How to Setup a Domain Controller Server 2012

by Robert Allen

In this article, I will walk through how to setup a new domain controller on server 2012.

Before promoting the server, you should make sure a static IP address is assigned to the server.

Steps to Create a New Domain Controller Server

If you are using Windows Server 2012, 2016, or 2019 the steps to create a new domain controller is very similar.

Step 1. Click on Add Roles and Features

From Server Manager select “Add Roles and Features”.

Step 2. Click “Next” on the “Before you begin” screen

Step 3. Installation Type

Select “Role based or feature-based installation and click “Next”

Step 4. Server Selection

Select the server and click “Next”. Unless you have added additional servers to the server manager you should only see one server listed.

Step 5. Server Roles

Select “Active Directory Domain Services” on the Server Roles page. You will get a pop up to add features that are required for Active Directory Domain Services, click “Add Features” and then click “Next”

Step 6. Features page

On the features page click “Next”. No changes are needed on this page.

Step 7. ADS page

On the AD DS page click “Next” This is just an informational page.

Step 8. Confirmation Page

On the confirmation page click “Next”. If you want the server to reboot automatically select the box “Restart the destination server automatically if required”

At this point, Active Directory Domain Services should be installing. This will take a few minutes.

You must look at the progress bar and the text below it to know when the installation is complete. Once it is complete click the close button.

Step 9. Promote to a Domain Controller.

Now that the required services are installed we can promote the server to a Domain Controller. Back in Server Manager, you will see a yellow triangle at the top right that needs to be clicked. In the message details click “Promote this server to a domain controller”

Step 10. Select “Add a new forest” and enter Root domain name

I now get the “Active Directory Domain Services Configuration Wizard”. Since this is the first Domain Controller I will select “Add a new forest” In the Root domain name: I will enter ad.winadpro.com and click “Next”

11. Domain Controller Options

Since this is our first 2012 R2 DC in the forest I’m going to leave the forest and domain functional level at Windows Server 2012 R2. NOTE: If you are adding an additional domain controller to an existing forest you need to understand what functional level to set. I will enter in a password for the Directory Services Restore Mode and click next.
NOTE: Directory Services Restore MODE (DSRM) allows an administrator to repair or recover an Active Directory Database.

12. DNS Options

You will most likely receive the error below that says “A delegation for this DNS server cannot be created….” This is common. The wizard is trying to contact the nameservers for the domain I entered winadpro.com and is unable to create a delegation for the sub-domain ad.winadpro.com. This message can be ignored if you don’t need computers from the outside of the network to be able to resolve names within your domain. More info on this error https://technet.microsoft.com/en-us/library/cc754463(WS.10).aspx

13. Additional Options

Enter the NetBois domain name on the additional options page. I would recommend making this the same as your root domain name. In my case the NetBois name would be winadpro. There are several restrictions on creating a NetBios name, more details here https://support.microsoft.com/en-us/kb/909264

14. Paths

Enter the desired folder settings and click “Next” I personally stick with the default folder settings.

15. Review options and click “Next”

16. Prerequisites check

You should get a green check at the top indicating all prerequisites passed. Click “Install”

17. Reboot and verify

Once the Active Directory Domain Services install and configuration is complete you will need to reboot. This completes the install and configuration of adding a Windows 2012 R2 domain controller to a new forest. If you want to verify your install and the health of the Domain Controller run dcdiag /v from the command line.

Next, learn how to add a secondary domain controller to an existing domain.

Recommended Tools

  • AD Cleanup Tool - Find stale and inactive user and computer accounts in Active Directory. Export, disable, move or delete the stale accounts to increase security.
  • AD User Creation Tool - Bulk import or update Active Directory user accounts. Add users to groups, import into OUs, set multiple attributes and more.
  • NTFS Permissions Tool - Scan and audit NTFS folder permissions. See which users and groups have access to what.
  • AD Reporting Tool - Over 200 reports on users, computers, groups, OUs and more. Customize reports or create your own reports with the report builder.

Leave a Comment