Published on

Setting Up Windows Active Directory


The first step to setting up Active Directory is to figure out if you new AD is going to join an existing "forest" or create your own "forest". Windows AD is a very versatile and scale-able service. Windows server makes it very easy to have fail over or load balancing directory to augment another active directory. I'll go more into that later, but for now lets set our new active directory as its own.

The first step it to name your new domain. There are best practices to naming domains. Such as not using a public domain as an internal one for example it wouldn't be advisable to name my domain copperraparts.com, and you can use the "." to help organize the structure of assets in your company. Many larger entities would likely place the location, office and other important information in the Domain (eg. dallas.mainstreet.3floor.server). Here i've added mine to my new forest of copper.test.

Adding to new forest

Next you would set the functional level of the domain i went with the most up to date for me which is windows 2016. Then depending if you joining a new forest you can choose options like read only mode. then you have to set-up a Directory Services Restore Mode pass word. then just click next.

Domain controller options

Next you can delegate DNS, for example if you had a 1.copper.test you can help point this domain to it if you needed, but for demonstration purposes i'll keep it simple and copper.test will exist on it on so just click next.

DNS Delegation

Next setting up a NetBIOS name or not. NetBIOs is an older technology it can help locate resources in a network. But it is not used widely nowadays. so i'm going to leave mine blank and click next.

NetBIOS name

Next the AD want you to specify paths for your AD database, log files, and system volume. These are important directory needed to run AD. I'll just leave them to the default and click next.

AD Paths

The next thing AD wants you to do is review all the options you chosen and click next.

Review Options

Lastly the installer needs to check for any issues in the install. This test domain is throwing up the caution about cyrpto algorithms setting and no static IP. This is a test installation running on virtual machine so i'm not really worried about the passwords. Also as a test server i'm not going to have any user so i haven't configured a static IP but you can learn to do so here. Just click next to finish windows server is going to need to reboot after this so follow your protocols if you need too.

Prereq Check

Windows needs to restart

So that is the basics of setting-up your new windows active directory domain services. After you set it up you can add new users, edit group policies, and new hardware to your network. i'll try to write more articles so please check back. and if you have any questions feel free to contact me here.