Part 3 – Installation of Active Directory Domain Services

Part 3 – Installation of Active Directory Domain Services

In previous posts, we have created the Virtual Machines needed to create this environment. Now we need to set up Active Directory.

After a new install of Server 2012 Server Manager will auto launch by default.  From Server Manager select Add roles and features. 

On the Add Roles and Features Wizard, select Next.

Roles and features wizard

On the Select Installation Type screen, select Role-based or feature-based installation. Select Next to continue.

role based config

 

Server 2012 lets you install roles and features on different servers. Choose Select a server from the server pool and choose DC1. Select Next to continue.

Server selection

On the Select Server Roles screen select Active Directory Domain Services. You will be presented with a dialog box immediately after.

Select AD Domain Services

This dialog box informs you that other tools will be installed as well as the initial install of AD domain services. Select Add Features.

Select Next at the Add Roles and Features wizard to install Active Directory Domain Services.

AD DS selected

Select Features will ask you if you would like to install any additional features. We will need .Net Framework 3.5 later on, so select it. Select Next to continue.

 

Adding .Net Framework 3.5

The Active Directory confirmation screen will appear. Read the information presented and select Next.

AD confirmation screen

The confirmation dialog box is shown since this not a production server I selected OK to restart the server after. You will receive an additional dialog box if you select the option to restart your server if required. I also have an error message indicating an alternate source path may be needed. This is related to the .net framework 3.5 selected earlier.

AD confirmation 2

Select Specify an alternate source path at the bottom of the screen.

alternate source path

The alternate source path is d:\sources\sxs, this will point the installer to pull from this directory to install .Net Framework 3.5. Select OK.

Full alternate source path

The Additional dialog box confirms if you really want to restart your server after the first part of this install. Select Yes.

 Full alternate source path

Select Install to continue.

ready 2 go

Installer progress:

installer running

The install continues and will restart the server after. After the system restarts, Server Manager will launch and you will have to promote the server to a domain controller. Active Directory services have been installed to the server but this process does not automatically promote the server to a domain controller. Select Promote this server to a domain controller.

promote new dc

On the deployment configuration page, you can create a new domain. You want to select Add to a new forest. This can be a company name, a .LAB name, a .LOCAL name or many other domain names. In my example, I am calling the domain BluePalace.LAB. 

Name the domain

Select Next to continue.

In my example, the domain controllers functional and domain functional level will be Server 2012 based. However, you may want to have backward capability and may Select Server 2008 or Server 2008R2.

Create a Directory Services Restore Mode password. Be sure to memorize this password in case there are any problems. Select Next to continue.

set domain and forest functional level

The DNS Options screen will give you an error message after selecting next. Select Next to continue. After selecting next you will have another error message. This error message is expected to select OK to continue.

DNS operations screen

You can ignore this warning message and select OK.

On the Additional Options screen, select Next.

Netbios Name

The primary paths are normally changed for database, log files, and SYSVOL (System Volume) but since I am using a LAB environment the defaults are fine. Select Next. 

Keep at defaults

The Review options screen informs you of what changes are about to take place. Select Next to continue.

AD DS final review

A prerequisite checker will start in order to ensure all of the changes that are going to take place will pass before promoting the server to a domain controller. Select Install to continue. These additional steps of making sure everything passes,  which was not featured in previous windows versions.

 

AD DS pre req check

After the install completes the server will generate a message that the server is going to be restarted. Select close to allow the server to reboot.

Once the system reboots, you will now need to enter your user account as domain\username as this server is now a domain controller for your new domain. In my example, it is BluePalace\Administrator.

blue palace first login

When you log in, you will see in Server Manager that AD DS is now listed, along with DNS.

ad ds installed

Although backward, we will assign a Static IP Address to the domain controller. This will ensure the domain controller does not receive a new address assigned by DHCP.

In Server Manager, select Local Server from the panel on the left. From there, click on the Ethernet link called IPv4 address assigned by DHCP, IPv6 enabled. 

2 nics

This will cause Network Connections to open. Right click on the Ethernet Network and select Properties.

ethernet

On Ethernet properties dialog, select Internet Protocol Version 4 (TCP/IPv4) and click the properties button. On the Internet Protocol Version 4 (TCP/IPv4) dialog box, enter a static IP address, Subnet mask, and default gateway. DNS should be already set at 127.0.0.1 the local loopback address.

new network settings

Click OK to continue.

You have now configured your first system to use a static IP Address. You will want to also repeat the same process for the ConfigMgr Server, except instead of using DNS at the local loopback IP address 127.0.0.1 use the DC running domain services at 192.168.1.103

Add systems to the domain

Now that the new domain is set up, your other systems need to be added to this domain. Add your first SCOM server to this domain.

Log into the systems you want to add to the domain. To do this in Server 2012, launch Server Manager, and click on Local Server.

local server selected

 

Now select the computer name. This will launch the system properties dialog box. On this dialog box select the Change button.

predomain add

 

From this dialog, select the domain option. Now enter the domain you have used. In my example, I am adding this server to the BluePalace domain. Note, you will not enter a .com for the domain name, just the precursor domain name.

Bluepalace adding

Select Ok. You will be presented with a dialog box to ask for the account credentials of an account that has Domain Admin rights. In my example, it’s BluePalace\Administrator. Enter the password for the account as well and select OK.

AD adding security prompt

Once the system has been joined to the domain you will receive a welcome message. Press OK to continue.

Has been added to the domain

After you press OK you will receive a second dialog box indicating you will need to restart the system for the changes to take effect.

domain restart ok

Select OK to close this box. Select Close to close the System Properties box. You will now see the option to restart your server. Select Restart Now to restart your server.

restart now yep

Once your system restarts you will be presented with the login screen. You should use a domain account in order to now use domain resources on your system.

configmgr login

In addition, we will allow Remote Desktop connections to this Domain Controller.

On the next post, we will start configuring the Active Directory.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.