Tutorials

▷ Install active directory on windows server 2016

Table of contents:

Anonim

Today we are going to see the interesting and useful task for a managed to install the Active Directory domain controller in Windows Server 2016. This is one of the most frequently performed tasks in business environments where there are a large number of workstations and workgroups with different roles. The Active Directory domain tool will provide us with the necessary resources to create objects such as users, groups, directories, etc. They are to be used on a LAN network.

Thanks to it, users will be able to connect to their computer through a user stored on a main server who will be in charge of managing and providing all the necessary information about them. It is the easiest and safest way to centralize the human resources of a company.

Index of contents

In a previous article, we learned in detail what this tool consisted of, along with the most important concepts about it. Now it's time to put this into practice and create our own Active Directory domain controller on Windows server.

First steps: necessary settings

If we have just installed our Windows Server, and if we have read a bit about the necessary features, or at least recommended ones about Active Directory, we will know that we will have to make some adjustments to our server to adapt it to the needs. These are as follows:

  • Network configuration: it is not only applicable to Active Directory, a server must always have a fixed IP address configured. This will ensure that we never lose connection to this core team through your clients. In addition, it will also be necessary to establish the gateway connecting the server to the internet as the DNS server. In this case you can have a firewall, a dedicated DNS server or our own router. Equipment characteristics: we will also see it necessary to modify the name of the server and thus be able to identify it in a better way for its access and management. You will need to have at least 2 GB of RAM, 35 GB of storage space on your hard drive and a network adapter that at least supports the Gigabit Ethernet standard.

Fixed IP network configuration

Well let's go step by step. We will proceed to change our server IP settings. What we must do is go to the taskbar and open the options of the network connection icon. We will click on " Network Configuration ".

Then we go to the option " Change adapter options " to open the list of adapters configured on our server.

We will have to take into account that we must know the IP address of our gateway (router) to place it in this configuration. If we still don't know, we can do it directly from here.

For this we would have to right click on the network adapter and choose the " Status " option. Next, click on " Details " and a window will appear where we will have to look at the " Default gateway " line

Once this information is known, we will click with the right button on the one assigned to the internet connection, if we only have a network card. Otherwise you must on the network card to which the clients that will access Active Directory will connect. We will click on " Properties ".

We go to the option of " Internet Protocol version 4 (TCP / IPv4) " and click on " Properties"

We will meet in the window to make the configuration. This will surely be different, depending on where our server is located. For users who are for example in a home with a normal network configuration, the configuration will be very similar to this.

  • IP Address - The first three digits must match the default gateway. The following we can put the one we want, for example, the one that had been assigned until now. Subnet mask: Almost in most cases it will be 255.255.255.0 Default gateway: the one we have already discussed in the previous step. Preferred DNS server: we also enter the address of our router / DNS. Alternative DNS: we use any one, for example, Google's. 8.8.8.8

The result will be similar to this one.

Now we just have to click on " Accept " and then " Finish ". We will already have the IP correctly configured.

Name of the team

It is not necessary, but we consider it important to easily identify our server on the network.

To do this, we must go to the " Server Manager " panel, a tool that starts automatically when Windows Server is opened. Otherwise, we will have it in the start menu.

Once here, click on the " Local server " section and then on the " Computer name " option.

In the window that appears, we will have to go to the " Team name " tab and click on " Change... ".

In the new window, we will only have to write what we want in the " Team name " text box

Then we accept all windows and restart our server. Yes, for this nonsense we will have to restart a server, Microsoft has not yet learned to apply trivial changes without restarting.

In any case, when we have done it, we will see that the name will already be changed.

After this, we proceed to install Active Directory on Windows server 2016.

Install Active Directory on Windows server 2016

Windows server relies on server roles to install the different tools with which it will provide service. This structure is a great idea and very visual. In this case, what we want to do is add the role to Windows Server of Domain Controller.

Well, we will go back to the " Server Administrator " window, and we will go to " Add roles and characteristics ", within the " Manage " option.

