Promoting a Windows Server 2008 R2 Server to a Domain Controller
As
previously stated, in this example we are creating a new Active
Directory environment, creating a new forest and domain, and installing
a new domain controller in that domain. This is accomplished by using
the Active Directory Domain Services Installation Wizard.
To set up the domain controller, follow these steps:
1.
The Installation wizard can be started from the Add Roles option on the
Initial Configuration Tasks screen, but the easiest way is simply to
kick off the wizard from a command prompt. To do so, from the Start
menu, select Run, type DCPROMO in
the text box, and then click OK. This installs the Active Directory
Domain Services binaries and starts the Installation Wizard.
2. When the wizard starts, select Use Advanced Mode Installation and click Next.
Note
There were many improvements in the Active
Directory Domain Services Installation Wizard in Windows Server 2008.
Although all of these improvements are available by default, some of
the wizard pages will appear only if the administrator selects Use
Advanced Mode Installation.
Advanced mode installation can also be selected by running the DCPROMO command with the /ADV switch (dcpromo /adv).
3. On the Operating System Compatibility screen, read the information and then click Next.
4.
At the Choose a Deployment Configuration screen, for our purposes, we
select Create a New Domain in a New Forest and click Next. Other
available options enable you to modify an existing forest by adding a
new domain controller in a new or existing domain.
5. Enter the fully qualified domain name (FQDN) of the Forest Root Domain and click Next. For our example, we use companyabc.lab.
6.
Enter the Domain NetBIOS name. A suggested default name is suggested
for you, derived from the Forest Root Domain name in the previous step.
In our example, the suggested domain name is COMPANYABC. When you have the domain name entered, click Next.
7.
Set the Forest Functional Level. For our purposes, set the level to
Windows Server 2003, as Exchange Server 2013 requires at least Windows
Server 2003 or higher. If you are certain your environment will not
contain any Windows Server 2003 domain controllers in the future, you
can set it to Windows Server 2008. For our test installation, we select
Windows Server 2003 and click Next to continue.
8. Set the Domain Functional Level. As above, we will select Windows Server 2003 and click Next.
9.
Microsoft recommends that you install DNS server on the first domain
controller, and requires that this server be a global catalog. Leave
the default settings and click Next to continue. Electing to install
Microsoft DNS on the new domain controller will also modify the
server’s TCP/IP properties to use the new DNS installation for name
resolution.
10. If
your computer has any IP addresses (either IPv4 or IPv6) that are
assigned by a DHCP server, you will receive a notice that static IP
addresses should be assigned to all network adapters. Check your IP
settings and continue when ready.
11. If no authoritative parent DNS zone exists, you will receive the warning shown in Figure 5.
Figure 5. DNS installation error message.
In our example, we are not integrating with an existing DNS infrastructure, so we will simply click Yes to continue.
12.
Depending on your server configuration design, select the location
where the AD databases will be located. Using the Browse buttons,
select the locations for your Database, Log Files, and SYSVOL folders.
When ready, click Next.
Note
When configuring AD database locations, make
sure that your server hardware configuration plan takes recoverability
and performance into account.
For best performance, install the AD databases on a separate hard disk than the server operating system and server page file.
For best recoverability, use disk fault tolerance such as RAID or disk mirroring for the AD databases.
13.
Assign a password to the Directory Services Restore Mode Administrator
account. This account is used in the event that you have to start the
domain controller in Directory Services Restore Mode. This password
should be a strong password, containing a combination of uppercase and
lowercase letters, numbers, and special characters. The password should
be documented and stored in a secure location. Enter the Directory
Services Restore Mode Administrator password and click Next.
14.
Review the selections you have made. In the future, when creating
additional domain controllers that will be similar to one another, you
can export the settings to an “answer file” that you can use for future
unattended installations. If you need to make any changes, use the Back
button to go to the section you want to change, and then use the Next
button to return you to the review screen. When ready, click Next to
continue.
15. The
Installation Wizard now installs DNS and the Active Directory Domain
Services. When the installation has completed, click Finish to close
the wizard, and then click Restart Now to restart the server.
When
the server has rebooted, log on to the new domain. Your default
administrator account will now be a domain administrator, and the
password is the same. Take the time to review the server’s Event Viewer
application and system logs to identify any errors or potential
problems with your installation before continuing.
