Windows Server 2008

Installing Active Directory Domain Services for Windows Server 2008

Hello, for this post we are going to go install Active Directory Domain Services on Windows Server 2008.

First step is to run DCPROMO from the command line which will launch the Active Directory Domain Services installation screen.

Screenshot - 16_02_2008 , 15_16_06 

Next you are prompted by a screen which warns you that Windows NT4 clients may not be able to authenticate against a Windows Server 2008 domain controller. This is because Windows Server 2008 policy called “Allow cryptography algorithms compatible with Windows NT 4.0″. By default out of the box this policy is set to not configured. If you really need to connect NT4 clients on the network then you can enable the policy setting. explains how to do this.

Screenshot - 16_02_2008 , 15_16_27

Next screen is to select whether we want to add an additional Active Directory server into an existing domain i.e. test.local, create a new domain in an existing forest i.e. create domain1.test.local (that is creating domain1 in the test.local forest) and the option to create a totally brand new forest. For this exercise I have elected to create a new forest since I don’t have one.

Screenshot - 16_02_2008 , 15_16_40 Screenshot - 16_02_2008 , 15_17_02

After you have selected your FQDN you can click on this. Be very careful about selecting your domain name, once you’ve got a couple of hundred workstations and servers in it renaming it because you made a mistake is not an easy task!!!! Anyway, click on next which then goes away and see if the domain name is in use. In this case it isn’t since its a brand new forest.

Screenshot - 16_02_2008 , 15_17_13

Next step is to select your Forest Functional level. This will be specific to your individual specific needs and is dependant on what existing domain controllers you have running. There are 3 Forest functional levels available:

  • Windows 2000 native
  • Windows Server 2003
  • Windows Server 2008

You can view the full functionality here:

Screenshot - 16_02_2008 , 15_18_01 Screenshot - 16_02_2008 , 15_17_39 Screenshot - 16_02_2008 , 15_17_51

Next screen asks you if you want any additional options. In this case I have selected to install a DNS server as I don’t have DNS installed and the Global Catalog is selected by default as its the first domain controller in the forest. The read only domain controller isn’t also configurable at this time as a writeable domain controller does not yet exist

Screenshot - 16_02_2008 , 15_19_49

Next screen is to select the location of the Database Folder, Log Files folder and the SYSVOL folder. Generally you should put the database folder and log files folder onto separate hard discs. This primarily is for performance reasons.

Screenshot - 16_02_2008 , 15_22_00 

Next is to enter the Directory Services Restore Mode password. This the password that will be used if you need to enter Directory Services Restore Mode. You would need this if you’re Active Directory database became corrupt and you had to perform a restore of repair of the database


The next screen is a summary of all the options that have been selected.

Screenshot - 16_02_2008 , 15_22_38

And finally the installation can begin!!

Screenshot - 16_02_2008 , 15_25_12 Screenshot - 16_02_2008 , 15_23_41 Screenshot - 16_02_2008 , 15_24_19

Screenshot - 16_02_2008 , 15_26_25 Screenshot - 16_02_2008 , 15_25_32 Screenshot - 16_02_2008 , 15_26_11

Screenshot - 16_02_2008 , 15_27_17 Screenshot - 16_02_2008 , 15_26_42 Screenshot - 16_02_2008 , 15_27_01


Leave a Reply

Your email address will not be published. Required fields are marked *