The domain controller installation wizard will start. On the first screen, if we comply with the recommendations, we will click on " Next ".

Then we choose the option “ Installation based on characteristics or roles ”.

In the next window we will have to select the server that will be in charge of doing this. Since we only have one, it will already be added by default. Click on " Next"

In this new step, we will have to take actions. We must identify in the list the option " Active Directory Domain Service " and activate it.

We recommend that, if we have not yet assigned a DNS server in our network, we also activate the “ DNS Server ” box so that Windows server provides us with these necessary services.

When we click on each of the options, a window will appear notifying what is going to be installed. We click on " Add features ". Then, click on " Next ".

In this new window we will not do anything, but we can see how the wizard recommends that we install DNS role on the server. We have been forward-looking and have already done so in the previous step.

Now two windows will appear to inform us of the features that we are going to install are the DNS role and Active Directory. We press everything “ Next ”.

Finally, we will see a summary of everything we are going to do on our server. The process will surely take a while. We must give " Install"

We can close if we want the window, because after installation, we will have to go back to the Server Administrator tool

Configuring installed roles

Once the Active Directory role is installed, its configuration will be necessary. On the DNS server, an explicit configuration will not be necessary, so we will focus on our main option.

Promote server to domain controller

Now what we will have to do is complete this role configuring our server as a domain controller. In this way we will add a new domain, which implies creating a tree and a forest in which this domain is stored. We already saw this in the theory article.

The case is that located in the Server Administrator tool, we will have to go to the Notifications icon and open it. Now we click on " Promote this server to domain controller ".

Strange as it may seem in Windows, a configuration wizard for the new domain will appear. We choose the option " Add a new forest " and put a new name on it.

We must bear in mind that we will have to divide in name by means of labels, for example mydomain.com or something similar.

In the next window, we will also have to define a series of parameters. In our case we are going to leave the options that come already predefined, and we will put a password for when we need to restart Active Directory. (not the server administrator password)

The next screen will be to choose to create a DNS delegation for the domain. In our case we do not want to do this, so we click " Next " directly.

Next we will have to assign a NetBIOS name to the domain that we want to create. This fact is very important, because it will be the name that we are going to use to connect the computers in the domain. When we have it, we will go to the next window, and then to the next.

As we do not want to change the routes of the domain database we will go to the next screen, where a summary of what we have done is shown. If we see that something is not as it should be, we will only have to go back. Since this is not our case, we continue.

Now we will be located on the final screen, where, after waiting a few seconds, the option to " Install " will appear. We press then. We can skip the warnings that appear to us, since just below it will notify us that the checks are correct.

After a reasonable time, the forest will be defined and we will need to restart the server to apply the changes.

Once it has come back to life, we can start managing our active directory by creating users or other objects. For our part, we are going to see how to create a user and then use it in a connection from a client.

Create user in Active Directory in Windows Server 2016

We open the server administrator window to go to the section " Local server l". Click on " Panel " to see all our installed roles, in our case we will have DNS server and Active Directory server. For now the DHCP server we will leave it pending for another article.

We must click on the option " Active Directory Administration Center"

The administration tool for our active directory will appear. We must head to our forest, with professional name review to see all the domain and organizational units. Here we must go to the end of the whole, where we will find the unit of " Users ". We double click on it.

Once inside, we will see a list of users already created, but we are interested in creating one so that it can be used by a client. To do this, click on " New -> user " located on the right side panel.

Now a form will appear to fill in the information about it. We will have many options to fill in, and we will also be able to configure the password expiration options and different permissions about it.

Now click on "OK" to create it. Now we can go to a client and be able to use Active Directory. But we will do this in another tutorial so that this is not so long, since we will have to make some configurations to connect the client to the domain.

We also recommend:

What do you want to use Active Directory for? We hope the tutorial has been useful to you. Leave us in the comments that you think.

Tutorials

Editor's choice

Back to top button