Installing Active Directory on Windows Server 2008R2

This is a step-by-step guide on how to create the first domain controller in a new Windows Server 2008R2 forest. If you are going to perform a test lab of any kind, involving Windows servers, you will most certainly need an Active Directory Domain. In this lab I am using VirtualBox as virtualization software, as I feel its the easiest one to work with, when you just need a simple test lab to test something quickly.

1. Installation of VirtualBox and Virtual Machines

Download and install VirtualBox, the installation procedure is quite straightforward, so I’m not going to write in details about that. Then create a virtual machine, called Server01, with 1GB ram and 20GB disk.

Mount the Server 2008R2 ISO on the the virtual machine, and install Server 2008R2 Standard edition (Full Installation). Rename the computer to Server01 in Windows. Then give it the following IP address configuration,

Install the Guest Additions for VirtualBox, and restart the server. You are now ready to promote it to a domain controller.

2. Installation of Active Directory

Microsoft recommends that you install the Active Directory Domain Services role in Server Manger first, but it really is not necessary in a test lab. Log on with the built-in Administrator account. Click on the start button, wirte dcpromo and then press enter.

2.1 When you run dcpromo, you will be told that AD DS binaries are being installed,
and then wizard for installing Active Directory will start. Click Next.
ad1ad2
2.2 You will be shown a Message about OS compatibility. Just click Next.ad3

2.3 Choose create a new domain in a new forest

ad4

2.4 Write a fully qualified domain name
ad5

2.5 Since this is the first domain controller, and it is running Server2008R2, you might as well set Forest Functional Level to 2008R2
ad6

2.6 Leave the options at default settings. The first DC must be writeable and a Global Catalog server
ad7

2.7 In the following message box, just click Yes
ad8

2.8 Leave the location for Database, Sysvol and Log files at default settings
ad9

2.9 Create a DSRM password
ad10

2.10 On the summary page, you can click export settings to create a text file, for use with unattended installation of AD.
Below is a sample text file, which contains the settings we have defined in the wizard. In any case, click next on the summary page
ad11
ad12

2.11 Choose reboot on completion, then sit back and wait until the logon screen shows up
ad13

 

3. Verify installation of Active Directory 

Log on as Contoso\Administrator with the same password as you used earlier to log on as the built-in local administrator account. There are several ways to verify installation of AD. Below are a couple of the simplest ones.

Click Start →Administrative Tools → Active Directory Users And Computers. This will start the AD Users and Computers snap-in, and if you can bind to the domain controller correctly, you will see the contoso.com domain, and you will not receive any errors when expanding it to view its contents.
ad14

Next, Click Start →Administrative Tools → DNS. This will start the DNS Manager snap-in. Here check for the _msdcs.contoso.com and contoso.com forward lookup zones. Also check your new domain controller’s SRV records in the tcp folder of contoso.com.
ad15

 

Additional Resources:
Microsoft Technet: AD DS Installation and Removal Step-by-Step Guide

2 Comments

  1. Maria

    After installing AD preferred dns server changes to 127.0.0.1, why?

    Reply
  2. Taylor

    Hi! I’ve Ƅeen following your site for a while now and finally got the courage to go ahead and give you a shout out from Humble Tx!
    Just wanted to mention keeр up the great job!

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

Captcha * Time limit is exhausted. Please reload the CAPTCHA.