Install Active Directory Domain Controller in Windows Server 2016

Domain Controller is a server that runs Active Directory Domain Services server role. Active Directory is a central repository that stores objects like user accounts, organizational units, groups, computers, etc. The primary role of Domain Controller is user authentication and authorization. Domain Controller server is also referred to as Active Directory server. There can be one or more Active Directory Domain Controller server in a network. Multiple Domain Controllers are installed in a network for high availability and scalability. This article shows steps to install Active Directory Domain Controller in Windows Server 2016.

Install Active Directory Domain Controller in Windows Server 2016

Before installing AD DS role, you need to setup server name, static IP address and plan for domain name that will be used for the Active Directory. In this example, AD DS server role will be installed on Windows Server 2016 with server name, MBG-DC01, static IP address of 192.168.0.30 and the domain name mustbegeek.com will be used.

Step 1. Open Server Manager. Click Manage and click Add Roles and Features as shown above.

Step 2. Add Roles and Features wizard will open as shown above. Click Next on the Before You Begin page.

Step 3. Choose Role-based or feature-based installation option for installation type. Click Next.

Step 4. Under Server Selection page, choose the server where AD DS role will be installed and click Next. Here, only one server is shown as this is the first domain controller in the network and it shows itself.

Step 5. In Server Roles page as shown above, check Active Directory Domain Services. When you check this role, it will ask for confirmation to installation additional features that are required for this role. Click Add Features.

Step 6. Click Next after verifying Active Directory Domain Services role is checked.

Step 7. On the Features page, additional features like Group Policy Management and Remote Server Administration Tools are already selected. Click Next.

Step 8. Click Next on Active Directory Domain Services page introduction above.

Step 9. Click Install on Confirmation page to start the installation of AD DS role.

Step 10. Once the installation of role and features are complete, click Promote this server to a domain controller option.

Step 11. Active Directory Domain Services Configuration Wizard will open as shown above. Under Select the deployment operation, click Add a new forest option. And type domain name in root domain name option. This is the domain name for forest root of the Active Directory. User accounts will have user principal name of username@mustbegeek.com in this case.

Step 12. Under Domain Controller Options, DNS server is already checked and Global Catalog (GC) is checked. You can also change or lower the Forest functional level if needed. Enter the password for Directory Services Restore Mode (DSRM) and click Next.

Step 13. In DNS Options page click Next.

Step 14. In Additional Options page you have option to change the default NetBIOS name. Default is mostly fine. Click Next.

Step 15. In Paths you can specify location for Database folder, Log files folder or SYSVOL folder. Click Next.

Step 16. In Review Options page, you can review the settings for this brand new Active Directory and click Next.

Step 17. The installation will run some checks. If you get all prerequisite check passes successfully message, click Install to start Active Directory setup. The server will reboot automatically after installation.

Step 18. Once the server reboots, you will see NetBIOS Domain Name\administrator as your logon name. The local administrator account have now turned into Domain Administrator account. The server itself don’t have local administrator account anymore. AD DS installation is complete at this step.

Now you can open Active Directory Users and Computers, go to Domain Controllers OU and you will see the server as shown above.

You can also open PowerShell and run Get-ADDomainController to see more detail of this Domain Controller as shown above.

The following two tabs change content below.
Bipin is a freelance Network and System Engineer with expertise on Cisco, Juniper, Microsoft, VMware, and other technologies. You can hire him on UpWork. Bipin enjoys writing articles and tutorials related to Network technologies. Some of his certifications are, MCSE:Messaging, JNCIP-SEC, JNCIS-ENT, and others.

Latest posts by Bipin (see all)

scroll to top

The Backup Bible