The latest addition to the Windows Server versions is the Windows Server 2016. Setting up an Active Directory may be something you have already done in the previous versions, but still, getting to know the steps needed to set up an Active Directory role for 2016 is important.
There are two important steps to consider before starting this process. If the Windows Server is to be used in a production environment, the IP addresses should be defined as static. The other thing to keep in mind is to rename the server to a suitable name because renaming the server after the AD has been defined may not be all that easy.
In this article, we will look at:
- Installing the Active Directory
- Setting up the Domain Controller
All these two activities need administrative privileges because they are the foundation of user and group management, policy, and security in a typical server environment.
Installing the Active Directory
- Click on the Start button then on the Server Manager icon.
- The Server Manager dashboard will load, giving access to the roles and features wizard. Click Next to proceed.
- Choose the installation type as the default (role-based or feature-based installation).
- The next step is to select the Installation Server from the already existing server based on the local server list.
- When you click on Next, a pop-up screen will appear. Check the Active Directory Domain Service box. The associated features specific to that role will pop up. Another pop-up wizard will show up that enables you to add the selected role(s).
- Click on the add featured followed by Next. The .NET 4.6 features should be checked on the following screen.
- On the Active Directory Services screen, click on Next. You will be given an overview of the roles of a Domain Controller and all the services that will be installed. All first Domain Controllers require that a DNS service be set up after this step.
- Click on Install to initiate the process.
- Once the installation is complete, click on the Promote this Server to a Domain Controller option.
- An Active Directory configuration wizard will open up with an option to:
- Add a Domain Controller to an existing Domain
- Add a new Domain to an existing Forest
- Add a new Forest
Setting up the Domain Controller
To set up a new Domain Controller, select the option Add New Forest and type in the root Domain name.
- The next screen is for selecting the Domain and Forest functional levels. The Directory Service restore mode password should be entered if the first Domain Controller use Windows Server 2016 as the forest and functional. The DNS option should also be checked alongside the Global Catalog (GC). Click on Next.
- When configuring the first DNS server in a new Forest, an error message is bound to pop up. For now, no need to make any modification because the Domain Controller is using the Active Directory integrated DNS. Click on Next.
- Click on the NetBIOS Domain name (selected by default) and click on Next. For the NetBIOS name, the default is okay.
- Next wizard is the selection of paths in the Active Directory database, Log files folder, and SYSVOL folder. The default values are okay. Click on Next.
- Then we have the review wizard that contains all the selected configurations. Review everything and make necessary changes. If no change is needed, you can click on Next.
- Pre-requisite checks are needed to make sure everything falls into place. The install button will only be active once the pre-requisite check has passed. If the checks are successful, click on Install.
- The server will automatically reboot when the installation has finished.
Once the computer reboots, log in as the Domain administrator and head straight to the Administrative Tools. Open the Active Directory users and computers to confirm successful operation of the Active Directory and the DNS.
Other Things You Need to Know
Setting up Static IP addresses on Windows Server 2016.
- Open the Control Panel.
- Click on the View Network and Status Tasks found in the Network and Internet applet.
- Click on Change Adapter Settings.
- Right click on Network Connections and select Properties from the pop-up menu.
- Scroll down, select Internet Protocol Version 4 (TCP/IPv4) and click on Properties.
- Key in the IP address, the subnet mask, and the default gateway. The preferred and alternate DNS server addresses are also needed. Click OK.
- Reboot the server.
The new features made available in Windows Server 2016 should also make system administrators aware of the minimum system requirements to install and configure both Active Directory and Domain Controller.
Here are the minimum software and hardware requirements:
- A 1.4 GHz 64-bit processor compatible with the x64 instruction set.
- Support both NX (no execute) and DEP (Data Execution Prevention).
- Supports second-level address translation such as EPT and NPT.
- At least 512MB (if you are installing a server with a desktop environment, then a minimum of 2GB is needed).
- RAM with ECC (error correcting code).
Storage Controllers and Disk Space
- A computer designed to use the Windows Server 2016 Operating System should have storage adapters compliant with the PCI Express specifications. Hard disks or any permanent form of storage cannot be PATA since Windows Server 2016 does not allow ATA/ PATA/ IDE/ EIDE configurations.
- Hard disks can have a minimum partition requirement of 32GB.
- Any adapter that can use gigabit throughput.
- A card compliant with PCI Express architecture.
- A card that supports Pre-Boot Execution Environment (PXE)
- A network debugging enabled card is desirable, but not a requirement.
Installation of the Active Directory is almost standard across all Windows Server Operating Systems. Some people may use their experience to set up a new Active Directory without putting into focus the minimum hardware and software requirements needed. When handling an installation in an old system, you may be forced to confirm if all the requirements are met.
We hope that you find it helpful to have read this article.
Do you have unclear NTFS Permissions assignments?
Do you have too many special permissions set on your fileservers?
Or blocked NTFS Permission Inheritance?
Protect yourself and your clients against security leaks and get your free trial of the easiest and fastest NTFS Permission Reporter now!