Windows Server Active Directory Step by Step Installation for beginners

Active Directory Installation Requirements

       To install an AD we should have a server running
  • Windows Server 2008 Standard Edition OR
  • Windows Server 2008 Enterprise Edition OR
  • Windows Server 2008 Datacenter Edition

We cannot install AD on Windows server Web Edition. You can also install Active Directory on the full version of windows server 2008 as well as on server core which is a light weight version of the window server.
  • There should be an administrator account and  password on the local machine
  • The partition should be formatted with NT file system (NTFS). on this partition SYSVOL folder is stored. SYSVOL is such a shared folder in which domain controller policies such as group policies, and object GPOs and also the Login scripts and other files that are replicated domain-wide or such an information which you want to transport from one domain controller to another domain controller.
  • 200 MB Minimum space is required on the above mentioned NTFS partition for active directory database files and
  • 50 MB Minimum free space is required for the transaction log files means when the files will be transferred from one place to another then at that moment, we will require the 50 MB extra space to maintain these Log files. These files can be located on the same partition as the database files or elsewhere
  • Transmission Control Protocol/Internet Protocol should be installed and in a working condition means on a server an IP address should be configured and connected to the network
  • An Authoritative DNS server should be installed on the same server where AD is installed because without DNS AD cannot work but we can install it only without DNS but will not work. DNS server5 is such a server which performs the Name resolution such as from name to IP and IP to name and tells that what is the name of a particular computer and what is its IP. Microsoft also recommends that the server providing DNS for Active Directory should be able to support Incremental Zone Transfers and Dynamic updates means all the changes and increments that we will make on DNS then these changes or increments can easily replicate on other DNS servers and dynamic updates means if the name or IP changes for our computer then these changes can also be replicate on the DNS server.

Active Directory Installation Windows Server 2008 

  • Start the Windows Server 2008 R2
  • Make sure that the IP address, subnet mask, gateway, and DNS are configured manually
  • We can install AD either by typing dcpromo in search bar OR
  • Go to start menu, press Administrative Tools
  • select the Server Manager, a new window will open
  • Go to Roles and right-click on it and select Add Roles
  • Checkmark on Active Directory Domain Services
  • Press 2X Next and then Press Install
  • Close this wizard and launch the Active Directory Domain Services installation wizard (dcpromo.exe) This statement will be written at the final screen you can click it OR directly when we type dcpromo in search bar, at the start it will convert your server into a domain controller.
  • Write dcpromo in search bar and press Enter means you are doing promotion of your server to Domain Controller
  • A new wizard will start checkmark on Advance mode installation if you want otherwise leave as it is and Press Next and again Next
  • At this step it will ask you either you want to include it into Existing Forest or Create a New Domain in a New Forest as we do not have any domain earlier and doing the first installation so a checkmark on Create a New Domain in New Forest and Next
  • At this stage it will ask for FQDN (Fully qualified domain name), type here the domain name that you have purchased and if you did not purchase domain name then just type the name with dot in the middle but with this name it would not be accessible from Internet such as in our case we type and press Enter (After this it will check in the environment that the name entered is already present or not if not then it will select the entered name)
  • At this level it will ask about the Functional Level set whatever you want, normally it is selected which would be the least value of server means suppose we already have 3 servers such as 2000, 2003, and window server 2008 so we need to select the functional level at 2000 otherwise it cannot communicate properly if you set it on higher value at 2003 or 2008 and if select 2000 that is compulsion then the other users with 2003, and 2008 could not use the new features that comes with 2003 and 2008 and also after installation we can raise the functional level but if one time the functional level is raised the it cannot come back to the lower level. Just select the functional level at 2000 and press Next
  • At this step it will search for the DNS in the environment if it will find if present and this server has an entry in its TCP/IP then it will continue otherwise it will automatically checkmark and install the DNS Role. As AD cannot work without DNS.
  • With the option of DNS  as we can see that the Global; catalog server and Read-only Domain Controller (RODC) is being installed. Global Catalogue server works to searches for the records at the forest level. It searches for UPN names (User Principle Names). Global catalog server has a complete record of his domain controller as well as the records of the other domain controllers present in the forest and when we make the first domain controller then it automatically installed with domain controller. RODC is a new feature in server 2008 and it is first read-only database so for read-only database purposes it has been selected press Next
  • At this step the compute will force us that use the static IP address not dynamic (Automatic detection of IP) just press NO I will use the static and press Next and Yes
  • At this step it is asking about the locations of the database, log files, and SYSVOL folders change it if you want otherwise leave as it is (But it is recommended that keep all three folders on separate volumes of hard drive) 
  • At this step it is asking about the Restore mode password. It is such a mode password which will be asked when we wish to Restore our AD. It might be same as administrator password Enter password ad press Next.
  • At this step, if you want to keep you actins summary then press Export Settings and then type the name of the folder and select location then press Next and AD installation will start
  • Now the server will Restart and when it start then we can see the name of this computer which will be Engineer\Administrator Enter the password and Logon to administrator

Additional Domain Controller and Unattended Installation

Let's see how to install a second domain controller in our environment

Here the question is why we need a second domain controller? As the whole environment's data is being saved in a domain controller so its importance is also increasing and suppose it becomes fail then it will be single point of failure and all the data will be lost so we need second DC so that it provide us redundancy and if one becomes fail the second will be automatically UP Provide fault tolerance). When both will work together then it will work as a load balancing  and provide redundancy 
  • Power on the machine that you want to make the second domain controller and log in
  • Assign the static IP address and keep the DNS address that will be the IP address of first 
  • domain controller and Default Gateway whatever will be the address of the gateway on server
  •  1
  • Just make sure that they are communicating with each other properly by running the ping command
  • Type dcpromo in Search Bar and press Enter
  • A new wizard will start press  Next and go to the screen where it will ask about the Existing OR New Domain, Select the Existing and checkmark on the Add a Domain Controller to an existing Domain press Next
  • At next type the name of the domain in which you want to add a domain controller in our case type
  • Press the Set button on the same screen and type the password and press Next two times
  • Now at this step uncheck the Global catalog server as we already have in our environment
  • press Do not transfer and click Next and further steps are the same as we have followed previously.
  • Open Server Manager on Domain controller 1 Expand and click on domain controllers and here we can see that there are two domain controllers present in the list.

Post a Comment