. I have big plans for this server to be realized soon and will probably post my notes on it.

%d bloggers like this: