Install the Active Directory Domain Services (AD DS) Role
Open Server Manager:
Click on the Windows icon on your desktop and search for Server Manager, or press
Windows + R, then type servermanager and press Enter.Add Roles and Features:
In Server Manager, click on Manage (top-right) and select Add Roles and Features.
Role-based or Feature-based Installation:
Choose Role-based or feature-based installation and click Next.Select Server:
Select the server (usually the local server) from the server pool and click Next.Select Server Roles:
Scroll down and select Active Directory Domain Services.You may see a pop-up asking to add additional features (such as DNS Server). Click Add Features to install them.
Click Next.
Select Features:
On the features page, simply click Next (no need to select anything else).Confirm and Install:
Review the installation and click Install.
The server will now begin installing the necessary files.
Promote the Server to a Domain Controller
After the AD DS role is installed, you need to promote the server to a Domain Controller.
Open Server Manager:
Once the role is installed, go to Server Manager.Promote this server to a domain controller:
In the Server Manager dashboard, there should be a notification that says "Promote this server to a domain controller".Click on this link.
Deployment Configuration:
Select Deployment Option: Choose Add a new forest (if this is the first Domain Controller in the forest).Root Domain Name: Enter the Fully Qualified Domain Name (FQDN) of your domain. For example,
example.local or example.com.Click Next.
Domain Controller Options:
Forest Functional Level: Leave the default setting as Windows Server 2016 (or select higher if necessary).Domain Functional Level: Leave the default as Windows Server 2016.
Global Catalog: Ensure Global Catalog is selected.
DNS Server: Select DNS server (it should be selected by default).
Read-Only Domain Controller (RODC): Leave this unchecked for now.
Directory Services Restore Mode (DSRM) password: Set a Directory Services Restore Mode (DSRM) password. This is important for recovery purposes.
Click Next.
DNS Options:
You may see a warning about DNS delegation. This is fine, and you can click Next.Additional Options:
Verify the NetBIOS name of your domain. It will automatically generate based on the domain name you entered earlier (for example, "EXAMPLE").Click Next.
Paths:
You can leave the default file locations for the Database, Log files, and SYSVOL folder. Click Next.Review and Install:
Review all the settings, and if everything looks correct, click Next and then Install.The server will begin the promotion process. It may take a few minutes.
Restart the Server:
After the installation completes, the server will automatically restart to finalize the promotion.Verify the Domain Installation
Log In as Domain Administrator:
After the server restarts, log in using the Domain Administrator account. You can use the formatDomainName\Administrator or simply Administrator if logged in locally.Check Domain Status:
Open Server Manager and verify that the server is now listed as a Domain Controller.You can also check by running
Active Directory Users and Computers from the Tools menu in Server Manager to confirm that the domain has been set up properly.Verify DNS Configuration:
Open DNS Manager from the Tools menu and verify that DNS records for your domain are created (such as_ldap._tcp, etc.).Test Domain Join:
On another computer, try joining it to the domain you just created. Open System Properties and click
Change settings under the Computer Name section.
Select Domain and enter the domain name (e.g.,
example.local).Enter the Domain Administrator credentials when prompted.
