10.07.2021

Installing Active Directory on Windows Server 2019

In this tutorial, you will find installation of Active Directory in Windows Server 2019. This will be accomplished by installing the appropriate role and upgrading the server to a master domain controller (DC). We will also add the DNS role to take advantage of the zone capabilities integrated into Active Directory.

Basically, it is a two-step process, installing the ADDS role and upgrading it to a DC.

 

Adding the Active Directory Domain Services Role

But at first, you should set a static IP address on your server, and find the appropriate name for your Windows Server to match your company's naming policy. After completing this step, proceed to set up ADDS.

Run Server Manager, click Manage -> Add Roles and Features.

Right after that the wizard window appears. Under "Before You Begin" click "Next".

Now we need to select an installation type, it can be based on server roles or virtual infrastructure (based on Hyper-V), chose the first setting and continue in a new window.

In the "Server selection", we need to choose our server, usually it is allocated by default and continue to the next section.

Here we came to Server Roles, select Active Directory Domain Services and accept addition of related features. Click the Add Features -> Next.

The next window is named "Features" but here we need nothing to add so just go to the next section.

The ADDS section displays summary info about your AD, here we just click Next.

And at last, we proceed to installation, click Install and wait a little bit until installation completes.

Upgrading Server to a DC

After finishing the installation, unless you close the window, there will be a link in finish summary to promote the server to a DC. This is highlighted as blue text.

However, it is possible to promote the server through notifications in server manager.

Click on "Promote server to domain controller". And you will be brought to AD deployment wizard that will help you to create a forest in AD.

In "Deployment Configuration", you should choose the "Add a new forest", and then you need to think about your domain name (Note that it must not be like a domain name on your organization's website, it must differ, otherwise you will have serious DNS problems) and type it in the proper field. In my case it is office.local, and click Next afterwards.

Now we have reached the"Domain Controller Options". Here you need to specify the domain functional level. Note that it can differ from you current OS version, for 2019 Windows server, 2016 is only available. For the first AD server chose the latest version of the functional level. And if it is not the first one then you need to sync the level among other controllers.

In our example we will also choose DNS server option because we dont have standalone DNS, chose it whether you need it or not in your infrastructure.

You should also specify the password for restore mode (DSRM), save it in your corporate password manager and click "Next" to continue.

Probably you will notice a DNS warning message, but it should not bother you at this time. Ignore it and move further.

So, we arrived to the NetBIOS name, I recommend you to leave it as it is but you can change it as you like, don’t forget to specify it in capital letters. Move Next.

Under "Paths" choose where the location of NTDS, SYSVOL and LOG folders. You can choose a different drive depending on your preferences and settings but default is also acceptable.

Under "Review Options" you will see a summary of your selections. Check it carefully for mistakes, move next if it is ok.

The "Prerequisites Check" section checks for your server prerequisites. Here, if it finds an error the installation process will be aborted and you will need to correct it. Otherwise, if only warning messages are displayed (which is usual), but the check was successful as shown, click Install to continue.

And here you need to wait a little bit for installation process to complete. Immediately after that, the server automatically restarts.

After server finishes its reboot process, your first domain controller will be ready to use and you can leverage all the features such as ADUC and ADAC.