What is Active Directory?
Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management.A server running Active Directory Domain Services (AD DS) is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted password and determines whether the user is a system administrator or normal user.Active Directory uses Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft’s version of Kerberos, and DNS.
- The first step is to assign a static IP to the server that you going to deploy the AD. It’s necessary to install it as DNS server too.
- To assign IP on server Press Win+R to open run and type ncpa.cpl and Press enter > Right click on Lan adapter and click Property > Select Internet Protocol Version 4 (TCP/IPv4) then click property. Specify Preferred DNS Server 127.0.0.1 or Your Local IP address.
Next step is to install the Active directory roles.
Click on start menu and select the Server Manager.
Click on Add roles and feature.
Click Next 3 times.
From the roles list select the “Active Directory Domain Services” role and Click “Next”
This Window will popup click on Add features.
In this feature section leave as default and click “Next” > “Next”.
Click on Install.
Wait for complete installation after the succeeded installation then click “Close”.
After the complete installation of Add role and features open Server Manager click on “Notification area” with flag icon then click on “Promote this serve to domain controller”.
We going to install New domain Controller in new forest please select the option “Add a new forest” option and provide the name for our domain controller. It must be FQDN. In our case I used “technicalsuresh.com” as the domain. click on “Next”.
In this window it will ask to select forest function level. If you going to add server 20012 domain controller to your forest later don’t select the function level as server 2016. If you going to use full features of 2016 Ad you must select forest function level as server 2016. In my case I used server 2016.
In this window since it’s the first DC we should make it as DNS server too. Leave the default selection.
In next window its asking to define a restore mode password. Its more important if you had to do a restore from backup in a server crash. Leave other thing as default Click on “Next” after filling it.
Leave unselected to create DNS delegation and Click on “Next”
In next window it will generate NetBIOS name automatically Click on “Next”
In next window it will show up the database location. It its going to be bigger AD its good if you can keep NTDS database in different partition. Click on “Next” after changes.
In next window review your selections.
In the next window wait for Prerequisite Check. After the prerequisite check passed successfully click on “Install”
And wait for installation complete. After the complete installation Server will restart automatically.
To open Active Directory Users and computers open “Server Manager” > click on Tools > then click “Active Directory Users and computers”.
“Active Directory Users and computers” interface will open.
In the Next article we will discuss how to create User, Groups and OU (Organizational Unit).