Let’s install and configure Active Directory service. We will do below activity:
- Install AD DS
- Configure new DC
- Join in Domain from Client host
- Add User Accounts
- Add Group Accounts
- Add Organizational Unit
- Add Computer Accounts
Install AD DS
Step 1: Run Server Manager and Click Add roles and features and click Next on first page.
Step 2: Select Role-based or feature-based installation.
Step 3: Select a Host which you’d like to add services.
Step 4: Check a box Active Directory Domain Services.
Step 5: Additional features are required to add AD DS. Click Add Features button.
Step 6: Click Next button.
Step 7: Click Next button.
Step 8: Click Install button.
Step 9: After finishing Installation, click Close button.
Configure new DC
Step 1: Run Server Manager and click AD DS, next, on the screen below, Click More… link which is upper-right on the left pane.
Step 2: Click Promote this server to domain… link.
Step 3: Check a box Add a new forest and input any Domain name you’d like to set for Root domain name field.
Step 4: Select Forest functional level and Domain functional level. This example shows to select Windows Server 2016 both. Furthermore, Set any password for Directory Services Restore Mode.
Step 5: Click Next button.
Step 6: Input NetBIOS name you’d like to set.
Step 7: Specify Database folder or Log folder and so on. It’s Ok to keep default if you don’t have specific requirements.
Step 8: Check the contents you configured and click Next button.
Step 9: Click Install button. After finishing it, System will restart automatically.
Step 10: After restarting System, logon name is changed as Domain name/ User name.
Step 11: It’s OK if logged in normally.
Join in Domain from Client host
Join in Active Directory Domain from Other Windows Client Hosts. This example is based on Windows 10.
Step 1: Open Network settings and then, select TCP/IPv4 and click Properties button.
Control PanelNetwork and InternetNetwork Connections
Change to DNS settings to refer Active Directory Host.
Step 2: Open System and click Change settings link which is lower-right.
Step 3: Move to Computer Name tab and click Change button.
Step 4: Check a box Domain and input domain name and next, click OK button.
Step 5: Authentication is required, authenticate with a domain User in Active Directory.
Step 6: After successful authentication, Welcome message is shown like follows. Restart the Computer once.
Step 7: On the logon screen after restarting Computer, click another user to switch Domain user to logon. Authenticate with a Domain user you added.
Step 8: You have just Logon to Active Directory Domain.
Add User Accounts
Step 1: Run Server Manager and click Tools -> Active Directory Users and Computers.
Step 2: Right-Click Users on left tree and select New -> User.
Step 3: Input Username and Logon name for a new user.
Step 4: Set initial password for a new User.
Step 5: Check contents you set and click Finish button.
Step 6: A new user is just added.
Add Group Accounts
Step 1: Run Server Manager and open Tools -> Active Directory Users and Computers, next, Click with right button Users on left tree and select New -> Group.
Step 2: Input a Group name you’d like to add.
Step 3: A new Group is just added.
Step 4: For adding users in a Group,
Right Click the Group and Open Properties.
Step 5: Move to Member tab and Click Add button.
Step 6: Input a user you’d like to add to this Group and Click OK.
Step 7: Confirm the Properties of the user you added to the Group.
Add Organizational Unit
Step 1: Run Server Manager and open Tools -> Active Directory Users and Computers, next, right-Click your domain name on the left tree and select New -> Organizational Unit.
Step 2: Set any name for OU.
Step 3: A new Organizational Unit is just created.
Step 4: It’s possible to configure hierarchical design for Organizational Unit.
Add Computer Accounts
By default settings, if you don’t add Computer Accounts by yourself, Computers can join in Domain with common users rights who don’t have admin privileges. So if you’d like to limit authentication users when computers join to Domain, Add Computer Accounts beforehand.
Step 1: Run Server Manager and open Tools -> Active Directory Users and Computers, next, right-Click Computers on the left tree and select New -> Computer.
Step 2: Input a new Computer name. By default, the users when used for authentication to join in Domain are Domain Admins group users, but if you’d like to change it, it’s possible to change it on User or group field.
Step 3: A new Computer is just added.
Yes, You just completed Active Directory.
