Guide – How To Start – Active Directory Domain Controller on Windows 2016

Active Directory Domain Controller on Windows 2016 is a perfect solution for providing Active Directory to your servers in Azure and suitable for hybrid setup of Active Directory and Azure AD Sync.

This is a quick deployment and ready-to-run image.
Simple and rapid installation. Easy to maintain.

The guide how to work with the Active Directory Domain Controller 2016

After purchasing and turning on the VM, you need to run the name change file on the desktop, and restart the VM.

image8

 

1. Right-click the network icon in the bottom right of the Task Bar and select Open Network and Sharing Center from the menu.

2. In the Network and Sharing Center, click <Change adapter settings>.

3. On the Network Connections screen, right-click the network adapter for which you want to change the IP address and select.

4. Select Internet Protocol Version 4 (TCP/IPV4) and click <Properties>.

5. Fill in your private IPV4 ip address, subnet mask, default gateway.

6. Fill in the preferred DNS server as (127.0.0.1) which is known as your local host IP.

7. The alternate DNS server address will be the IP address of another domain controller you have in your forest. If you don’t have any setup yet, you can leave this blank and update later if you are going to setup other domain controllers.

After that you will need to reconnect to the VM

image1

Active Directory Installation Steps

Open up Server Manager and click on the yellow notification and select promote this server to a domain controller.

image5

This will start the active directory configuration wizard. The next demo shows how to set up a new forest. But if you adding this to an existing domain you can choose the relevant option.  Select the option to add new forest and type FQDN for the domain. Then click <next>.

image7

On the next page you can select the domain and forest functional levels. Then type a password for DSRM. Then click <next>.

image11

Since we are creating the first DNS server in the new forest, it is not necessary to select additional parameters and click <next> to proceed.

image6

For the NETBIOS name keep the default and click <next>.

image13

Next page is to define the NTDS, SYSVOL and LOG file folders. You can keep default or define different path for these. This demo shows how to keep the default paths. Once changes are done, click <next> to continue.

 

image9

The option to review configuration changes will be given on the next page.

If everything looks ok you can click <next> to proceed or otherwise can go back and change the settings.

image3

On the next window the prerequisite check will be done.

If it passes, it will enable the option to install. Click on <install> button to begin the installation process.

image10

Then the installation process of promoting this server to a Windows domain controller will be started.

image4

After the AD installation, The server will restart automatically. Once it comes back online, log in to the server as domain administrator.

Once logged in, open powershell (as administrator) and type dsac.exe and press enter. It will open up the active directory administrative center. Here you can start managing the domain resources.

image12

Also you can use Get-ADDomain | fl Name,DomainMode and Get-ADForest | fl Name,ForestMode from powershell to confirm the domain and forest functional levels.

image2

Active Directory Firewall Ports

In order to your domain controllers to communicate with other domain controllers in your Active Directory, you will need to make sure the following firewall ports are open between domain controllers in your cloud environment or on premises domain if you have a hybrid setup:

  • RPC endpoint mapper: port 135 TCP, UDP
  • NetBIOS name service: port 137 TCP, UDP
  • NetBIOS datagram service: port 138 UDP
  • NetBIOS session service: port 139 TCP
  • SMB over IP (Microsoft-DS): port 445 TCP, UDP
  • LDAP: port 389 TCP, UDP
  • LDAP over SSL: port 636 TCP
  • Global catalog LDAP: port 3268 TCP
  • Global catalog LDAP over SSL: port 3269 TCP
  • Kerberos: port 88 TCP, UDP
  • DNS: port 53 TCP, UDP

To setup Azure firewall rules refer to – Azure Network Security Groups

WordPress.com.

Up ↑

%d bloggers like this: