There are interesting new features now made available in Windows Server 2016 such as time based group membership, privileged access management, and others. Most will be covered in future posts. This post will detail how to install active directory on Windows Server 2016.

Before the AD install however it is important to understand what is the minimum requirement to install windows server 2016. Details are as follows:

Processor

• 1.4 GHz 64-bit processor

• Compatible with x64 instruction set

• Supports NX and DEP

• Supports CMPXCHG16b, LAHF/SAHF, and PrefetchW

• Supports Second Level Address Translation (EPT or NPT)

Coreinfo is a tool you can use to confirm which of these capabilities you CPU has.

RAM

• 512 MB (2 GB for Server with Desktop Experience installation option)

• ECC (Error Correcting Code) type or similar technology

Storage controller and disk space requirements

Computers that run Windows Server 2016 must include a storage adapter that is compliant with the PCI Express architecture specification. Persistent storage devices on servers classified as hard disk drives must not be PATA. Windows Server 2016 does not allow ATA/PATA/IDE/EIDE for boot, page, or data drives.

The following are the estimated minimum disk space requirements for the system partition.

Minimum: 32 GB

Network adapter requirements

Minimum:

• An Ethernet adapter capable of at least gigabit throughput

• Compliant with the PCI Express architecture specification.

• Supports Pre-boot Execution Environment (PXE).

A network adapter that supports network debugging (KDNet) is useful, but not a requirement.

So in my demo I am using a virtual server with windows server 2016 datacenter. In order to setup active directory we need to log in as local administrator. First thing to check is IP address configuration.

1) Once Active directory setup on the server, it also going to act as DNS server. There for change the DNS settings in network interface and set the server IP address (or local host IP 127.0.0.1) as the primary DNS server.

2) Then open the server manager. Go to PowerShell (as administrator) and type ServerManager.exe and press enter.

3) Then on server manager click on add roles and features

4) Then it opens the add roles and features wizard. Click on next to proceed.

5) Then in next window keep the default and click next

6) Since its going to be local server, in next window keep the default selection.

7) In next window from the roles put tick box for active directory domain services. Then it will prompt to show you what are the associated features for the role. Click on add features to add those. Then click next to continue.

8) The features page, keep it default and click on next to proceed.

9) In next windows it gives brief description about AD DS service. Click next to proceed.

10) Then it will give the confirmation about install, click on install to start the role installation process.

11) Once done, it will start the installation process

12) Once installation completes, click on option promote this server to a domain controller.

13) Then it will open the active directory configuration wizard. In my demo I am going to setup new forest. But if you adding this to existing domain you can choose relevant option. (I am going to write separate article to cover how you can upgrade from older version of Active Directory). Select the option to add new forest and type FQDN for the domain. Then click next.

14) In next page you can select the domain and forest functional levels. I am going to set it up with latest. Then type a password for DSRM. Then click next

15) For the DNS options, this going to be the first DNS server in new forest. So no need any modifications. Click next to proceed.

16) For the NETBIOS name keep the default and click next

17) Next page is to define the NTDS, SYSVOL and LOG file folders. You can keep default or define different path for these. In demo I will be keeping default. Once changes are done, click next to continue

18) Next page will give option to review the configuration changes. If everything okay you can click next to proceed or otherwise can go back and change the settings.

19) In next windows it will do prerequisite check. If it’s all good it will enable option to install. Click on install to begin installation process.

20) Then it will start the installation process.

21) After the installation system will restart automatically. Once it comes back log in to the server as domain admin.

22) Once log in open the powershell (as administrator) and type dsac.exe and press enter. It will open up the active directory administrative center. There you can start managing the resources.

23) Also you can use Get-ADDomain | fl Name,DomainMode and Get-ADForest | fl Name,ForestMode from powershell to confirm domain and forest functional levels

Refer: https://blogs.technet.microsoft.com/canitpro/2017/02/22/step-by-step-setting-up-active-directory-in-windows-server-2016/

Step-By-Step: Setting up Active Directory in Windows Server 2016的更多相关文章

  1. How to setup Active Directory (AD) In Windows Server 2016

    Windows Server 2016 is the newest server operating system released by Microsoft in October 12th, 201 ...

