Monday, March 14, 2011

Step-by-Step Setup of an Active Directory Domain using Windows Server 2008 R2

Introduction

This article walks you through step-by-step building of an active directory domain using (64-bit) Windows Server 2008 R2 Enterprise SP1.  It assumes the existence of a network gateway.  You can perform this exercise remotely, which was the approach taken in this procedure.  Total time for completion of this task is about one hour.  This current walkthrough includes a few steps missed in the similar and excellent walkthrough provided by Read The Effin Blog! (link provided below).  Good Luck!

Procedure

Log onto your target server with an account having administrator privileges.  Then launch Server Manager.  Scroll down until you see the Roles Summary section.


Click Add Roles.  This launches the Add Roles Wizard, the first page of which appears.


Click Next.  This takes you to the Select Server Roles page.  Enter a check into the Active Directory Domain Services role.


Click Next.  If this is the first time you have configured Active Directory Domain Services on this machine, you will likely be prompted to install the .NET Framework 3.5.1.  You can't install this independently.  It has to be installed as a requirement of a server role.


Click Add Required Features.  The prompt goes away, and you are returned to the Add Server Roles page.


Click Next.  The Active Directory Domain Services page appears.  This is purely an informational page.  Click on any of the displayed links in order to read up on Active Directory topics.


Click Next.  The Confirm Installation Selections page appears.  Again another informational page.


Click Install.  The installation begins, and you'll see a progress meter displayed.  This will take about 5-10 minutes.


On successful installation, you'll see the Installation Results page.


Click Close: A Group Policy Management prompt appears.


Click OK.  The prompt closes, and you are returned to the Server Manager.  This completes the setup of your server as an Active Directory Domain server. Note that now a new item appears in the Roles Summary section: Active Directory Domain Services.  It has an X next to it because you still need to configure Domain Name Services.  That's what you'll do next.

Domain Name Services is not a role that you can add using the Add Roles Wizard. If you run it again, this time selecting the DNS Server option, you'll get a message stating something to this affect:


Instead, go back to Server Manager, scroll down to the Roles Summary section, and then click on the Active Directory Domain Services link.  This takes you to the Active Directory Domain Services section of Server Manager.


Scroll down about half way until you see the Dcpromo.exe link.


Click on this link.  A number of different configuration tasks will start appearing in their own progress meters.  This process will take several minutes.


Once these configuration tasks are completed, the Active Directory Domain Services Installation Wizard appears.


Leave the Use advanced mode installation option unchecked, and then click Next.  The Operating System Compatability page appears.  This page is purely informational.


Read through it, considering and noting your own network architectural needs, and then click Next.  The Choose a Deployment Configuration page appears.


In this step-by-step walkthrough, this is the first domain controller that is being configured.  Thus, the correct option to select is Create a new domain in a new forest.  Click Next.  The Name the Forest Root Domain page appears.  Hang in there, you're almost done.


Guidance on DNS naming conventions are provided in the References section, below.  For this walkthrough, a small private domain is being created that will not be routed; and to ensure that it won't be routed, the first-level domain of local is used, which is not currently registered on the Internet.  Enter any desired namespace for your local domain, and then click Next.  The Set Forest Functional Level page appears.


For this step-by-step walkthrough, the this domain controller will be the only one on the network, and no other domain controllers will be setup.  Thus, the Windows Server 2008 R2 option is chosen.  Select what option meets your needs, and then click Next.  The Additional Domain Controller Options page appears.


The DNS server option is selected by default, and this is what is currently being configured.  Therefore, leave the default option selected, and then click Next. If this is the only domain controller on your network, a warning prompt will appear.


For the purposes of this step-by-step walkthrough, we are currently configuring the only domain controller on this network, and thus the correct choice is Yes.  Click Next.  The Location for Database, Log Files, and SYSVOL page appears.


For the purposes of this step-by-step walkthrough, the default directorys shown work just fine, but revise as desired, and then click Next.  The Directory Services Restore Mode Administrator Password page appears.  Just a few more steps, and you've finished.


 Enter a restore password, and then click Next.  The Summary page appears.


This is the last and final step.  Once you click Next, the installation proceeds, taking a few minutes; and then once it completes, there are no more steps to perform - at least as far as setup goes.  Click Next.  An informational prompt will appear over the Summary page.


Final installation takes a few minutes.  Go ahead and check the Reboot on completion option, while you're waiting.  You'll need to reboot anyway in order to complete the installation.  Might as well as do it now.  Once it has completed, and you checked the Reboot option, your machine will reboot, and then, on coming back online, you will now have a functioning Microsoft Windows Server 2008 R2 domain controller on your network.  Congratulations!  ('Bet you thought you could never do it).

References
Notes
  • This step-by-step walkthrough was performed on a Dell Precision 380, P4, 180GB disk, 2GB RAM.  It's a dinosaur, but its available and has more than enough resources to perform domain controller functions on a small network.

No comments: