Step 04: Installing and Configuring a Domain Controller

This step requires some planning in terms of choosing your domain name and how you want to design and deploy your AD (active directory) and DNS (domain name system).

For this example we will configure one domain controller for the forest (the top-level domain), i.e., “tfplocal.net”, and another domain controller for the child (sub-domain), i.e., “xyz.tfplocal.net” that will be staged at either a LAN (local area network) or on a WAN (wide area network). In other words, for this example, the first domain controller will be at the main or central office, and the second will be in one of the remote office locations.

Begin by promoting the server to be a domain controller for the top-level domain (“tfplocal.net”). To do that, select Start > Run and type in “dcpromo” and click OK…
… which triggers a welcome screen:
Click Next, which triggers display of an Operating System Compatibility screen; again, click Next:
You should now be at the Domain Controller Type dialog screen:
You need to select a domain controller type here. Because this is the first domain controller — what is commonly referred to as the primary domain controller (PDC) — you will want to set it up as a Domain controller for a new domain, unless you already have another domain controller and want the new domain controller to be a backup domain controller (BDC) or an Additional domain controller for an existing domain. Make your selection and click Next.
The next screen has three options for configuring the new domain type. In this example, we opt for Domain in a new forest and then click Next:
On the next screen, enter the domain name chosen earlier. In this example, we use “tfplocal.net”. Click Next:
You are now at the NetBIOS Domain Name dialog screen. In this example, we accept the default, which derives from the domain name we entered earlier. Click Next:
The next dialog screen if for configuring Database and Log Folders. This is where the Active Directory data will be located. If you are confident about an alternative location you would use for this purpose, you can customize it, but here simply accept the default settings and then click Next:
The Shared System Volume screen is where a copy of the domain files will be kept. In this example, we accept the default location and then click Next:
Diagnostic Failed! – Whoa! Weren’t expecting that, right? Well, the DNS Registration Diagnostics dialog will do this if the DNS is not yet configured, as in this example. Windows here gives you an option to set it up now or later, since it is required for Active Directory zones.
Select the second option, illustrated here, that will Install and configure the DNS server automatically. (This will not setup reverse lookup Zones; we will set them up in a later step, along with our preferred DNS servers in the TCP/IP configuration.)
The next dialog is Permissions. If you have any pre-Windows 2000 hosts in your network, you want to select the first option; otherwise, the second option is selected by default. Click Next:
At this point you are prompted to provide and confirm your password for Restore Mode. This step is crucial: Be sure to use a strong but easily remembered password, so that you can recall it in the event you ever have to deal with Directory Services Restore Mode. Click Next:
This next dialog is simply a summary of what we have done so far. Make sure all the information is correct before clicking the Next button:
The Active Directory wizard will start, as illustrated below. It will take a while, depending on the options selected earlier.
While the Active Directory wizard is running, you will have the option to skip the DNS portion of the installation, if you so choose:
Once the Active Directory configuration is complete, you will see a dialog box confirming that all went well and the installation is complete. Click Finish:
The system will require you to restart; go ahead and do so by clicking the Restart Now button:
Once you restart your server, it will ask you to press CTRL+ALT+DELETE; do so and you will get a login screen. Notice that the login prompt has changed, now including a prompt for a “log on to” option, promoting the server to become a domain controller. Type in the username “Administrator” and your password, and then select the newly configured domain (in this example, “tfplocal”) from the drop down list. Click OK to proceed: