How To Create A Domain In Windows Server 2008 And Things To Consider
Gone are the days when separate user names had to be configured and used for logging into numerous servers for working on a network. For example, back in the early days a user might have to login to a mail server with a separate user name and password as compared to a data a UNIX server for managing files. With the advent of solutions such as the Active Directory, user authentication and management is much simpler now. For example, Kerberos authentication allows a user to easily manage mails, database related activities and access across multiple places on a network with a single user profile via the Active Directory in a Domain environment. In this post we will tell you the steps to create a domain in Windows Server 2008 and the things that you need to consider during this process.
For the purpose of this article, we are using Windows Server 2008 R2 to create a domain, the same configurations apply for the 32-bit version. To get started, go to Run or a Command Prompt and type dcpromo and hit Enter.
This will show you a message to wait until the installation wizard opens. Once the installation wizard opens, hit Next. Make sure the Use advanced mode installation option is unchecked.
The next step will display a screen explaining operating system compatibility details with a link at the bottom of the wizard which can be used to get more information about the topic. Hit Next to continue.
When making a domain you will be given the option to add a domain in an existing forest or creating a new domain within a new forest. You can also use this wizard to add a domain controller to an existing domain (a domain tree). Here we will select Create a new domain in a new forest option and hit Next.
A tree is made up of multiple domains and multiple trees merge under the realm of a forest. The name of the first Domain created within a forest (the forest root Domain) also becomes the name of the forest. To move forward, enter a FQDN (Fully Qualified Domain Name), e.g. addictivetips.com. The wizard will proceed further after checking the NetBIOS name to make sure that there is no existing domain already present with the same name.
In the next step, select the forest functional level by choosing the appropriate Windows Server version. Choosing a newer version will give you more functionality options, however, you can select older levels as well.
The DNS Server checkbox is checked by default to install the DNS server.
While attempting to proceed further you may be prompted to assign a static IP if it is set to obtain (IP automatically). It is not advised to use a dynamic IP from the DHCP server for a domain as the dynamic IPs change after a set period of time which will cause major disruptions as client operating system will disconnect if and when the IP changes.
To assign a static IP to the adapter, go to the Network and Sharing Center and click on Change Adapter Settings. From here select TCP/IPv4 and set a static IP e.g. 192.168.1.254. Also set a Default Gateway, which is normally the IP of a router. In the Proffered DNS section you can simply enter the Domain IP (which in this case is 192.18.1.254) or add a loopback IP (127.0.0.1) so that the domain automatically send itself the DNS queries. This will be helpful if you ever change the Domain IP, as the DNS will not have to be adjusted. You can also use an alternative DNS in the Alternative DNS Server section. To move forward click on “No, I will assign static IP addresses to all physical adapters”.
In the next step, you will have the choice to save the Database, Log and SYSVOL files to the same or separate locations. Some administrators save them separately to balance the load or hard disk space considerations, whereas others save them at the same location. This is not much of an issue nowadays, especially in the wake of better disaster recovery mechanisms.
Moving forward, you will be asked to save a restore mode password (which is separate from the Domain Administrator’s account). This password is configured to be used when the Domain Controller is started in Directory Services Restore Mode.
In the final part of the wizard, you can check the summary of the configurations in the Review Your Selections box and proceed to create your Domain.
The installation will complete after a brief period of time (depending upon your hardware capability) and you will be able to start working on your Domain after restarting the system.
hello,,i;m new in win server 2008..i want to run dns..in what mode(administrator/user) before doing the ad/dns process
adminstrator i think
doesnt work doesnt help at all.
very helpful
Yes I was wondering why is when I try to create a new domain in a new forest I keep getting a password error saying that my password is blank or that it does not meet the password criteria. I have a strong password and it meets all criteria s. Also I’m doing this on a VM Ware Virtual Player, not that should have anything to do with it.
Thanku, I found all steps of server setup systamtic i hope this steps was helpfull for every one.
HI I AM create new domain but old client can will be atomatically added to new domain server old server was format without ad backup
Can you do a tips for the next step of this process? Dwell a bit further into linking/merging a personal hosted FQDN into the cloud?
I’m a bit confuse as you set a static private IP to your domain running on a local DNS. This would see internal only right? What if you try to reach your domain from a cloud? How would that be possible?
If an administrator wishes to access his/her domain via the internet, it can be done with the use of remote management software like Ultra VNC. It is also common practice for many organizations to allow their fragmented offices to connect to a singular domain which is physically located at a separate location. Some organizations buy a dedicated dynamic IP for this purpose as well. I will try to get to more complex server management in future tutorials.
After doing this, I set up another server 2008 R2, clean install. I want to add it in to the existing forest under the same domain name. Both should be domain controller and completely redundant. If one fails, users should notice nothing at all.
How do I proceed?
From what I can understand, you are referring to an ADC (additional Domain Controller), I will be writing a post on that soon as well. However, you can quite simply add an ADC by running the dcpromo command and selecting the relevant configurations. Most options are quite obvious in the wizard, but in case you are confused, you can check back in a day or two for my post regarding the creation of an additional domain controller. Having an ADC will mean that in case the domain goes offline, it will take over as the primary domain and the client operating systems will not be affected.
The problem I had with this is that when trying to add the 2nd server in to the existing forest, I constantly got the error saying “Cannot resolve yourdomain.com”.
At this point, I had already gone to computer settings and changed all needed settings to yourdomain.com, only thing untouched is that the workgroup remained WORKGROUP
People told me I first need to set up the DNS server on the first domain controller and add the needed pointers and such, but I don’t know how to do that.
Check what DNS you have given in the Network adapter, make sure you have configured your IP correctly and added a relevant DNS and gateway.
i m first time installing the server 8 an dont know how 2 creat domin name?
DNS is installed during the installation of the Domain, you can give the other system the IP address of your Domain in the DNS section of the network adapter. I will be covering Look up Zones in a post shortly as well.
I did that, but still the same thing.
I tried adding a CHOST record on the DNS of my first server, pointing at the second one, but nothing changed.
Actually, I’m just recalling what I did at school several days ago. I just so happened to have a similar situation there and I recognized this when I saw the post. I do not have the needed materials at hand right now, and I probably won’t for a long time.
If you have good hardware, you can try replicating the situation on a virtual machine, e.g.on VMware. I often create a virtual network before performing actual tasks on a network (when required). If you left the DNS check box was checked while making the Domain, then DNS is installed and adding the Domain IP in the Network Card of the other server (in the DNS Section) should resolve the problem. You might be interested in making sure that the gateway is correct. You can go through both of my Posts regarding the creation of the DC and the ADC and see if you have missed a step.
The post regarding creating an ADC is now available, at the following link: https://www.addictivetips.com/windows-tips/how-to-create-additional-domain-controller-adc-in-windows-server-2008/