Part 3 – Installation of Active Directory Domain Services

 Part 3 – Installation of Active Directory Domain Services

In previous posts we have created the Virtual Machines needed to create this environment.Now we need to set up Active Directory.

After a new install of Server 2012 Server Manager will auto launch by default.  From Server Manager select Add roles and features. 

On the Add Roles and Features Wizard, select Next.

Roles and features wizard

Roles and features wizard

On the select Installation type screen, select Role-base or feature based installation. Select Next to continue.

role based config

role based config

Server 2012 lets you install roles and features on different servers. Select Select a server from the server pool and choose DC1. Select Next to continue.

Server selection

Server selection

On the select Server Roles screen select Active Directory Domain Services. You will be presented with a dialog box immediately after.

Select AD Domain Services

Select AD Domain Services

This dialog box informs you that other tools will be installed as well as the initial install of AD domain services. Select Add Features.

 6

Select Next at the Add Roles and Features wizard to install Active Directory Domain Services.

AD DS selected

AD DS selected

Select Features will ask you if you would like install any additional features.We will need .Net Framework 3.5 later on, so select it.Select Next to continue.

 

Adding .Net Framework 3.5

Adding .Net Framework 3.5

The Active Directory confirmation screen will appear. Read the information presented and select Next.

AD confirmation screen

AD confirmation screen

The confirmation dialog box is shown, since this not a production server I selected OK to restart the server after.You will receive an additional dialog box if you select the option to restart your server if required. I also have an error message indicating an alternate source path may be needed. This is related to the .net framework 3.5 selected earlier.

AD confirmation 2

AD confirmation 2

Select specify an alternate source path at the bottom of the screen.

alternate source path

The alternate source path is d:\sources\sxs, this will point the installer to pull from this directory to install .Net Framework 3.5. Select OK.

Full alternate source path

Full alternate source path

The Additional dialog box confirms if you really want to restart your server after the first part of this install. Select Yes.

 Full alternate source path

Full alternate source path

Select Install to continue.

ready 2 go

Ready to Install

Installer progress:

installer running

installer running

The install continues, and will restart the server after. After the system restarts, Server Manager will launch and you will have to promote the server to a domain controller. Active Directory services have been installed to the server but this process does not automatically promote the server to a domain controller. Select Promote this server to a domain controller.

promote new dc

promote new dc

On the deployment configuration page you can create a new domain. You want to select Add to a new forest. This can be a company name, a .LAB name, a .LOCAL name or many other domain names. In my example , I am calling the domain BluePalace.LAB. 

Name the domain

Name the domain

Select Next to continue.

In my example, the domain controllers functional and domain functional level will be Server 2012 based. However you may want to have backwards capability, and may Select Server 2008 or Server 2008R2.

Create a Directory Services Restore Mode password. Be sure to memorize this password in case there are any problems. Select Next to continue.

set domain and forest functional level

Setting domain and forest functional level

The DNS Options screen will give you an error message after selecting next. Select Next to continue. After selecting next you will have another error message. This error message is expected select OK to continue.

DNS operations screen

DNS operations screen

You can ignore this warning message and select OK..

14

On the Additional Options screen, select Next.

Netbios Name

Netbios Name

The primary paths are normally changed for database, log files, and SYSVOL (System Volume) but since I am using a LAB environment the defaults are fine. Select Next. 

Keep at defaults

Keep at defaults

The Review options screen informs you of what changes are about to take place. Select Next to continue.

AD DS final review

A prerequisite checker will start in order to ensure all of the changes that are going to take place will pass before promoting the server to a domain controller. Select Install to continue. These additional steps of making sure everything passes,  which was not featured in previous windows versions.

 

AD DS pre req check

AD DS pre req check

After the install completes the server will generate a message that the server is going to be restarted. Select close to allow the server to reboot.

19

Once the system reboots, you will now need to enter your useraccount as domain\username as this server is now a domain controller for you new domain. In my example, its BluePalace\Administrator.

blue palace first login

blue palace first login

When you login, you will see in Server Manager that AD DS is now listed, along with DNS.

ad ds installed

Although backward, we will assign a Static IP Address to the domain controller. This will ensure the domain controller does not receive a new address assigned by DHCP.

In server Manager, select Local Server from the panel on the left. From there, click on the Ethernet link called IPv4 address assigned by DHCP, IPv6 enabled. 

2 nics

This will cause Network Connections to open. Right click on the Ethernet Network and select Properties.

ethernet

On Ethernet properties dialog, select Internet Protocol Version 4 (TCP/IPv4) and click the properties button.On the Internet Protocol Version 4 (TCP/IPv4) dialogbox, enter a static IP address, Subnet mask, and default gateway. Dns should be already set at 127.0.0.1 the local loopback address.

new network settings

new network settings

Click OK to continue.

You have now configured your first system to use a static IP Address. You will want to also repeat the same process for the ConfigMgr Server, except instead of using DNS at the local loopback ip address 127.0.0.1 use the DC running domain services at 192.168.1.103

Add systems to the domain

Now that the new domain is set up, your other systems need to be added to this domain. Add your first SCOM server to this domain.

Log into the systems you want to add to the domain. To do this in Server 2012, launch Server Manager, and click on Local Server.

local server selected

local server selected

 

Now select the computer name. This will launch the system properties dialogbox. On this dialog box select the Change button.

predomain add

 

From this dialog, select the domain option. Nowenter the domain you have used. In my example, I am adding this server to the BluePalace domain. Note, you will not enter a .com for domain name, just the precursor domain name.

Bluepalace adding

Changed to BluePalace domain

Select Ok. You will be presented with a dialogbox to ask for the account credientals of an account that has Domain Admin rights. In my example, it’s BluePalace\Administrator. Enter the password for the account as well and select OK.

AD adding security prompt

AD adding security prompt

Once the system has been joined to the domain you will recieve a welcome message. Press OK to continue.

Has been added to the domain

Has been added to the domain

After you press OK you will receive a second dialog box indicating you will need to restart the system for the changes to take effect.

domain restart ok

Select OK to close this box. Select Close to close the System Properties box. You will now see the option to restart your server. Select Restart Now to restart your server.

restart now yep

Once your system restarts you will be presented with the login screen. You should use a domain account in order to now use domain resources on your system.

configmgr login

In addition we will allow Remote Desktop connections to this Domain Controller.

On the next post we will start configuring the Active Directory.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s