Promoting a Windows Server 2019 Server to Domain Controller and Creating an Active Directory Forest and Domain
In the last blog we installed the ADDS role but it still requires further configuration in order to promote the server to domain controller and create our forest and domain:
https://eyeteahero.blogspot.com/2019/05/adding-adds-active-directory-domain.html
Open Server Manager (Start > Server Manager if it is not already open) click the exclamation point icon and then click Promote this server to a domain controller
Click Add a new forest then specify the name and click next
Keep all of the options default. You typically always want to use the highest forest and domain function levels as possible as they unlock the most new features. You also will almost always make the server a global catalogue and DNS server as well. AD and DNS are very tightly integrated and unless if you have a good reason not to you should include DNS.
Specify a DSRM password. Domain controllers do not have local accounts or local admin accounts but if you boot into the server in what we would typically would consider Safe Mode but for domain controllers is DSRM you would have to log in with this password. DSRM is only used for recovery from a disaster.
Ignore this message for now and click Next
Click Next
This screen verifies where the database, group policies, and log directories are. Again unless you have a good reason to simply leave these as default and click Next
Review the settings and click Next
Confirm that all prerequisites pass and click Install
Wait for the process to complete
The computer will automatically reboot, continue waiting
You can now log into your domain
In the next blog we will be going over the basics of Active Directory user creation:
https://eyeteahero.blogspot.com/2019/05/basic-user-creation-in-active-directory.html
https://eyeteahero.blogspot.com/2019/05/adding-adds-active-directory-domain.html
Creating Your AD Forest/Domain
Open Server Manager (Start > Server Manager if it is not already open) click the exclamation point icon and then click Promote this server to a domain controller
Click Add a new forest then specify the name and click nextKeep all of the options default. You typically always want to use the highest forest and domain function levels as possible as they unlock the most new features. You also will almost always make the server a global catalogue and DNS server as well. AD and DNS are very tightly integrated and unless if you have a good reason not to you should include DNS.
Specify a DSRM password. Domain controllers do not have local accounts or local admin accounts but if you boot into the server in what we would typically would consider Safe Mode but for domain controllers is DSRM you would have to log in with this password. DSRM is only used for recovery from a disaster.
Ignore this message for now and click Next
Click Next
This screen verifies where the database, group policies, and log directories are. Again unless you have a good reason to simply leave these as default and click Next
Review the settings and click Next
Confirm that all prerequisites pass and click Install
Wait for the process to complete
The computer will automatically reboot, continue waiting
You can now log into your domain
In the next blog we will be going over the basics of Active Directory user creation:
https://eyeteahero.blogspot.com/2019/05/basic-user-creation-in-active-directory.html
