How to set up domain controller with Windows Server 2008

Posted byAryan NavaPosted inUncategorizedTags:

How to install Active Directory in Windows Server 2008 and make it as domain controller?  In this blog, you can see step by step instruction about how you can
Install and configure active directory and make your Windows 2008 server as domain controller.

My Privious Blog

1. How to create Windows 2008 Virtual Machine?
2. How to build Windows Server 2008 R2 Domain Controller – Part 1
3. How to build Windows Server 2008 R2 Domain Controller – Part 2 (Current Post)

1. To install Active Directory in Windows 2008 server, open run and type in dcpromo and click OK

setting_up_domain_controller_with_windows_2008_server_step_1

 

2. Running dcpromo will start installing Active Directory Domain Services binaries. Please wait and active directory domain services installation wizard will open automatically once the binaries have been installed.

active_directory_domain_services_binaries_installed_step2

 

3.  Welcome to the active directory domain services installation wizard.  This wizard helps you install active directory domain services (AD DS) on this server, making the server an Active Directory domain controller.
To continue, click next.

active_directory_domain_services_installation_wizard_step3

 

Some wizard pages in the Active Directory Domain Services Installation Wizard appear only if you select the Use advanced mode installation check box on the Welcome to the Active Directory Domain Services Installation Wizard page of the wizard.

Advanced mode installation provides experienced users with more control over the installation process, without confusing newer users with configuration options that may not be familiar. For users who do not select the Use advanced mode installation check box, the wizard uses default options that apply to most configurations.

The Use advanced mode installation option on the Welcome page of the wizard is an alternative to running dcpromo at a command prompt with the /adv switch (dcpromo /adv).

The following table lists the additional wizard pages that appear for each deployment configuration when you select the Use advanced mode installation check box.

 

4. Operating System Compatibility: Improved security settings in Windows Server 2008 and Windows Server 2008 R2 affect older version of Windows

active_directory_domain_services_installation_wizard_step4

Windows Server 2008 and "Windows Server 2008 R2" domain controllers have a new more secure default for the security setting named "Allow cryptography algorithms compatible with Windows NT 4.0." This setting prevents Microsoft Windows and non-Microsoft SMB "clients" from using weaker NT 4.0 style cryptography algorithms when establishing security channel sessions against Windows Server 2008 or "Windows Server 2008 R2" domain controllers. As a result of this new default, operations or applications that require a security channel serviced by Windows Server 2008 or "Windows Server 2008 R2" domain controllers might fail.

Platforms impacted by this change include Windows NT 4.0, as well as non-Microsoft SMB "clients" and network-attached storage (NAS) devices that do not support stronger cryptography algorithms. Some operations on clients running versions of Windows earlier than Windows Vista with Service Pack 1 are also impacted, including domain join operations performed by the Active Directory Migration Tool or Windows Deployment Services.

For more information about this setting, see Knowledge Base article 942564 (http://go.microsoft.com/fwlink/?LinkId=104751).

5. Creating a new forest in Windows 2008 Server

create_a_new_domain_in_a_new_forest_step5

To create a new forest, you must be a member of the local Administrators group on the server where you are installing AD DS.

DNS and NetBIOS names

Before you create a new forest, be sure that you have completely planned your DNS infrastructure. To create a new forest, you must know the full DNS name for it. You can install the DNS Server service before you install AD DS or, preferably, you can choose to have the Active Directory Domain Services Installation Wizard install the DNS Server service for you.

If you have the wizard install the DNS Server service, the wizard uses the DNS name that you provide to automatically generate a NetBIOS name for the first domain in the forest. The wizard verifies that the DNS name and the NetBIOS name are unique on the network before it continues.

You must select the Use advanced mode installation check box on the Welcome to the Active Directory Domain Services Installation Wizard page to specify a different NetBIOS name than the name that is generated automatically by the wizard.

 

 

6. Name the forest Root Domain: The first domain in the forest is the forest root domain. It’s name is also the name of the forest.

active_directory_domain_services_installation_wizard_step7 

 

7. Set Forest Function Level: Select the forest functional level.

setting_up_domain_controller_with_windows_2008_server_step_8

The Windows Server 2003 forest functional level provides all features that are available in Windows 2000 forest functional level, and the following additional features:
    -    Linked-value replication, which improves the replication to changes to group memberships.
    -    More efficient generation of complex replication topologies by the KCC.
    -    Forest trust, which allows organizations to easily share internal resources across multiple forests.

Any new domains that are created in this forest will automatically operate at the Windows Server 2003 domain functional level.

 

8. The next windows will be set Domain Functional Level. Select it and then click on Next

9. Additional Domain Controller Options

setting_up_domain_controller_with_windows_2008_server_step_9

The first domain controller in a forest must be a global catalog server and cannot be an RODC. We recommend that you install the DNS Server service on the first domain controller.

 

10. If the wizard not able to create delegation, just click yes to continue…

setting_up_domain_controller_with_windows_2008_server_step_10 

 

11. Location for Database, Log Files and SYSVOL
Specify the folders that will contain the active directory domain controller database, log files and SYSVOL

setting_up_domain_controller_with_windows_2008_server_step_11

12. Directory Services Restore Mode Administrator Password.
The directory services restore mode administrator account is different from the domain administrator account. 

Assign a password for the administrator account that will be used when this domain controller is started in directory services restore mode.

setting_up_domain_controller_with_windows_2008_server_step_12

 

13.  Summary of your Active Directory configuration for setting up domain controller in Windows 2008 server. Click next to install Active Directory in Windows 2008 Server

setting_up_domain_controller_with_windows_2008_server_step_13

 

14. This wizard is configuring active directory domain services in Windows 2008 server. This process can take from a few minutes to server hours, depending on your environment and the options that you selected

setting_up_domain_controller_with_windows_2008_server_step_14

 

15. Completing the active directory domain service installation wizard. Active Directory Domain Service is now installed on this computer as domain controller.

setting_up_domain_controller_with_windows_2008_server_step_15

Click Finish to Restart the computer and once your server is booted login to the server. You can see the following.

  • Active Directory Administrative center
    Active Directory Domain and Trusts
    Active Directory Module for WIndows
    Active Directory Sites and Servies
    Active Directory Users and Computers
    ADSI Edit

    image

Installing Active Directory in Windows 2008 Server and making the server as Domain Controller is not that difficult if you follow all the above steps. 

Published by Aryan Nava

Founder of "BlockchainMind", CTO for two Blockchain startup during 2018, Cloud/DevOps Consultant and Blockchain Trainer

One thought on “How to set up domain controller with Windows Server 2008

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: