Introduction
Managing a Windows domain environment requires the right tools—and one of the most essential is Active Directory Domain Services (AD DS). Whether you're setting up a new domain controller or adding one to an existing forest, installing this tool is a critical step for any IT administrator. In this guide, we’ll walk you through exactly how to install AD DS on Windows Server, so you can efficiently manage users, groups, and organizational units in your Active Directory environment.
This tutorial will use Windows Server 2022, however, the process will be almost identical across all modern Windows Server releases.
Steps
1 . Connect to your server, either with a local keyboard and monitor if you have physical access, or via RDP or another remote management tool
2. Open Server Manager, if its not open already
3. In the top-right corner, click on Manage > Add Roles and Features
4. In the Add Roles and Features Wizard, click Next to move past the Before you begin page
5. Leave the Installation Type as "Role-based or feature-based installation".
6. Select the server you want to install AD DS onto. If you only have one server, the leave the default option selected
7. On the Select server roles page, check the box for Active Directory Domain Services. This will provide us with all of the foundation Active Directory services, including the Active Directory Users and Computers management console. P.S: This is the only role you need to select for this tutorial, but feel free to choose others at the same time if you know you'll need them - just know the following screens may differ slightly.
8. In the pop-up that appears click Add Features to confirm
9. Back on the Select server roles page, click Next to continue
10. On the Select features page, click Next to continue - we don't need to select anything here for this tutorial
11. On the Active Directory Domain Services page, review the notices, and then click Next
12. On the Confirm installation selections page, we're going to check "Restart the destination server automatically if required" option (and approve the confirmation), however, installing AD DS usually doesn't require a restart.
13. Click Install. The process is usually fairly quick, especially on beefier servers.
Promote Server to a Domain Controller
If you know you don't want to promote the server to a domain controller, then you are technically done with installing AD DS! However, in most situations (especially if you're creating a new AD environment), you're going to want to promote the server.
1 . On the success page of the Add Roles and Features Wizard you should see an option to Promote this server to a domain controller. Click this.
2. In the Active Directory Domain Services Configuration Wizard choose the deployment type. In this tutorial, we're going to assume you're setting up a brand-new AD environment, so we're going to choose "Add a new forest"
3. Specify your root domain name. Microsoft now recommends a format such as "ad.<yourcompanydomain>" or "corp.<yourcompanydomain>" as a best practice. However, you have quite a bit of flexibility here, though it shouldn't be a domain name you plan on making publicly routable in the future. We're going to use "ad.mydomain.org". Click Next
4. On Domain Controller Options leave the default options selected and set a DSRM password. This should be a strong, complex password. Make sure to save this! Click Next
5. Skip the DNS Options page by clicking Next
6. On Additional Options, set a NetBIOS domain name. This is will essentially be a shortened version of the fully-qualified domain name (FQDN) you set earlier that your AD computers will use for internal discovery and communication. You can view Microsoft's full requirements here. In our example, we're going to set it as "MYDOMAIN". Click Next
7. On Paths, you can leave the defaults selected, unless you know you want to set something different. Click Next
8. On Review Options, double-check your selections, and click Next
9. A prerequisites check will now be run. When it finishes, review any notices, and click Install when ready.
10. Installation will now begin and your server will restart
11. Once your server has restarted, it has now been promoted to a domain controller!
12. You should now see the AD DS widget in Server Manager. Now, you can go to Tools > Active Directory Users and Computers to start configuring Organization Units (OU's), groups, users, and more!
Conclusion
Congrats! You've now installed Active Directory Domain Services and (optionally) promoted your server to a Domain Controller! We hope this guide was helpful, and remember, for all of your Microsoft licensing and consulting needs, please contact Cosmistack.
