Active Directory (AD) is a directory service developed by Microsoft that provides authentication, authorization, and management services within a network. Setting up AD in Windows Server 2019 allows you to create a Domain Controller (DC) that manages users, groups, policies, and security settings. This tutorial will guide you through the installation and configuration of Active Directory.
Step 1: Install Windows Server 2019 and Configure Basic Settings
Before setting up Active Directory, ensure your server is configured properly:
If you need help with setting up your Windows server check out our original tutorial!
- Windows Server 2019 is installed and updated.
- A static IP address is assigned to the server.
- The computer is named appropriately (e.g., DC01).
Step 2: Install the Active Directory Domain Services (AD DS) Role
- Open Server Manager.
- Click on Manage > Add Roles and Features.

- Click Next until you reach the Server Roles section.
- Select Active Directory Domain Services and click Add Features.

- Click Next and then Install.
- Wait for the installation to complete and then click Close.
Step 3: Promote the Server to a Domain Controller

- In Server Manager, click on the flag notification at the top.
- Click Promote this server to a domain controller.
- Choose Add a new forest and enter your domain name (e.g., example.com).
- Click Next and set a Directory Services Restore Mode (DSRM) password.
- Continue clicking Next until you reach the Prerequisites Check.
- If no errors are found, click Install.
Step 4: Configure DNS and DHCP (Optional)
After rebooting, the server is now a Domain Controller. Configure additional services if needed:
- DNS: Ensures proper domain resolution.
- DHCP: Assigns IP addresses to clients on the network.
Step 5: Create Users and Groups
- Open Active Directory Users and Computers from the Start menu.
- Expand your domain and navigate to Users.
- Right-click and select New > User.
- Enter user details and click Next.
- Set a password and configure password policies.
- Click Finish to create the user.
Step 6: Join Client Machines to the Domain
- On a client machine, open System Properties (
sysdm.cpl
). - Click Change and select Domain.
- Enter the domain name (e.g., example.com).
- Enter domain admin credentials and restart the client.
Step 7: Configure Group Policies
Use Group Policy Management to enforce security settings:
- Open Group Policy Management from the Start menu.
- Create or edit policies under Group Policy Objects (GPOs).
- Link the GPOs to Organizational Units (OUs).
Next Steps
Congratulations! You have successfully set up Active Directory on Windows Server 2019. Next, consider:
- Implementing advanced security policies.
- Configuring multi-factor authentication.
- Setting up replication for multiple domain controllers.
For further customization, refer to the official Microsoft AD documentation.