Domain Controller is a central repository for identity management. Active Directory Domain Controller allows you to create user accounts and manage them centrally using tools like Active Directory Users and Computers. It is very easy to install domain controller in Windows Server 2012. But before you install Active Directory in Windows Server 2012, it is important to understand the pieces and concepts of domain controller. Some important terminologies of domain controller are:-
- Active Directory Domain: – A domain is a boundary where the administration is scoped. One or more domain controllers are required to create Active Directory domain. Active Directory domain is a logical grouping of client computers, users, and other objects that share a common administration. Policies such as account lockout policies are scoped per domain. Active Directory domains are recognized by names like, mustbegeek.com, contoso.local, and so on.
- Active Directory Forest: – AD forest is a collection of one or more Active Directory domains. The very first DC in a forest is called forest root domain. Schema master and domain naming master are two special roles contained in forest root domain.
- Domain Controller: – A domain controller is a server that runs AD DS server role. The domain controller stores active directory database (NTDS.DIT) and SYSVOL (System Volume) folder. NTDS.DIT is a single database file that stores identities and other information. SYSVOL contains all the template settings for GPOs. Active Directory is a central database that stores user accounts, computer accounts, organizational units, active directory domains and forests, and so on. Managing users, computers, applying policies, and many other important stuffs are done centrally from Active Directory Domain Controller.
You can install domain controller in windows server 2012 using two methods, Server Manager or Windows PowerShell cmdlets. Here, Server Manager will be used.
Install Active Directory in Windows Server 2012
We have a scenario. A start-up company called MustBeGeek is setting up it’s new office. There are 10 employees that needs access to shared files, printers and other resources in the office. So there are 10 desktop computers and one physical server with Server 2012. So, our goal is to manage these desktop computers and user accounts centrally using Server 2012. To achieve our goal, we need to install Active Directory Domain Controller in the server.
Before installing domain controller, you have to install Windows Server 2012 and configure some basic stuffs. Mostly you would,
- Change the Computer name. Here, I’ve already changed it to MBG-DC1.
- Configure static IP address. Here, I’ve given the IP address as 192.168.80.1
- Plan the domain name to be used. I will use mustbegeek.com
There are two ways to install domain controller in server 2012. You can use Server Manager or PowerShell to install the AD DC role. Here I will install AD DC using Server Manager.
Installing Domain Controller using Server Manager
Open Server Manager. On the server manager, click add roles and features option.
Click next on Before you begin window. Choose role-based or feature-based installation and click next. Select the server on server selection window and click next.
Click Active Directory Domain Services role and click add features to install additional required features. Then click next button.
Leave the default features. But if you want any other additional features to be installed, you can select. Then click next button.
Read about AD DS and click next button.
On the confirmation box, review the installation roles and features. Check restart the destination server automatically if required. Now click install button.
Finish the installation.
After finishing the installation, click the notification icon and click promote this server to a domain controller.
Now select add a new forest, since this server is the first domain controller in our network. Give the root domain name as mustbegeek.com. Then click next button.
Now choose the forest and domain functional level. I will leave the default server 2012 because I won’t be having older versions of Windows Server as additional domain controllers in the future. Since this is new DC in the forest this will be DNS and GC server as well. Enter the DSRM password and click next button.
Now click next button after seeing the DNS delegation error. This error is normal because we don’t have any DNS server yet.
Leave default for the NetBIOS name and click next button.
I will leave default for the paths. But it is important to change the directory other than C drive to store database, log files and SYSVOL.
Review the installation and click next button. You can view the script and save it or use this script to install the AD DS. You can also modify the script so that you can install AD DS in other servers which will save your time.
Now the installation will scan for prerequisites check. If you get any error, the information about the error is shown. Now click install button to finish the installation.
After finishing the installation, the server will reboot automatically.
You can now create users and computers from AD Users and computers snap in.