
close
close
Windows Server 2022 doesn’t include any significant changes to Active Directory (AD). But you will want to use it going forwards for your new domain controllers because of the improved security it provides over earlier versions of Windows Server.
There are two ways for system administrators to add Windows Server 2022 as a domain controller (DC). The first is using Server Manager, which has been the standard way to add, or ‘promote’ as is more commonly referred to, Windows Server 2022 as a DC. The second way, and easier way in my opinion, is to use PowerShell.
advertisment
Table of Contents
Whichever method you choose, adding Windows Server 2022 as a DC involves two main steps:
But it’s also noting that there are some prerequisites that you should meet before adding Windows Server 2022 as a DC. For instance, the server should be assigned a static IP address. And it’s also worth making sure that the server name is something relevant, like DC1, so that it can easily be identified.
Before we install AD DS, let’s make sure we meet the basic prerequisites for a DC in Windows Server 2022.
We’ll start by renaming the server.
advertisment
Rename-Computer -NewName DC1
Once the server has rebooted, we can configure the network adapter with a static IP address. On my network, I will assign a static IP address of 192.168.1.10/24 and the default gateway is 192.168.1.1.
New-NetIPAddress –IPAddress 192.168.1.10 -DefaultGateway 192.168.1.1 -PrefixLength 24 -InterfaceIndex (Get-NetAdapter).InterfaceIndex
Set-DNSClientServerAddress –InterfaceIndex (Get-NetAdapter).InterfaceIndex –ServerAddresses 192.168.1.10
The next step is to install the AD DS server role. It’s easy to do using the Install-WindowsFeature cmdlet as shown below.
Install-WindowsFeature -name AD-Domain-Services -IncludeManagementTools
Once the AD DS server role is installed, you’ll get a message in the PowerShell window. The Success column should read True.
If you’d prefer to install AD DS the hard way, here is a step-by-step guide using Server Manager.
advertisment
Let’s deal with the server’s name and IP address first.
Now let’s set a static IP address.
On my network, I will assign a static IP address of 192.168.1.10, subnet mask of 255.255.255.0, and the default gateway is 192.168.1.1.
The first DC in your domain will also be a DNS server. The Active Directory Domain Services Configuration Wizard will automatically configure a DNS server for you.
Now let’s install the AD DS server role.
In this example, we will add Windows Server 2022 as a domain controller in a new forest and domain. Before you continue, you should decide on a Fully Qualified Domain Name (FQDN) for your domain. I’m going to use ad.contoso.com in this example. Where ‘ad’ is the name of my new domain and contoso.com is the top-level domain (TLD). You should make sure that you own the public TLD. In this example, I should own the contoso.com domain name. AD in the FQDN defines my internal DNS namespace for Active Directory.
To configure Windows Server 2022 as a domain controller, run Install-ADDSForest as shown in the example below. Replace ad.contoso.com with your chosen FQDN. DomainNetBIOSName is usually set to the part of your FQDN that identifies your internal AD DNS namespace. So, the part that comes to the left of the first period. In this case, ‘ad’.
Install-ADDSForest -DomainName ad.contoso.com -DomainNetBIOSName AD -InstallDNS
You should note that Install-ADDSForest is only used when you are installing the first domain controller in a new AD forest. Install-ADDSDomain and Install-ADDSDomainController are used respectively to create a new domain in an existing forest and install a new DC in an existing AD domain.
DomainName and DomainNetBIOSName are the only two compulsory parameters for the Install-ADDSForest cmdlet. If you want to explore what other options you can configure, run the command line below:
Get-Help Install-ADDSForest
When you run the Install-ADDSForest cmdlet, you’ll be prompted to enter a password for Directory Services Restore Mode (DSRM). Or Safe Mode password as it’s sometimes referred to. Enter a password and confirm it when prompted.
You’ll then see a message:
The target server will be configured as a domain controller and restarted when this operation is complete.
Do you want to continue with this operation?
Type y in the PowerShell window and press ENTER to confirm that you want to configure the server as a domain controller.
As AD is configured, you’ll see some yellow warnings appear in the PowerShell window. They are normal and you can safely ignore them. The server will automatically reboot. Once Windows Server has rebooted, you will need to log in with the domain administrator account. The domain administrator account is assigned the same password as the built-in administrator account.
On the sign-in page, type administrator in the User name field. Type the password for the administrator account, which is the same as the password for the previous built-in administrator account, and press ENTER.
And that is it! You are now logged in to your AD domain’s first domain controller. You can access Server Manager from the Start menu. In Server Manager, click the Tools menu and then select Active Directory Users and Computers to start managing your domain.
Now that the AD DS role is installed in Windows Server 2022, you can configure your first AD domain controller. Let’s go back to Server Manager and start the configuration.
You should make sure that you own the public top-level domain name (TLD). In this example, I should own the contoso.com domain name. AD in the FQDN defines my internal DNS namespace for Active Directory.
The wizard will run some prerequisite checks to make sure AD can be installed on the server. Hopefully your server will pass the checks and you can continue installing AD. It’s normal to get a few warnings as you can see in the image below. You will not be able to proceed with the install if the server fails the prerequisite checks.
Once Windows Server has rebooted, you will need to log in with the domain administrator account. The domain administrator account is assigned the same password as the built-in administrator account.
And that is it! You are now logged in to your AD domain’s first domain controller.
More from Russell Smith
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Windows Server 2022
Microsoft Adds Hotpatching Support to Windows Server 2022 Azure Edition
Feb 17, 2022 | Rabia Noureen
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group