Active Directory,  Windows Server

Setting Up Active Directory In Windows Server 2012

Installing Active Directory services is arguably one of the first things done on many a Windows Server. And for well over a decade you could unbox, update, run dcpromo and be done with much of that. While the wizards are still there, in the case of Windows Server 2012, the process has changed ever-so-slightly. To install a domain controller in Windows Server 2012, start with Server Manager. This new tool is the place where you start many a process in a Windows Server now, and Active Directory is no different.

To get started, first open Server Manager.

Screen Shot 2013-08-08 at 3.54.57 PM

From Server Manager, click on the Manage menu and select Add Roles and Features. At the Before you begin screen in the Add Roles and Features Wizard, click on Next.

Screen Shot 2013-08-08 at 3.55.00 PM

At the Installation Type screen, choose Role-based or feature-based installation and click Next.

Screen Shot 2013-08-08 at 3.55.02 PM

At the Server Selection screen, choose the server you’d like to install the Active Directory role on and then click Next. If you only have one server then you should only have one listing here.

Screen Shot 2013-08-08 at 3.55.06 PM

There are a number of Roles a domain controller can have. For many environments, a simple Domain Services role will be sufficient, especially on the first 2012 server in the environment. To select this, at the Server Roles screen, choose Active Directory Domain Services and then click on Next.

Screen Shot 2013-08-08 at 3.55.14 PM

A sanity check will run to verify all the required Features and other Roles are installed. If not, you’ll be presented with a list of items that will be installed in support of the Role being deployed. Click Add Features for most environments, unless you have the tools to manage the Role installed elsewhere.

Screen Shot 2013-08-08 at 3.55.17 PM

Back at the Server Roles screen, click Next, unless you’d like to install other Roles as well.

Screen Shot 2013-08-08 at 3.55.21 PM

At the Features screen, click Next, unless you’d like to install other features as well.

Screen Shot 2013-08-08 at 3.55.32 PM

At the AD DS screen, click Next.

Screen Shot 2013-08-08 at 3.55.57 PM

At the Confirmation screen, click Install. You can also tell the server to restart automatically here, so do that as well.

Screen Shot 2013-08-08 at 3.56.02 PM

Once the installation is complete, you’ll see a yellow icon indicating that something needs to happen with the server. The menu that appears contains a link to promote the server to a domain controller. Click the link to bring up the Deployment Configuration wizard.

Screen Shot 2013-08-08 at 4.30.05 PM

At the Deployment Configuration screen of the wizard you can choose whether to add the domain controller to an existing domain or create a new forest. In this case, we’ll select the “Add a new forest” option. When highlighted, you will be able to provide a name for the domain. here we use krypted.com. Once the name is provided, click Next.

Screen Shot 2013-08-08 at 4.30.42 PM

At the Domain Controller Options screen, choose whether the server will be an AD Integrated DNS Server, a Global Catalog server, possibly a Read only domain controller and provide a Directory Services Restore Mode (DSRM) password used to restore the environment in case it fails. Also, choose the functional level of both the domain and forest. Because this is a new environment with no 2003 to 2008 servers we will leave the levels set to Windows Server 2012. Click Next when you’re satisfied with your entries.

Screen Shot 2013-08-08 at 4.33.14 PM

If you decided to enable DNS, you will have the option to also install DNS delegation which you should do if possible, in most environments. Click Next.

Screen Shot 2013-08-08 at 4.33.48 PM

At the Additional Options screen, provide a NetBIOS name. This is usually a 8 character or less rendition of the same domain name, often used in legacy tools or prepended to usernames and passwords when namespace collisions occur with account names. When you’ve provided the name, click Next.

Screen Shot 2013-08-08 at 4.34.09 PM

At the Paths screen, indicate where you want the directories that contain the Active Directory files stored. Most environments can leave these to the default settings and click Next.

Screen Shot 2013-08-08 at 4.34.26 PM

At the Review Options screen, click Next provided that all of the options match the information you provided/desire.

Screen Shot 2013-08-08 at 4.34.29 PM

At the Installation screen, click Install and watch the Progress (takes a minute or three usually to complete).

Screen Shot 2013-08-08 at 4.42.53 PM

Once completed, open the Tools menu in Server Manager to see the tools formerly available in the Administrative Tools section of the Start menu, including Active Directory Domains and Trusts, Active Directory Power Shell, Active Directory Sites and Services and Active Directory Users and Computers, which mostly look like they’ve looked for a long time (but with a pretty blue frame around the screen).

Screen Shot 2013-08-09 at 9.14.19 AM

Additionally, there’s an Active Directory Administrative Center, which provides quick and easy access to a number of features from other tools and allows you to change domain controllers, raise the domain/forest functional levels (useful when upgrading from previous incantations of Active Directory), etc.

Screen Shot 2013-08-10 at 3.31.59 PM