Install and Configure Active Directory on Windows Server 2022
Active Directory is essential for managing users, computers, and resources in a network environment. Administrators can easily manage and secure user accounts, group policies, and resources. This guide will teach you how to install Active Directory on Windows Server 2022 using the GUI. I will also go through some basic configurations to get you started. All these steps can be completed using PowerShell; look out for the PowerShell tips.
180-Day Windows Server Trial
Did you know you can get a 180-day free trial of Windows Server 2022 – Simply download direct from Microsoft.
- Processor: 1.4 GHz 64-bit processor
- RAM: 2 GB or higher
- Hard Disk Space: At least 40 GB of free space on the system drive
- Network Adapter: A network adapter that supports Ethernet, Fast Ethernet, or Gigabit Ethernet
- DNS Server: A DNS server should be configured or available on the network
- Domain Name: A unique and valid domain name should be selected
Static IP Address
Before installing AD, ensuring the server has a static IP address is important. This will prevent the IP address from changing, which can cause issues with the AD installation.
Note: Set the IPAddress and Default Gateway to your local values
To set a static IP address:
- First, open the Network and Sharing Center.
- Select your primary Ethernet connection. (Usually called Ethernet#1)
- Click on Properties
- Select Internet Protocol Version 4 (TCP/IPv4) from the list.
- Click on Properties
- Enter the IP address, subnet mask, default gateway, and DNS server address.
New-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress "10.1.1.10" -PrefixLength 24 -DefaultGateway "10.1.1.1"
It is important to note that the DNS server address should be set to the server’s IP address (127.0.0.1). This will ensure the server can resolve its hostname and prevent issues with the Active Directory installation.
Once the static IP address has been set, you can proceed with the AD installation.
Step 1 – Add the Active Directory Domain Services Role
The first step in installing AD is to use Server Manager to add the Active Directory Domain Services role. To do this:
- Open Server Manager and Select Add Roles and Features from the Manage menu.
- Press the Windows key + R on your keyboard to open the Run dialogue box.
- Type “servermanager” in the Run box.
- Click on the “OK” button or press Enter.
- Click Next until you reach the Server Roles screen. Select Active Directory Domain Services and click Next.
- Review the features and click Next again. Finally, click Install to begin the installation process.
Install-WindowsFeature -Name AD-Domain-Services, RSAT-AD-Tools -IncludeManagementTools
Step 2 – Install Active Directory
After installing the Active Directory Domain Services role, you must promote the server to a domain controller.
To do this,
- Open Server Manager
- Select the Active Directory Domain Services role from the Dashboard.
- Click on the Configuration Required link to open the configuration wizard. Follow the prompts to configure the necessary settings, such as the domain name, domain functional, and forest functional levels.
Install-ADDSForest -DomainName "turbogeek.co.uk" -DomainNetbiosName "TURBOGEEK" -DomainMode "WinThreshold" -ForestMode "WinThreshold" -InstallDns -NoRebootOnCompletion
Step 3 – Setup the Domain
After selecting Promote this server to a domain controller, you will see the screen below. Fill in the information that’s relevant to you.
- Complete the Deployment configuration.
- Add the domain controller to an existing domain, add to an existing forest, or create a new one. In this example, I am creating a new forest called turbogeek.co.uk
- Set the Domain Functional Level and set a domain administrator password. I have also selected my domain controller as the DNS server and Global Catalog.
To find out more about Domain Functional Levels, click here.
If required, you can configure your DNS settings on the next page. In my example, I am skipping this warning because my domain controller will be the DNS server too. It may be different in your domain.
- The installer should automatically populate the NetBIOS name on the next screen.
- Next, set the location to save the AD database, log files, and SYSVOL. In this example, I will leave these values as the default.
- You may want to move NTDS and SYSVOL to separate disks in a production environment. This can improve performance on very large AD deployments.
- Click next on the Review Options and Prerequisites Check pages.
- Once the installer is running, give it a few minutes to complete the installation.
Step 4 – View Active Directory Users and Computers
- Then, from Server Manager, Open “Active Directory Users and Computers
- Equally, you can type dsa.msc from the command prompt or Powershell CLI
Installing AD on Windows Server 2022 is crucial in managing users, computers, and resources in a network environment. By following the steps outlined in this guide, you can ensure that the installation is successful and that your network environment is secure and easy to manage. Remember to verify the successful installation and access AD tools to ensure everything works correctly.
