Install Domain Controller on Windows Server 2012 R2

This post provides an overview to install a new domain controller on Windows Server 2012 R2. Please follow the pre-steps before beginning.

Pre-Steps:

  • Administrator account should have a strong password.
  • Windows has been fully patched with software updates.
  • Rename your server to a permanent name. When you install Windows Server, a random name is assigned.
  • Assign a static IP to your server. More specifically, assign a static IP, subnet mask, and default gateway.

Part 1 – Installing Active Directory Domain Services

Launch the Server Manager dashboard from the task bar. Click the “Add roles and features” link.

dc1

Click “Next” on the initial wizard screen.

dc2

For installation type, select “Role-based or feature-based installation” and click “Next”.

dc3

Choose “Select a server from the server pool” and click “Next”.

dc4

For Server role, click box for “Active Directory Domain Services”.

dc5

This will open a window listing features that will be added. Click “Add Features”.

dc6

Click “Next”.

dc7

For Features, click “Next”.

dc8

For AD DS, click “Next”.

dc9

For confirmation screen, decide whether to restart the destination server automatically. Click “Next”.

dc10

The installation of role and features will begin.

dc11

Once completed, click the “Close” button.

dc13

Part 2 – Configuring Active Directory Domain Services

From the Server Manager dashboard, click the flag with the exclamation mark symbol. Click “Promote the server to a domain controller”.

dc14

On the next screen, select the deployment operation that is needed. In this example, the “Add a new forest” is selected and the name “labdomain.com” is entered to create a new root domain.

dc16

Since this will be the only domain controller in this lab example, both the forest and domain functional levels will remain at “Windows Server 2012 R2”.  Leave check box on “Domain Name System (DNS) Server” to make this system a DNS server.

The option for GC is checked without the ability to modify since the first domain controller must be a global catalog server. The third option is unchecked and unmodifiable because the first domain controller can not be a Read Only Domain Controller.

Enter a DSRM password and click “Next”.

dc17

For DNS options, there is no existing DNS infrastructure since this is our first domain controller. So, the warning can be ignored. Click “Next”.

dc18

For additional options, click “Next”.

dc19

For Paths, click “Next”.

dc20

Review options. Please note that a powershell shell script is provided if you need to automate this on future installs. Click “View Script”.

dc21

If needed, copy this power script for future use. Close Notepad window and click “Next”.

dc22

If the prerequisite check passes, then click “Install”.

dc23

The installation will begin. Thereafter, remember to reboot the system.

dc24

dc25

dc26

This completes the installation of a domain controller in Windows Server 2012 R2.

Part 3 – Configuring DNS

For this lab exercise, additional configurations are needed in DNS. Launch the DNS management console from the Tools drop down in Server Manager.

dc27

When DNS was installed, a forward lookup zone for labdomain.com was automatically created. The forward lookup zone maintains the mapping of hostnames to IP addresses.

dc28

However, a reverse lookup zone is not automatically created. This must be done manually. The reverse lookup zone maintains the mapping of IP addresses to host names (essentially, the reverse).

Right-click on “Reverse Look Zone” and select “New Zone”.

dc29

Click “Next”.

dc30

Select “Primary zone” as this will be created on this DNS server.

dc31

Select “IPv4 Reverse Lookup Zone”.

dc32

For this lab environment, a network ID of 192.168.1.X is used. This will vary depending on your environment.

dc33

Leave default “Allow only secure dynamic updates”.

dc34

Click “Finished”.

dc35

Once the reverse lookup zone is created, we need to create a PTR record for the domain controller.

Right-click on reverse lookup zone and select “New Pointer (PTR)”.

dc36

Click the Browse button.

dc37

Select the domain controller.

dc38

Browse the forward lookup zone for the newly created domain.

dc39

Select the domain controller from your forward lookup zone and click Ok.

dc40

Confirm the information and click Ok.

dc41

The reverse PTR record will be created.

dc42