Active Directory in Windows Server 2019

Active Directory (AD) is a directory service developed by Microsoft that provides authentication, authorization, and management services within a network. Setting up AD in Windows Server 2019 allows you to create a Domain Controller (DC) that manages users, groups, policies, and security settings. This tutorial will guide you through the installation and configuration of Active Directory.

Step 1: Install Windows Server 2019 and Configure Basic Settings

Before setting up Active Directory, ensure your server is configured properly:

If you need help with setting up your Windows server check out our original tutorial!

  • Windows Server 2019 is installed and updated.
  • A static IP address is assigned to the server.
  • The computer is named appropriately (e.g., DC01).

Step 2: Install the Active Directory Domain Services (AD DS) Role

  1. Open Server Manager.
  2. Click on Manage > Add Roles and Features.
  3. Click Next until you reach the Server Roles section.
  4. Select Active Directory Domain Services and click Add Features.
  5. Click Next and then Install.
  6. Wait for the installation to complete and then click Close.

Step 3: Promote the Server to a Domain Controller

  1. In Server Manager, click on the flag notification at the top.
  2. Click Promote this server to a domain controller.
  3. Choose Add a new forest and enter your domain name (e.g., example.com).
  4. Click Next and set a Directory Services Restore Mode (DSRM) password.
  5. Continue clicking Next until you reach the Prerequisites Check.
  6. If no errors are found, click Install.

Step 4: Configure DNS and DHCP (Optional)

After rebooting, the server is now a Domain Controller. Configure additional services if needed:

  • DNS: Ensures proper domain resolution.
  • DHCP: Assigns IP addresses to clients on the network.

Step 5: Create Users and Groups

  1. Open Active Directory Users and Computers from the Start menu.
  2. Expand your domain and navigate to Users.
  3. Right-click and select New > User.
  4. Enter user details and click Next.
  5. Set a password and configure password policies.
  6. Click Finish to create the user.

Step 6: Join Client Machines to the Domain

  1. On a client machine, open System Properties (sysdm.cpl).
  2. Click Change and select Domain.
  3. Enter the domain name (e.g., example.com).
  4. Enter domain admin credentials and restart the client.

Step 7: Configure Group Policies

Use Group Policy Management to enforce security settings:

  1. Open Group Policy Management from the Start menu.
  2. Create or edit policies under Group Policy Objects (GPOs).
  3. Link the GPOs to Organizational Units (OUs).

Next Steps

Congratulations! You have successfully set up Active Directory on Windows Server 2019. Next, consider:

  • Implementing advanced security policies.
  • Configuring multi-factor authentication.
  • Setting up replication for multiple domain controllers.

For further customization, refer to the official Microsoft AD documentation.