Understanding and Installing Active Directory on Windows server
Priyanka Shyam
CCDE (Written) | CWNA | Cisco SCOR | CISCO SD-WAN | Technical Writer | Influencer | Multitasker | Considerate | Empathic | Excellent Communicator | Helpful
Recently I was working on one of the replication and for that replication of mine I had to configure AD from the scratch on my VM as the issue was specific to AD, when my customer was using SSID with the AD configuration . Though it’s a very simple and also the basic one, but I just recalled all the windows stuff which I used to do in the starting of my career. Hence though to just share the procedure for the same , it might help you guys as well.
Why we need Active Directory
?Lets say you have a 3000 computers in your network and imagine you had to create a user account for the users so for that you have to go to each computer in order to?create the user name and password if the user ever forgot their password then again you have to come back to that computer and reset the password on that computer, so obviously it’s a kind of non workable solution . This is the reason in all companies there will be domain based env a domain based env builds on this image by adding a domain controller,
We have a windows server which works as a domain controller. Now that’s always call as DC this is nothing but the windows server like 2019, 2016, 2012,2008 any windows operating system has the ability to be a domain controller.
?A DC is nothing but a server that you install this software that’s called Active directory. This will lets you to create the user account , computer accounts .You can manage everything from DC.
?Now lets see the step by step procedure of setting up the AD in windows server 2016.
?We will be doing it by installing the AD domains service role and then by promoting the server to be the first domain controller for a new forest.
Prerequisite:
?You must have an administrative privilege on server
Set up server with a static IP
Change the windows server name according to your company name standard.
?So the very first thing which I will do is to open the service manager in windows 2016 server.In the service manager I am going to open the local server and as you can my computer name is WIN-21QF04LH66 , the few basic task has been configured like my computer has the static IP address 10.106.36.35
?Now from the powershell you can see that I have logged in as the administrator .
Moving forward we need to follow the below steps:
Install the active directory domain service role
Promote the server to a Domain controller.
Now I will go back to the service manager and under manager I will click on add roles and features.
On before you begin screen certain things are there which we need to verify , like administrator account has a strong password, network settings and the most important current security updates from windows then click on next.
Here we have two options and for this installations we need to select role based or feature based installation, then click on next.
We have only one server and that is WIN-21QF04LH66 and I want to install the role on the same server, so lets select our local server then click on next.
Here we have an option to select server role and in my case it will be active directory domain services, it is also giving me a pop up box where it is asking that it also needs certain features to run the active directory properly and do you want to include yes I want to include those features as well as include management tool as well.
Under features click on next and then under AD DS next again.You can ignore the DNS server part below AD DS as I have installed DNS as well hence I am getting that option .
Next again, now I need to click on install.
After active directory installation role will get completed now we will get the option ating to promote the server as Domain Controller, lets click on the same
It will start the active directory domain service configuration wizard.
By using this wizard you can promote this server to be a domain controller. Here we have three options if you want to add domain controller to the existing domain that time you have to choose option 1, if you want to add new domain to existing forest that time choose option 2, here I a choosing option 3 as I want a new forest. Here you need to specify the name of the root domain. I am going to use mylab.local as root domain name, then click on name.
Here we have to choose the functional level of our forest as well as root domain. So forest functional level you can see it is set to by default windows server 2016 and also the domain functional level.Now we need to specify the password , after specifying the password click on next.
I have selected the mylab.local as my root domain this is the reason I am getting NetBIOS domain name as MYLAB, if you do not want NetBIOS domain as MYLAB you can change it as per your requirement . I am happy with this NetBIOS name hence I am clicking it on next.
After that we will get an option to specify the location of Active Directory database ,log files and sysvol . I am going to use the default location and that's why I am going to click on Next button.
below is the selection review information that I am going for a new domain which is mylocal and this is also the name of my new forest.
If you want to change anything then you can click on previous button and can change the setting. If you are happy with the selection you can click on next to start installation.
Once the active directory post installation configuration process completes your server will restart automatically.
Now insted of only administrator now you can see mylab administrator is there the only reason is that because now this server has promoted as domain server .
领英推荐
Now first of all I am going to open the service manager , I am going to click on tools and here we have management consoles , by using those consoles we can manager our active directory services so first of all I am going to open active directory users and computers consoles.
Here you go , here I have mylab.local and that is the name of my domain . I will right click on that and will go to properties.Here you can see my domain functional level and forest functional level is 2016.
The last thing which I need to create is the group and users under that group.
So first I will click on the user container and you can see there are already multiple default accounts which exist. .
The one with the two heads will be group and with one head will be user.
I can create a new user as well. So lets create a new user , I am going to create a new user icon and going to put user name as Priyanka kumari
Now click on next and then give password, also I will leave the option marked that user must change the passowrd at next login.
then again click on next.
Now lets say Priyaka works in Cisco (she does :) ) So I am goign to cerate a grouop called Cisco and I will move Priyanka in that group.
Now I am going to move Priyanka in that Cisco group, for that right click on user name Priyanka and choose add to group option.
I am adding Priyanka under group Cisco.
?
?
?
?
?
?
?
?
?
?
?
Senior Network Engineer at Microlink Solutions Pvt. Ltd.
3 年Excellent ??
Cybersecurity Engineer Associate
3 年Thank you for sharing