This post provides an overview to install a new domain controller on Windows Server 2012 R2. Please follow the pre-steps before beginning.
- Administrator account should have a strong password.
- Windows has been fully patched with software updates.
- Rename your server to a permanent name. When you install Windows Server, a random name is assigned.
- Assign a static IP to your server. More specifically, assign a static IP, subnet mask, and default gateway.
Part 1 – Installing Active Directory Domain Services
Launch the Server Manager dashboard from the task bar. Click the “Add roles and features” link.
Click “Next” on the initial wizard screen.
For installation type, select “Role-based or feature-based installation” and click “Next”.
Choose “Select a server from the server pool” and click “Next”.
For Server role, click box for “Active Directory Domain Services”.
This will open a window listing features that will be added. Click “Add Features”.
For Features, click “Next”.
For AD DS, click “Next”.
For confirmation screen, decide whether to restart the destination server automatically. Click “Next”.
The installation of role and features will begin.
Once completed, click the “Close” button.
Part 2 – Configuring Active Directory Domain Services
From the Server Manager dashboard, click the flag with the exclamation mark symbol. Click “Promote the server to a domain controller”.
On the next screen, select the deployment operation that is needed. In this example, the “Add a new forest” is selected and the name “labdomain.com” is entered to create a new root domain.
Since this will be the only domain controller in this lab example, both the forest and domain functional levels will remain at “Windows Server 2012 R2”. Leave check box on “Domain Name System (DNS) Server” to make this system a DNS server.
The option for GC is checked without the ability to modify since the first domain controller must be a global catalog server. The third option is unchecked and unmodifiable because the first domain controller can not be a Read Only Domain Controller.
Enter a DSRM password and click “Next”.
For DNS options, there is no existing DNS infrastructure since this is our first domain controller. So, the warning can be ignored. Click “Next”.
For additional options, click “Next”.
For Paths, click “Next”.
Review options. Please note that a powershell shell script is provided if you need to automate this on future installs. Click “View Script”.
If needed, copy this power script for future use. Close Notepad window and click “Next”.
If the prerequisite check passes, then click “Install”.
The installation will begin. Thereafter, remember to reboot the system.
This completes the installation of a domain controller in Windows Server 2012 R2.
Part 3 – Configuring DNS
For this lab exercise, additional configurations are needed in DNS. Launch the DNS management console from the Tools drop down in Server Manager.
When DNS was installed, a forward lookup zone for labdomain.com was automatically created. The forward lookup zone maintains the mapping of hostnames to IP addresses.
However, a reverse lookup zone is not automatically created. This must be done manually. The reverse lookup zone maintains the mapping of IP addresses to host names (essentially, the reverse).
Right-click on “Reverse Look Zone” and select “New Zone”.
Select “Primary zone” as this will be created on this DNS server.
Select “IPv4 Reverse Lookup Zone”.
For this lab environment, a network ID of 192.168.1.X is used. This will vary depending on your environment.
Leave default “Allow only secure dynamic updates”.
Once the reverse lookup zone is created, we need to create a PTR record for the domain controller.
Right-click on reverse lookup zone and select “New Pointer (PTR)”.
Click the Browse button.
Select the domain controller.
Browse the forward lookup zone for the newly created domain.
Select the domain controller from your forward lookup zone and click Ok.
Confirm the information and click Ok.
The reverse PTR record will be created.