Setting Up Active Directory

Setting up Active Directory starts with installing the AD DS - Active Directory Domain Services server role onto a Windows Server operating system and then promoting the Windows Server into a domain controller.

Steps to Setting up Active Directory

1. To get started with setting up Active Directory, click on "Add roles and features" under the Server Manager dashboard. This will bring up the "Add Roles and Features Wizard" to follow the prompts on installing the AD DS server role.

2. For the Installation Type in this example click "Role-based or feature-based installation.

3. For Server Selection, select the host listed in the Server Pool, then click Next.

4. In this section of the Add Roles and Features Wizard are a listing of different server rolls that can be installed onto the server. In this demonistration, I'm going to select the Active Directory Domain Services - AD DS server role.

5. When you go to install a server role, there may be features that need to be added for the intended server to install. Here, the following features will be installed in order to successfully install the AD DS server role.

6. After clicking Add Features clickNext.

7. Then click Install

AD DS Installation

1. After clicking next from Features, we'll then be on the AD DS tab to press Install.

2. We'll then be on the Confirmation tab to press Install.

3. AD DS Installation in progress.

4. Installation complete! We'll now click on "Promote this server to a domain controller" below.

5. For this example, we'll click Add a new forest

6. For Domain Controller Options We'll verify the domain controller capabilities and create a Directory Services Restore Mode (DSRM) password.

7. Under Additional Options we'll enter in the domain name to specify the NetBIOS domain name.

8. For Paths we'll specify the location of the AD DS database, log files, and SYSVOL. I'm going to leave those as they are.

9. Then under Review Options we'll review the selecions.

10. Under Prerequisites Check We'll run the prerequisites check to validate them before installing AD DS. Then we'll click Install.

11. Then we'll proceed with the installation of AD DS. The server will restart when the installation is complete.

12. After successful installation of AD DS and system restart, we now have the domain name showing on the login screen.

13. Under Server Manager we now have the Active Directory Users and Computers listed under Tools.

14. And here - we have Active Directory!

Creating a new AD User Account

1. Here in Active Directory Users and Computers, we're going to right click on the Users OU. Then select New > User to create a new user account object.

2. Fill in the account details of First and Last name attributes of the user account object.

3. Click Next.

4. Set up a user account password.

5. Click Finish.

6. New User Account object listed in the Users OU.

Resetting a User Account password

This one's a very common task in IT Support and imperative to know when learning to work in AD DS.

1. In Active Directory Users and Computers locate the user account object needing the password reset.

2. Right-click on the user account and select Reset Password.

3. Specify a newer password for the user account.

4. When working with a larger Active Directory environment with an enterprise of user accounts, the Search for Object feature comes in very hand. Second icon from the right of the toolbar.

5. In this example, I'm going to enter in the first name attribute of the user account.

Unlocking a User Account

Another very common task in IT Support. Sometimes this one can be as simple as unlocking the account if someone locks their account due to too many failed login attempts. In other cases such as repeated account locks, this can turn into a good round of troubleshooting to locate the source that's causing it.

1. To unlock an AD user account, right click on the user account object and select Properties then click on the Account tab to click on the Unlock account buton.

This demonstration included setting up Active Directory from scratch by installing the AD DS server role, and promoting the Windows Server to a domain controller. After Active Directory is spinned up, creating a new user AD user account, resetting an AD user account password, and unlocking a locked AD user account are further demonstrated.