This is a step-by-step guide on how to create the first domain controller in a new Windows Server 2008R2 forest. If you are going to perform a test lab of any kind, involving Windows servers, you will most certainly need an Active Directory Domain. In this lab I am using VirtualBox as virtualization software, as I feel its the easiest one to work with, when you just need a simple test lab to test something quickly.
- Software you will need to perform this exercise
» VirtualBox (or your virtualization product of choice)
» Windows Server 2008R2
1. Installation of VirtualBox and Virtual Machines
Download and install VirtualBox, the installation procedure is quite straightforward, so I’m not going to write in details about that. Then create a virtual machine, called Server01, with 1GB ram and 20GB disk.
Mount the Server 2008R2 ISO on the the virtual machine, and install Server 2008R2 Standard edition (Full Installation). Rename the computer to Server01 in Windows. Then give it the following IP address configuration,
Server01: Nic1, ip=192.168.0.10, subnetmask=255.255.255.0, DNS preferred=192.168.0.10
Install the Guest Additions for VirtualBox, and restart the server. You are now ready to promote it to a domain controller.
2. Installation of Active Directory
Microsoft recommends that you install the Active Directory Domain Services role in Server Manger first, but it really is not necessary in a test lab. Log on with the built-in Administrator account. Click on the start button, wirte dcpromo and then press enter.
2.1 When you run dcpromo, you will be told that AD DS binaries are being installed,
and then wizard for installing Active Directory will start. Click Next.
2.2 You will be shown a Message about OS compatibility. Just click Next.
2.3 Choose create a new domain in a new forest
2.4 Write a fully qualified domain name
2.5 Since this is the first domain controller, and it is running Server2008R2, you might as well set Forest Functional Level to 2008R2
2.6 Leave the options at default settings. The first DC must be writeable and a Global Catalog server
2.7 In the following message box, just click Yes
2.8 Leave the location for Database, Sysvol and Log files at default settings
2.9 Create a DSRM password
2.10 On the summary page, you can click export settings to create a text file, for use with unattended installation of AD.
Below is a sample text file, which contains the settings we have defined in the wizard. In any case, click next on the summary page
2.11 Choose reboot on completion, then sit back and wait until the logon screen shows up
3. Verify installation of Active Directory
Log on as Contoso\Administrator with the same password as you used earlier to log on as the built-in local administrator account. There are several ways to verify installation of AD. Below are a couple of the simplest ones.
Click Start →Administrative Tools → Active Directory Users And Computers. This will start the AD Users and Computers snap-in, and if you can bind to the domain controller correctly, you will see the contoso.com domain, and you will not receive any errors when expanding it to view its contents.
Next, Click Start →Administrative Tools → DNS. This will start the DNS Manager snap-in. Here check for the _msdcs.contoso.com and contoso.com forward lookup zones. Also check your new domain controller’s SRV records in the tcp folder of contoso.com.
Microsoft Technet: AD DS Installation and Removal Step-by-Step Guide