Category Archives: windows server

Setting Up Windows Active Directory

software

The first step to setting up Active Directory is to figure out if you new AD is going to join an existing “forest” or create your own “forest”. Windows AD is a very versatile and scale-able service. Windows server makes it very easy to have fail over or load balancing directory to augment another active directory. I’ll go more into that later, but for now lets set our new active directory as its own.

The first step it to name your new domain. There are best practices to naming domains. Such as not using a public domain as an internal one for example it wouldn’t be advisable to name my domain copperraparts.com, and you can use the “.” to help organize the structure of assets in your company. Many larger entities would likely place the location, office and other important information in the Domain (eg. dallas.mainstreet.3floor.server). Here i’ve added mine to my new forest of copper.test.

Adding to new forest

Next you would set the functional level of the domain i went with the most up to date for me which is windows 2016. Then depending if you joining a new forest you can choose options like read only mode. then you have to set-up a Directory Services Restore Mode pass word. then just click next.

Domain controller options

Next you can delegate DNS, for example if you had a 1.copper.test you can help point this domain to it if you needed, but for demonstration purposes i’ll keep it simple and copper.test will exist on it on so just click next.

DNS Delegation

Next setting up a NetBIOS name or not. NetBIOs is an older technology it can help locate resources in a network. But it is not used widely nowadays. so i’m going to leave mine blank and click next.

NetBIOS name

Next the AD want you to specify paths for your AD database, log files, and system volume. These are important directory needed to run AD. I’ll just leave them to the default and click next.

AD Paths

The next thing AD wants you to do is review all the options you chosen and click next.

Review Options

Lastly the installer needs to check for any issues in the install. This test domain is throwing up the caution about cyrpto algorithms setting and no static IP. This is a test installation running on virtual machine so i’m not really worried about the passwords. Also as a test server i’m not going to have any user so i haven’t configured a static IP but you can learn to do so here. Just click next to finish windows server is going to need to reboot after this so follow your protocols if you need too.

Prereq Check
Windows needs to restart

So that is the basics of setting-up your new windows active directory domain services. After you set it up you can add new users, edit group policies, and new hardware to your network. i’ll try to write more articles so please check back. and if you have any questions feel free to contact me here.

Installing Active Directory on a Fresh Windows Server

Command Line

In this article i’ll be walking you through installing a new Active Directory Domain Services feature on a fresh copy of Windows Server 2016. If you’re not familiar with Windows AD DS. To put it simply it is a set of programs run on a server that handles security and access for users on a network of machines. A lot of companies are moving into Azure AD DS which is Microsoft’s cloud based solution. Setting one of those up is very similar i’ll cover that in a future article.

Assuming you’ve met the minimum hardware requirements you can find more about that on Microsoft’s website here. Honestly hardware that you will need will vary largely depending on your production needs in field. The next step will be to give the server a static IP and configure it as the DNS for the network it will be the directory for you can read more about that here. Next you’ll want to have a copy of Windows Server installed.

The first step is to install AD DS onto a windows server instance.
Server Manager will normally run automatically when you log in an admin. The powershell command for running server manager is “servermanager.exe”.

Powershell servermanager.exe

Alternatively you can just use the start menu:

Start>Server Manager

Next you’ll want to add the AD DS feature into the server you can do that from the manage menu in the upper left hand corner or the setup list:

Manage >Add Roles and Features

Next a dialogue will remind you to setup a strong password, static IP, and installed updates. Please due so it is always important to patch systems, but do so only according to your organizations protocols you don’t want to kick a bunch of users off while they are working. You’ll probably get a bunch of service tickets. when you are ready just hit next.

Verify strong password, static IP, and updated windows.

Next the setup wizard will ask if you’d like to role-based installation or remote desktop service installation. For the purposes of this article i’ll just do a locally. I’ll cover remote installation in a future article. So select role based and click next.

Role Based

Next it will ask you to select where the AD DS will reside for now i’ll put it on the same server and click next.

Select Destination Server

Next it will ask you to install role just select Active Directory Domain Services, and click add roles to confirm the different features need for active directory.

Select Active Directory Domain Services
Add feature required for AD DS

Next it will ask you if you’d like to add extra features these are worth reading into later but for now just click next.

Adding more features

Next it will remind you to add fail overs or redundant servers and to add a DNS server if you haven’t and it will advertise Azure and office 360 integration into you installation. Click next when you are ready.

AD DS learn more of just click next

Next is just a confirmation of all the stuff you want added if you ready just click install. When it is done just click the close button

install confirmation window

Next i recommend an restart. If you’re in a production environment remember to follow protocols.

In the next article i’ll cover basic set-up of you AD DS. Thanks for reading.

Windows Active Directory Domain Services Common Tasks

software

Windows AD DS (Active Directory Domain Services) is a central feature of windows server. if you are going to work in any enterprise space you should have a firm knowledge of it. There are Linux based Directory services I’ll cover them later. One of the most important features is GUI administrative center. It can help those not familiar with powershell quickly and easily complete tasks in the directory. in this blog post i’ll run through how to complete the moist common tasks in Windows AD DS.

First go into you Administrative tools and click on “Active Directory Users and Computers”:

When you are in Active Directory Users and Computers Window click on the “Create new user in the current container” Icon:

Fill in the name information and input a username based on your organizations user name schema. For my schema i’ll simply use first initial and last name.

When you’ve filled in all the relevant fields click next and it will bring up the password dialogue. Input a password based on you companies policies, and then input it again to confirm. There are also several password options below the input fields you should consult your companies policies before you select any of these.


After your are done confirm the details in the next window and hit finish:

Once you’ve added the user you should place him into a group according to you companies policy. Just right click on the new user > add to a group:

Then you wan to type the name of the group that matches the new users role in the organization. Then I’d recommend hitting the check names button to make sure the group name is input properly. The just hit ok.

Select Group Window

That is the basic of adding a new user with windows server GUI admin tools. I’ll go over the power shell command line in another blog post soon.

Windows Server Overview

OS

Windows server is a version of windows that is design to work on a network to process data from multiple sources and multiple users. It is mostly a GUI based OS but admins can use powershell to work with it in command line. It includes some exclusive features that make it able to act as a backbone to huge enterprise networks.

One of those is its Active Directory set of programs and protocols. Active Directory Domain Services helps networks authorize and authenticate users. It also limits those users to access command and features that they’re are approved for. Basically if your logging into a large institutions network chances are you interacting with a Windows Server AD DS service.

Another very important feature of Windows servers is it’s DNS services or Domain Name Server. This logs and coordinates the networks resources including other computer, servers, access points, printers, POS systems. The DNS server in Windows Server helps device on the network find each other.

Also Windows Server handles SQL databases. You can have a separate Database server if you’d like but Windows Server can handle it on the same instance and includes all of the redundancy features that you might need to keep you data safe.

Group Policy Servers allow you to set those rules that limit users ability to access resources on the network, like printers or features on local machines.