  2. Prepare and Deploy Windows Server 2016 Active Directory Federation Services

    https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-key-t ...

  3. Active Directory Domain Services in Windows Server 2016/2012

    Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012 You will find links to ...

  4. Windows Azure Active Directory (2) Windows Azure AD基础

    <Windows Azure Platform 系列文章目录> Windows Azure AD (WAAD)是Windows Azure提供的一个REST风格的服务,为您的云服务提供了身 ...

  5. Windows Server 2016 Active Directory 图文搭建指南

    1. 首先打开Manage --> Add Roles and Features 2. 点击Next 3. 不做修改,点击Next 4. 不做修改,点击Next 5. 选择Active Dire ...

  6. Windows Azure Active Directory (3) China Azure AD增加新用户

    <Windows Azure Platform 系列文章目录> 本文介绍的是国内由世纪互联运维的China Azure. 本文是对笔者之前的文档:Windows Azure Active ...

  7. Windows Server 2016-WinSer2016 Active Directory新增功能

    Windows Server 2016 Active Directory 域服务 (AD DS)新增很多功能用来提升Active Directory域及组织环境安全等,并帮助他们面向云的部署或混合部署 ...

  8. 滥用基于资源约束委派来攻击Active Directory

    0x00 前言 早在2018年3月前,我就开始了一场毫无意义的争论,以证明TrustedToAuthForDelegation属性是无意义的,并且可以在没有该属性的情况下实现“协议转换”.我相信,只要 ...

  9. [Windows Azure] What is Windows Azure Active Directory?

    What is Windows Azure Active Directory? Windows Azure Active Directory is a service that provides id ...

随机推荐

  1. Mongoose模式的扩展

    模式的扩展 默认值 默认值的类型: 固定值.即使生成 代码展示: var mongoose = require('mongoose');mongoose.connect('mongodb://loca ...

  2. Python3爬虫(十) 数据存储之非关系型数据库MongoDB

    Infi-chu: http://www.cnblogs.com/Infi-chu/ 一.非关系型数据库NoSQL全程是Not Only SQL,非关系型数据库.NoSQL是基于键值对的,不需要经过S ...

  3. Kubernetes-Service Account

    kube-apiserver 配置文件:/etc/kubernetes/apiserver KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0 ...

  4. R语言学习笔记(七): 排序函数:sort(), rank(), order()

    sort() sort()函数直接对函数进行排序,并返回排序结果. > a <- c(12,4,6,5) > sort(a) [1] 4 5 6 12 rank() rank()函数 ...

  5. HBase Scan,Get用法

    Scan,get用法 1. get help帮助信息 从下列get用法信息可以看出 get 后面可以跟table表名,rowkey,以及column,value.但是如果想通过get直接获取一个表中的 ...

  6. 网站的robots.txt文件

    什么是robots.txt? robots.txt是一个纯文本文件,是爬虫抓取网站的时候要查看的第一个文件,一般位于网站的根目录下.robots.txt文件定义了爬虫在爬取该网站时存在的限制,哪些部分 ...

  7. 洛谷P1379八数码难题

    题目描述 在3×3的棋盘上,摆有八个棋子,每个棋子上标有1至8的某一数字.棋盘中留有一个空格,空格用0来表示.空格周围的棋子可以移到空格中. 要求解的问题是:给出一种初始布局(初始状态)和目标布局(为 ...

  8. 小心!FOMO3D的坑

    null 01 前方高能 近日,区块链机构安比(SECBIT)实验室审计后确认,FOMO3D游戏的智能合约存在随机数漏洞可被利用,FOMO3D合约及所有抄袭源码的山寨合约均存在该安全漏洞. 原本设计上 ...

  9. BZOJ 4408 FJOI2016 神秘数 可持久化线段树

    Description 一个可重复数字集合S的神秘数定义为最小的不能被S的子集的和表示的正整数.例如S={1,1,1,4,13},1 = 12 = 1+13 = 1+1+14 = 45 = 4+16 ...

  10. python中locals和globals函数

    参考:http://www.cnblogs.com/wanxsb/archive/2013/05/07/3064783.html Python有两个内置的函数,locals() 和globals(), ...