How to Setup a Domain Controller on Windows Server

How to Setup a Domain Controller on Windows Server 2016 , 2019, 2022.  The steps are the same for all versions of Active Directory from Windows Server 2016.

What is Domain controller

A Domain Controller (DC) is a computer server that handles user authentication. It takes part in the duplication and contains a full copy of all of the directory information and other files of the domain. The domain controller is the box containing the means to access Active Directory  and AD reporting. While attackers utilize a variety of methods to get elevated access to networks, including assaulting the domain controller itself, you may use your domain controllers for cyber attacks and security but also to identify the attacks in process.

Setting up a safe and stable domain controller, on the other hand, does not guarantee that you will remain secure indefinitely. Attackers will continue to attempt to hack into your domain controller in order to get elevated privileges or allow lateral movement across your network.

Active directory is a Microsoft directory service domain networks, while a domain controller is a server that answers authentication security requirements for the Windows domain, such as validating permissions, user log in and so on.

Microsoft Active Directory is one of the greatest features that makes Windows Server shine in the Enterprise sector. This Single Sign On (SSO)software, which connects flawlessly and readily with most Microsoft programs, makes user administration and other tasks simple and enjoyable.

Active Directory is an useful tool for network managers for monitoring and reporting, particularly when a business becomes bigger and adds more users and resources to its networks. It’s also quite useful for proving industry conformity.

This article will show you how to Setup a Domain Controller on Windows Server by providing you with a detailed guide, highlighting  all steps needed, to allow for a smooth installation.

How to Setup a Domain Controller on Windows Server 2019, 2016, 2022

Step 1) Open Server Manager

Using your administrative credentials log into your windows server and open server manager. Click on dashboard in the server manager and then click on  the Add roles and features option as depicted by the screenshot below:

You will then be presensented with the “Before you begin” tab which contains crucial information. After perusing it deeply you can click “Next” as shown below:

Step 2) Installation Type

Next step in how to setup a Domain Controller on Windows Server we will be presented with the Installation Type tab from which we will select the Role based or Feature based installation option then we will click on Next to proceed, as show below:

Step 3 ) Server Selection

Next in the Server Selection tab, we will now select our destination server on which our roles will be installed. The hostname and the IP address of the selected server will now need to be verified. After this click on Next to proceed:

Step 4) Server Roles

Next we will be directed to the Server Roles tab, where we will check the “Active Directory Domain Services” box as show below:

Step 5 ) Add Features

Next in how to Setup a Domain Controller on Windows Server we will next be prompted to view the associated features for the role. We must then Click on Add Features options to add features and then on Next button:

Step 6) Select Features

As we are directed to the Features tab next the default features that have already been selected as required for our role should be left untouched. We will just click on Next to proceed to installation:

Step 7) AD DS

After selecting the AD DS tab brief information about “Active Directory Domain Serviceswill be displayed. We will then click on Next:

Step 8 ) Confirm Your Selections

Next we will be presented with the confirmation tab. Here we can go over and verify our selections and then click on the Install button:

We can then track our installation progress in the Results tab as shown below:

Step 9 ) Promote the server into a Domain Controller

After our AD DS installation is complete  we will proceed to promoting our domain controller by clicking on the option “Promote this server to a Domain Controller” as show below:

Step 10 ) Add a new Forest

Now the Active Directory Configuration Wizard will be opened. From the Deployment Configuration tab we will select the Add a new forest option and we will provide a Root Domain name which can be anything you want and then click on Next to proceed.

Step 11) Domain Controller Options

Select a functional level for your forest and domain based on your environment in the Domain Controller Option tab. Please tick the DNS Server and the Global Catalog check boxes because this is the first domain controller inside the forest. Then, for retrieval/restoration of Active Directory data, input the DSRM password. Then, to proceed, click Next:

Since AD integrated DNS Server has been configured, we can ignore the DNS Delegation warning and to proceed we can press Next.

Step 12 ) Domain Name

After opening the tab titled Additional Options next, we will enter a NetBIOS name for our domain which is suggested to be the same as our root domain name entered in Step 11.  Click Next to proceed.

Step 13 ) Paths

We must now provide the path to the Database (NTDS Database), LOG files, and SYSVOL directories in the Path tab. To continue, click Next as shown below:

Step 14 ) Review Options

The setup will be reviewed on the Review Options tab. If everything meets your needs, click Next to continue; if not, return to the previous screen and make any necessary changes before continuing.The powershell script for future deployment can also be viewed.

Step 15) Prerequisites Check

In this section we will click on the Prerequisites Check tab ad a check will be performed and once it is done we will be presented with the Install button which we should click to initialize the installation:

Step 16) Installation Successful

  • When the installation is complete, you will see the confirmation message shown below.
  • Restart the Server after closing this window. You must connect using your domain username and password after the server has restarted. The local admin account will be elevated to Domain Admin by default.
  • Log in and check the Domain Controller’s health.
  • To check the health, use the DCDIAG command. You may also check the configurations using the Active Directory tools found in the Administrative Tools folder on the Start menu.

How to Setup a Domain Controller on Windows Server Conclusion

The data that decides and verifies network access, including any group policies and all machine names, is stored on domain controllers. The DC has everything an attacker may need to  cause enormous harm to your data and network, making it a top target in a cyber attack.

In Windows Server 2000, Microsoft introduced Active Directory for centralized domain administration. However, subsequent versions of Windows Server 2008 included features like Directory Federation Services for Single Sign On, security certificates for public key cryptography, rights management and the Lightweight Directory Access Protocol (LDAP).

In essence, an Active Directory is a framework for managing several Windows Server domains, with a domain controller serving as a vital component. It’s the server that manages Active Directory and authenticates users using the information contained in the directory.

Information is stored in Active Directory as objects that are arranged into forests, trees, and domains. Each Active Directory forest may have numerous domains, and domain controllers administer the trusts that allow users from one domain to access users from another domain.

Thanks to this tutorial you have Setup a Domain Controller on Windows Server. We really hope this article was informative and easy to follow. Thank you for going through the entirety of this article.

Avatar for Emad Bin Abid
Emad Bin Abid

I'm a software engineer who has a bright vision and a strong interest in designing and engineering software solutions. I readily understand that in today's agile world the development process has to be rapid, reusable, and scalable; hence it is extremely important to develop solutions that are well-designed and embody a well-thought-of architecture as the baseline. Apart from designing and developing business solutions, I'm a content writer who loves to document technical learnings and experiences so that peers in the same industry can also benefit from them.

4.8 11 votes
Article Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x