Elite Enterprise Software Logo
My account linkPress to access My account
4.8
rating on Trustpilot

BLACK FRIDAY IS HERE!

USE DISCOUNT CODE: BF20 FOR 20% OFF SITE-WIDE*
*Can not be used in conjunction with other offers. Offer ends 30th November 2024

Windows Server 2025 – Part 5 (Active Directory)

Setting Up Active Directory on Windows Server 2025

Despite servers being compatible with Entra ID (formerly known as Azure Active Directory), most business environments still rely heavily on Active Directory (AD) for authentication and authorization. Active Directory remains a central tool for managing users and rights in many Windows Server installations.


About Active Directory

Active Directory (AD) is a critical component for managing users and resources across a network. It is organized into three hierarchical levels: domains, trees, and forests. A forest is a collection of trees, and each tree can contain multiple domains. Designing an AD landscape can become complex, especially with mergers and acquisitions, requiring expertise in AD architecture.

Key features of AD include:

  • Active Directory Domain Services (AD DS): The core component that domain controllers host, crucial for the network's operation.

  • Protocols and Standards: AD DS utilizes LDAP (Lightweight Directory Access Protocol), Kerberos, and DNS (Domain Name System) for its operations.


History of Active Directory

Active Directory traces its origins to Windows NT 4.0, introduced in 1996. This early version lacked the hierarchical structure and scalability of later iterations, relying on NT LAN Manager (NTLM) for authentication. The release of Windows 2000 Server marked a significant advancement, introducing forests, trees, and a more scalable domain structure, along with integrating LDAP, Kerberos, and DNS.

Subsequent versions, including Windows Server 2003, 2008, and later, added features such as Active Directory Federation Services (AD FS), improved replication, enhanced security features, and better management tools. Today, AD continues to be a crucial element in Windows Server environments.


Preparation and Prerequisites

Before installing Active Directory, ensure you have completed the following preparations:

  1. Install and Update Windows Server 2025: Follow a comprehensive guide for Windows Server 2025 installation and updates.

  2. Decide on Active Directory and DNS Domain Names: Refer to guidance for selecting the appropriate names.

  3. Configure a Static IP: Although optional, a static IP is recommended for the server.

  4. Verify Hardware Requirements: Minimum requirements include:

    • 1.4 GHz 64-bit processor

    • 2 GB of RAM (Server with Desktop Experience)

    • 32 GB of storage (128 GB recommended)

  5. Review Release Notes: Stay updated with the latest news on Windows Server 2025.

Local Administrator Account

Ensure you have access to the local administrator account for installation.

Installing Active Directory Domain Services (AD DS)

Follow these steps to install AD DS:

  1. Open Server Manager:

  • Log in with your local administrator account and open the Server Manager, which may start automatically.

Open Windows Server 2025 Server Manager in Start menu

2. Add Roles and Features:

  • In Server Manager, navigate to "Manage" and select "Add Roles and Features."

    Open Add Roles and Features on Windows Server 2025 Server Manager


    Click “Next” on the Before You Begin screen.

    Before you Begin Screen – Click Next


    3. Role-Based Installation:

  • Keep the default “Role-based or feature-based installation” selected and click “Next.”

Role-based or feature based installation – Click Next

4. Select Server:

  • Choose your local server from the server pool and click “Next.”

Server Selection – Click Next

5. Select Server Roles:

  • Check “Active Directory Domain Services.” This will prompt the addition of necessary features.

Server Roles – Select “Active Directory Domain Services

Click “Add Features” if prompted.

Server Roles- Select “Active Directory Domain Services” – Click Add Features


6. Install Features:

  • Proceed by clicking “Next” on the Features screen. The required features will be automatically added.

Server Roles – Select “Active Directory Domain Services” – Click Next

Features – Click Next


7. Review AD DS Recommendations:

  • Review the recommendations and click “Next.”

AD DS – Click Next


8. Installation Summary:

  • Confirm your selections and click “Install” to start the installation.

Confirmation – Click Next

Monitor the progress and click “Close” when finished.

Results to track progress – Click Close when finished


Promoting the Domain Controller

After installing AD DS, you need to configure and promote your server to a domain controller:

Server Manager AD DS – Configuration warning


1. Start the Promotion Process:

In Server Manager, click the warning icon next to the flag, then select “Promote this server to a domain controller.”

Server Manager AD DS – More Configuration warning and start the Promote this server process


Deployment Configuration – Add a new Forest


2. Deployment Configuration:

Choose “Add a new forest” and enter your “Root Domain name.” Refer to guides for selecting an appropriate name.

Domain Controller Options – Keep the default and enter your DSRM password



3. Domain Controller Options:

Keep default settings and enter a secure Directory Services Restore Mode (DSRM) password.


  • DNS Options screen – Just click next


    4. DNS Options:

    • Ignore warnings and keep defaults. Click “Next.”

Additional Options – Choose the NetBIOS domain name

5. NetBIOS Name:

Enter the NetBIOS domain name and click “Next.”


Paths – Click Next

6. Paths:

  • Leave the default paths or customize them as needed. Click “Next.”

Review Options – Click Next



Prerequisites Check – Click Install


7. Review and Install:

  • Check prerequisites and fix any issues. Click “Install” to begin the domain controller promotion. This process may take some time.

8. First Login:

  • After the reboot, log in using the domain credentials. Access Active Directory tools from Server Manager.

  • Verify Installation: Use Active Directory Users and Computers to check the default AD structure.

Post-Installation

After setting up Active Directory:


Tools – Active Directory Management Tools


Additional Resources:

Important Notes

  • Domain Controller Best Practices:

Avoid running other Windows services on the domain controller besides AD DS, DNS, and optionally DHCP. Domain controllers should be treated as secure systems, with minimal use and regular updates.

Conclusion

Congratulations on setting up Active Directory Domain Services on Windows Server 2025! While the process resembles previous versions, ensure to choose the appropriate Forest and Domain Functional levels and stay updated with any new features or changes.


We use cookies to ensure you get the best experience on our website. Cookies are used (but not limited to) for ads personalisation and analytics. By clicking 'Accept All', you consent to our use of cookies in accordance with our Privacy Policy. You can remove your consent at any time via our Cookie Policy.