# Active Directory ## SETTING UP ACTIVE DIRECTORY {% hint style="info" %} #### WHAT IS ACTIVE DIRECTORY? Active Directory Domain Service (**AD DS**) is a directory service developed by Microsoft for Windows domain network. It is included in most Microsoft Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management. Starting with Windows Server 2008, however, Active Directory became an umbrella title for a broad range of directory-based identity-related services. Read more about Active Directory Domain Services [here](https://docs.microsoft.com/en-us/windows/win32/ad/about-active-directory-domain-services) {% endhint %} Log into the DC server, and we will start setting up the Active Directory server role for my LAB environment. ### Installing Active Directory **Step 1.** Click "**Add roles and features**" in the Server Manager. ![Windows Server 2019 - Active Directory](/files/-LzlEgqvEprF6w9VwChJ) **Step 2.** Click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlFi2QswQAgXxOHKV1) **Step 3.** Leave everything default and click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlFq0x4xxD8TrboyaS) **Step 4.** Leave everything default and click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlFw_Z5OwQ3awVccYc) **Step 5.** Select "**Active Directory Domain Services**" ![Windows Server 2019 - Active Directory](/files/-LzlG0fb5xyGh2vQToVg) **Step 6.** Leave everything default and click "**Add Features**" ![Windows Server 2019 - Active Directory](/files/-LzlG6dFH4gq7kruKV85) **Step 7.** Leave everything default and click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlGDkRTzKGnBFHO2CU) **Step 8.** Click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlGMCotOHkyYuWGVqZ) **Step 9.** Check the "**Restart the destination server automatically if required**" box and click "**Install**" ![Windows Server 2019 - Active Directory](/files/-LzlGTUQ6FzYumPJ3vYg) **Step 10.** This might take a while, so click "**Close**" and go grab a cup of coffee:sunglasses: ![Windows Server 2019 - Active Directory](/files/-LzlGZDqpatVuT1SuR3s) ### Configuring Active Directory **Step 1.** When the server role installation is done, we should now see a yellow triangle with an exclamation mark in the Server Manager, click on it and then click "**Promote this server to a domain controller**" ![Windows Server 2019 - Active Directory](/files/-LzlGjSCnjp6PLh-1Cp1) **Step 2.** Check "**Add a new forest**", enter a "**Root Domain Name**" and click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlNYpdSWHHDhLxnatZ) **Step 3.** Enter a password for DSRM, leave the rest as default and click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlNd70xBW4r4xS8kBy) **Step 4.** Leave everything default and click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlNjijFcXpR0iZqcZh) **Step 5.** The NetBIOS domain name is populated automatically after a few second, it is possible to change the NetBIOS domain name, but I choose to leave it as default for my LAB environment. ![Windows Server 2019 - Active Directory](/files/-LzlNpO-hALLqvfmge0k) **Step 6.** Leave everything default and click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlNvIvzYnNmq_Z9ez-) **Step 7.** Click "**Next**" ![Windows Server 2019 - Active Directory](/files/-LzlO03fJfwidS_uKJjE) {% hint style="info" %} #### BONUS INFO If you click "**View script**" you can actually save it as a PowerShell script and re-use it the next time you have to create a new Active Directory Forest. {% endhint %} ![Windows Server 2019 - Active Directory](/files/-LzlR5NBM40p7J7lULuY) **Step 8.** The system will now verify all the prerequisites, this might take a few seconds to validate. You will see the message "**All prerequisite checks passed successfully.**" if everything went as it should. The yellow triangle with an exclamation mark is okay since this is a new LAB environment. For example, I do not have any existing Windows DNS server in my environment, so I can just ignore that "warning". Click "**Install**" (*The system should reboot automatically during this process...*) ![Windows Server 2019 - Active Directory](/files/-LzlO5jm_4DEpAZrTDi_) **Step 9.** After a reboot the Active Directory installation is done and you should be able to log on to the domain for the first time. ![Windows Server 2019 - Active Directory](/files/-LzlOAUREmGsm5hukmxn) Now that we have successfully installed and configured the Active Directory server role on my DC server, let's move on to the DHCP server role installation. Click "**Next**" below or click "**DHCP**" in the menu to the left. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.osdsune.com/home/archive/microsoft-configuration-manager/configmgr-lab/part-3/active-directory.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.