Active Directory
Last updated
Last updated
Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is a crucial component in a Windows-based network infrastructure and provides a centralized and standardized system for managing and organizing information about network resources, such as computers, users, groups, printers, and other devices.
In this scenario, we are going to install AD on the server and then join the client to AD.
It is important to ensure that the server's name is configured and a static IP address has been set onto the server before installing Active Directory. Failure to do so will cause issues later on.
Machine Name: WinServer
IP Address: 192.168.10.1/24
DNS Server Address: 127.0.0.1 or 192.168.10.1
Note: Since the server will also be the DNS server, we will setup our DNS Server's IP Address as 127.0.0.1 (or the same static IP Address we've used to identify the server which is 192.168.10.1).
Active Directory setup process is divided into two major parts:
Install Active directory Domain Service
Promote server as Domain controller
Let’s walk through the methods of installing an active directory on Windows Server and adding domain in the new forest.
1. Login to your server using an administrator user account.
2. Open the Server Manager dashboard.
3. Click on Tools and Select Add roles and features.
Click Next to proceed.
Select Role-based or feature-based installation option and click on Next.
Since I am installing Active Directory Domain Services (AD DS) role locally I will choose “Select a server from the server pool”. Choose the server on which you want to install AD DS server role , in my case its WinServer. Click on Next.
Now select the Active Directory Domain Services role from the Server Roles page.
8. Once you click on AD DS, another window will popup explaining the additional features that are required to install Active Directory Domain Services. Click on Add Features.
Now select DNS server role and click on add features to add required additional features. Click on Next.
Click Next on Select Features console
On Active Directory Domain Services page, review the information about AD DS. Click on Next.
On DNS page, review the information about DNS server role. Click on Next.
Click on Install to start the installation process.
The installation process will take some time to complete.
After installing Active directory services, click on Promote server to a domain controller link.
Select Deployment option as per your requirement. Here I am installing the first Active directory in my network so I am selecting Add a New Forest.
Now specify your root domain name into the Root domain name field. Here I have used harchit.local.
Select forest and domain functional level. I will be setting the functional level to the highest level available which is Windows Server 2016 at the time of this writing. You’ll also need set up DSRM password here. Click on Next.
The next window it will give a warning about DNS delegation but it can be ignored. Click Next to continue.
The next window asks for the NetBIOS name for the Domain. We can keep it default and click on Next to continue.
The next window it gives us option to change file paths for AD database, log files and SYSVOL files. We can change the paths or keep them defaults. Once changes are done click on Next to continue.
The Review Options page will show you the summary of the configuration options you chose. Take your time in checking this then Click Next to continue.
A prerequisite check will be done to see if the configuration made is compatible with the system and its environment. If it shows any critical errors, those issues will need to be addressed before the installation begins. Once the test completes successfully click the Install button to begin.
The installation process will take a few minutes but once it’s complete, it will automatically reboot the server.
Once the server has rebooted, log into server using the domain administrator credentials.
You will be able to view the installed services using the Service Manager's Dashboard and the picture below shows that we have AD DS and DNS Services running.
Open Active Directory Users and Computers by clicking on Tools.
Create a user with your name in Active Directory users. Right click Users, select 'New' and then 'Users'
Fill in your user details and create a user logon name which you will be using whenever you will be logging in to the domain. Click 'Next'
Configure the password and password setting as per your requirements
Click 'Finish'
We have a Windows 10 client PC installed within the 192.168.10.0/24 network which we will be joining to our newly created domain.
Joining a client PC to your new domain will require you to have the following:
The host should be able to reach the Domain Controller
The local host's and /or domain administrator username and password
On the host machine go to Settings
Click on System
On the left pane will show us a column containing system settings, scroll down and select About.
The right pane will show us information about the host machine along with other options that we can configure. Scroll down from the right pane until you find Advanced System Settings.
After clicking Advanced system settings, the System Properties will pop-up. Simply navigate to the Computer Name tab.
Select Change to open the Computer Name/Domain Changes window.
In the Computer Name/Domain Changes window, enter the Computer name for your host machine and the domain you wish for the machine to join.
The dialog box to enter the credentials for the domain account will open. Use the 'username@domainname' to log in. For example- administrator@harchit.local.
Note: This will require you to enter a domain administrator account or the host machine's local administrator account.
Login into windows 10 with the user you have created in the previous step.
