Wednesday, August 6, 2025

Configure Active Directory Domain Services (AD DS)

 









This section provides all available methods to configure Active Directory Domain Services (AD DS) on Windows Server 2022, with each method described in a step-by-step format.

Method 1: Using Server Manager GUI

Step 1: Open Server Manager

  • Click the Start button.

  • Select Server Manager from the Start Menu.

Step 2: Add Roles and Features

  • In Server Manager, click Manage > Add Roles and Features.

  • In the Before You Begin window, click Next.

Step 3: Role-Based or Feature-Based Installation

  • Select Role-based or feature-based installation.

  • Click Next.

Step 4: Select Server

  • Select the local server from the server pool.

  • Click Next.

Step 5: Select Server Roles

  • Check Active Directory Domain Services.

  • Click Add Features when prompted.

  • Click Next.

Step 6: Select Features

  • No changes needed, click Next.

Step 7: Confirm and Install

  • Click Install.

  • Wait for installation to complete (do not restart yet).

Step 8: Promote Server to Domain Controller

  • In Server Manager, click the flag icon > Promote this server to a domain controller.

Step 9: Deployment Configuration

  • Choose:

    • Add a new forest for a new domain.

    • Add a domain controller to an existing domain (join to an existing domain).

  • Enter the Root domain name (e.g., corp.local).

  • Click Next.

Step 10: Domain Controller Options

  • Choose:

    • Domain Name System (DNS) (optional)

    • Set DSRM (Directory Services Restore Mode) password

  • Click Next.

Step 11: DNS Options

  • If using DNS, leave defaults and click Next.

Step 12: Additional Options

  • Confirm NetBIOS name and click Next.

Step 13: Paths

  • Leave default paths for database, log files, and SYSVOL or change if needed.

  • Click Next.

Step 14: Review and Install

  • Review settings, click Next.

  • Click Install.

  • Server will restart automatically after promotion.

Method 2: Using PowerShell

Step 1: Open PowerShell as Administrator

  • Right-click Start > Windows PowerShell (Admin)

Step 2: Install AD DS Role

Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

Step 3: Promote Server to Domain Controller (New Forest)

Install-ADDSForest `
  -DomainName "corp.local" `
  -DomainNetbiosName "CORP" `
  -SafeModeAdministratorPassword (ConvertTo-SecureString -AsPlainText "YourPassword123" -Force) `
  -InstallDNS

Step 4: Restart

  • Server will restart automatically after promotion completes.

Method 3: Using Windows Admin Center (WAC)

Step 1: Open Windows Admin Center in browser

  • Go to the Windows Admin Center URL (e.g., https://servername:6516)

Step 2: Connect to the server

  • Select your Windows Server 2022 instance.

Step 3: Go to Roles & Features

  • Click on Roles & Features

  • Install Active Directory Domain Services

Step 4: Promote Server

  • Go to Server Manager (Preview) in WAC

  • Use AD DS Setup Wizard to:

    • Add new forest or domain

    • Configure DNS

    • Set DSRM password

    • Restart when complete

Post-Installation Steps (Applies to All Methods)

  1. Open Active Directory Users and Computers

  2. Create Organizational Units (OUs) per department or client

  3. Add User Accounts and assign to OUs

  4. Open Group Policy Management Console

  5. Create and link GPOs for password policy, software restrictions, etc.

Each method serves different use cases (GUI for beginners, PowerShell for automation, WAC for web-based management). Choose the one that best suits your needs or environment.