Windows Server 2008 R2 is the latest release of Microsoft’s Windows Server line of operating systems. It offers a number of new features, including Active Directory Domain Services (AD DS), which is a centralized authentication and authorization service for computers in an organization. AD DS enables administrators to manage user accounts, groups, and permissions across an organization’s network of computers. To install AD DS on Windows Server 2008 R2, you first need to create a domain controller. A domain controller is a server that stores the AD DS database and provides services such as authentication and authorization for users in your organization. You can also use a domain controller to manage user accounts and group policies. To create a domain controller, open Server Manager and click Add Roles and Features. In the Add Roles And Features Wizard, click Next on the Before You Begin page. On the Select Installation Type page, select Role-Based Access Control (RBAC) Administration And Deployment from the list of available roles, and then click Next. On the Select Destination Server page, select The Computer That Has The Active Directory Database For Your Organization from the list of available servers, type or browse to the name of your computer (for example: csrv01), and then click Next. On the Select Domain Controller Options page, select Create A New Domain Controller In This Domain from the list of available options, type or browse to your desired name for your new domain controller (for example: contoso), type or browse to your desired location for your new domain controller (for example: C:\Windows\System32\DNS), and then click Next. On the Confirm Installation selections page, review your selections and then click Install. After installation completes, restart your computer so that changes take effect. Now that you have created a domain controller in your organization’s forest root zone (FRZ), you can install AD DS on Windows Server 2008 R2 by following these steps ..

Active Directory is essential to any Microsoft network built on the client-server network model–it allows you to have a central sever called a Domain Controller (DC) that does authentication for your entire network. Instead of people logging on to the local machines they authenticate against your DC. Lets take a look at how to install Microsoft’s Active Directory.

Installation

Open Server Manager and click on roles, this will bring up the Roles Summary on the right hand side where you can click on the Add Roles link.

This will bring up the Add Roles Wizard where you can click on next to see a list of available Roles. Select Active Directory Domain Services from the list, you will be told that you need to add some features, click on the Add Required Features button and click next to move on.

A brief introduction to Active Directory will be displayed as well as a few links to additional resources, you can just click next to skip past here and click install to start installing the binaries for Active Directory.

When the installation is finished you will be shown a success message, just click close.

Configuration

Open up Server Manager, expand Roles and click on Active Directory Domain Services. On the right hand side click on the Run the Active Directory Domain Services Installation Wizard (dcpromo.exe) link.

This will kick off another wizard, this time to configure the settings for you domain, click next to continue.

The message that is shown now relates to older clients that do not support the new cryptographic algorithms supported by Server 2008 R2, these are used by default in Server 2008 R2, click next to move on.

Choose to create a new domain in a new forest.

Now you can name your domain, we will be using a .local domain the reason why will be explained in an upcoming article.

Since this is the first DC in our domain we can change our forest functional level to Server 2008 R2.

We want to include DNS in our installation as this will allow us to have an AD Integrated DNS Zone, when you click next you will be prompted with a message just click yes to continue.

You will need to choose a place to store log files, it is a best practice to store the database and SYSVOL folder on one drive and the log files on a separate drive, but since this is in a lab environment I will just leave them all on the same drive.

Choose a STRONG Active Directory Restore Mode Password and click next twice to kick off the configuration.

You will be able to see what components are being installed by looking in the following box.

When its done you will be notified and required to reboot your PC.

That’s all  there is to it guys, now you have a working installation of Active Directory.