Windows Server Hints and Tips
Here are some hints and tips for Windows Server 2022:
Use Server Core installation:
Server Core installation provides a minimalistic interface with less disk space usage and fewer vulnerabilities, making it more secure and easier to manage.
Enable Windows Admin Center:
Windows Admin Center is a web-based tool with a graphical interface for server management tasks. It’s free and easy to install, making it a valuable addition to any Windows Server 2022 environment.
Use the latest security features:
Windows Server 2022 has many built-in security features, such as Credential Guard, Device Guard, and Just Enough Administration (JEA). It’s recommended to enable these features to enhance the server’s security posture.
Consider using Azure Hybrid Benefits:
If you have an Azure subscription, you can use the Azure Hybrid Benefits to save money on your Windows Server 2022 licensing costs. This benefit allows you to use your existing Windows Server licenses to run virtual machines in Azure, reducing the need to purchase new licenses.
Use Storage Spaces Direct:
Storage Spaces Direct is a software-defined storage solution that allows you to use commodity hardware to create highly available and scalable storage solutions. It’s easy to set up and manage and can be a cost-effective alternative to traditional storage arrays.
Use the Windows Server Update Services (WSUS):
WSUS is a built-in feature allowing you to manage and deploy Windows Servers and other Microsoft product updates. Therefore, using WSUS can help you maintain the server’s security and stability by keeping it up-to-date with the latest patches and updates.
Enable Remote Desktop Protocol (RDP) with caution:
RDP is a convenient way to access the server remotely but can also be a security risk if not configured correctly. It’s recommended to use Network Level Authentication (NLA) and limit the number of users accessing RDP.
These are just a few hints and tips for Windows Server 2022, and there are many other features and best practices to explore. It’s important to stay informed and up-to-date with the latest developments and security updates to ensure the server’s optimal performance and security.
FAQ on Installing Active Directory on Windows Server 2022
What is Active Directory?
Active Directory is a Microsoft service that manages identities and authentication for resources, including users, computers, and applications. It simplifies the management of user accounts and enables centralized management of security policies.
What are the system requirements for installing Active Directory on Windows Server 2022?
To install Active Directory on Windows Server 2022, your server must meet the minimum hardware and software requirements. These include a 64-bit processor with a minimum of 4 GB of RAM and 64 GB of available disk space.
Can I install Active Directory on a Windows Server 2022 Core installation?
You can install Active Directory on a Windows Server 2022 Core installation. However, the process is command-line based, and you will need to use PowerShell or the Sconfig tool to install and configure Active Directory.
How do I install Active Directory on Windows Server 2022 using the Server Manager?
To install Active Directory using the Server Manager, launch the Server Manager and click on “Add roles and features”. Then select the “Active Directory Domain Services” role and follow the wizard to complete the installation.
How do I configure Active Directory after installation?
After installing Active Directory, you must configure it by running the Active Directory Domain Services Configuration Wizard. This wizard will guide you through the process of configuring your domain, including setting up DNS, creating a domain controller, and configuring forest and domain functional levels.
Can I install Active Directory on Windows 2022 Nano Server?
You cannot install Active Directory on a Windows 2022 Nano Server. Nano Server is a lightweight installation option that does not include the Active Directory Domain Services role.
What is the difference between a domain and a forest in Active Directory?
A domain is a logical group of computers, users, and devices with a common security database. A forest is a collection of domains with a common schema and trust relationship. A forest can contain one or more domains.
Can I add a Windows Server 2019 domain controller to a Windows Server 2022 domain?
You can add a Windows Server 2019 domain controller to a Windows Server 2022 domain. However, you must ensure that the forest and domain functional levels are compatible with Windows Server 2019.
Can I install Active Directory on a virtual machine running on Windows Server 2022?
Yes, you can install Active Directory on a virtual machine running on Windows Server 2022. However, you must ensure that the virtual machine meets the minimum hardware and software requirements for installing Active Directory.
What are some best practices for securing Active Directory on Windows Server 2022?
Some best practices for securing Active Directory include enforcing strong passwords, limiting administrative access, enabling auditing, and monitoring logs for suspicious activity regularly. You should also keep your server up-to-date with the latest security patches and updates.