About Active Directory Domain Services (AD DS)
Active Directory Domain Services a.k.a. AD DS is a service that is integrated in Windows Server 2008 R2 but does not get automatically installed along with the installation of the operating system. When Windows Server 2008 R2 is installed, initially it works as a client operating system that can be connected to a workgroup infrastructure to work as a member of the peer-to-peer network.
Need of Active Directory Domain Services (AD DS)
In small-scale industries or in Small Office/Home Office (SOHO) environments, where there are not more than 15 to 20 computers, it is recommended that a workgroup network environment should be created, and each computer should be managed individually. The reason behind this recommendation is that in small-scale industries or in SOHO networks, it is somewhat impractical and unrealistic to have a dedicated computer system to work as a server. Moreover, since the numbers of computers are limited in such setups, it is easier for the administrators to manage and monitor all computers separately without any additional efforts.
On the other hand, in medium to large scale industries where there are several computers in the network, it becomes practically impossible for the administrators to manage each computer individually. In such scenarios, administrators can install Active Directory Domain Services on Windows Server 2008 R2 in order to centrally manage all computers in the network simultaneously, with least administrative overhead, and right from their own desks.
When Active Directory Domain Services is installed on Windows Server 20008 R2, the computer is technically known as a Domain Controller a.k.a., which then becomes capable of managing, authenticating, and providing services to all client computers that are added as its members.
After the successful installation of Active Directory Domain Services, administrators can create domain user accounts right on the domain controller. Domain user accounts can log on to the domain using any of the available domain client computers. Irrespective of the domain client computer that a domain user uses to log on to the domain, credentials of the domain user accounts are always authenticated from the domain controller itself.
Install Active Directory Domain Services on Windows Server 2008 R2
To install Active Directory Domain Services on Windows Services 2008 R2, administrators must follow the steps given as below:
- Log on to Windows Server 2008 R2 computer with the local administrator account on which Active Directory Domain Services is to be installed.
- On the desktop screen, press Windows + R keys simultaneously to initiate Run command box.
- On the Run command box, in the available field, type DCPROMO.EXE command and press Enter key.
- Wait till the Active Directory Domain Services binaries are installed and click Next on the Active Directory Domain Service Installation Wizard window when done.
- On Operating System Compatibility page, click Next.
- On Choose a Deployment Configuration page, click to select Create a new domain in a new forestradio button.
- Click Next to continue.
- On Name the Forest Root Domain page, specify the Fully Qualified Domain Name (FQDN) for the new forest root domain in the FQDN of the forest root domainfield.
- On Set Forest Functional Level page, leave everything as default and click Next.
- On Set Domain Functional Level page, leave everything as default and click Next.
- On Additional Domain Controller Options page, make sure that DNS server checkbox is checked, and click Next.
- On the displayed warning box, click Yes to continue.
- On the Location for Database, Log Files, and SYSVOL page, leave everything as default and click Next.
Note: It is recommended that SYSVOL folder, and Database and Log files should always be stored at a different location for optimum performance.
- On the Directory Services Restore Mode Administrator Password page, type and retype a complex password in the Password and Confirm Passwordfields.
Note: Active Directory restore mode password is required when administrators want to restore the Active Directory in case of disaster. For security reasons, it is strongly recommended that Active Directory restore mode password should always be different than that of enterprise administrator or domain administrator account.
- Once done, click Next to proceed.
- On the Summary page, review the settings and click Next to start the Active Directory Domain Services installation process.
- Once Active Directory Domain Services installation process is complete, on the displayed box, click Restart Now to restart the computer. Alternatively Reboot on completioncheckbox can also be checked during AD DS installation process to restart the computer automatically after the successful installation.
Note: Although the above given steps can be followed to install Active Directory Domain Services directly on Windows Server 2008 R2 computer, AD DS binaries can also be installed manually by following the Active Directory Domain Services installation wizard from Server Manager. This process requires administrators to manually initiate the DCPROMO.EXE command by clicking the available link on the interface, after the successful installation of Active Directory Domain Services binaries.