Nov 21, 2024 4 min read

Create a Active Directory (AD) Domain in Windows Server 2022

In this guide, we will create an Active Directory (AD) domain using a Domain Controller in Windows Server 2022.

Table of Contents

What is an Active Directory (AD) Domain?

An Active Directory (AD) Domain is a fundamental organizational unit in Microsoft Windows network environments that serves as a centralized system for managing and securing network resources, user accounts, and network configurations. It is a hierarchical structure that allows system administrators to create and manage user profiles, implement security policies, and control access to network resources across an entire organization.

Key characteristics of an Active Directory Domain include:

  1. Centralized Authentication: The domain provides a single login and authentication point for users, allowing them to access various network resources with a single set of credentials.
  2. Organizational Structure: Domains are organized into logical hierarchies, typically consisting of domains, organizational units (OUs), and groups, which help manage users, computers, and network resources efficiently.
  3. Group Policy Management: Administrators can create and enforce group policies that define security settings, software installation, desktop configurations, and other network-wide parameters.
  4. Security and Access Control: The domain controller manages user permissions, access rights, and security policies, ensuring users can only access resources appropriate to their role and authorization level.
  5. Scalability: Domains can be structured in complex configurations like forests and trees, allowing organizations to manage large, geographically distributed networks with multiple domains.

Lab Prerequisite

Network Configuration

I will assign VMnet4 to my Windows Server Network Adapter.

Windows Server 2022 Virtual Machine Setting
Windows Server 2022 Virtual Machine Setting

VMnet4 will have an IP address range of 192.168.10.0/24, and DHCP will be disabled. I was planning to allow my firewall to control the DHCP OR have another Windows Server that can run DHCP.

From my experience, it's very common for corporations to have multiple of multiple Domain Controllers.

Optional: Install VMware Tool

I like to install the VMware tool when I first log into a Virtual Machine. Why?

  • Access to Full-Screen Resolution.
  • Access to Copy & Paste.

If you don't know how to install VMware Tools on your virtual machine, Check out my guide on "How to Install the VMware Tool"

Step 1: Install Server Roles

On your screen, you should have Server Manager in front of you. If not, you can access it by going to the search bar and type: "Server Manager".

Server Manager.exe

Next, we will select "Manage" -> "Add Roles and Features"

Add Roles and Features wizard will pop up

Add Roles and Features Wizard: Step 1

Click "Next" -> Installation Type: "Role-based or Feature-based installation" -> Click Next.

Add Roles and Features Wizard: Step 2

Next, we will select our destination server - essentially, what server are we applying these changes to?

Add Roles and Features Wizard: Step 3
Add Roles and Features Wizard: Step 3

Next Server Roles, we will select "Active Directory Domain Services" -> Add Features and click Next.

Add Roles and Features Wizard: Step 4
Add Roles and Features Wizard: Step 4

For features, we are going to skip and click next.

Add Roles and Features Wizard: Step 5
Add Roles and Features Wizard: Step 5

Active Directory Domain Services: -> Next.

Active Directory Domain Services

Check: "Restart the destination servicer automatically if required" -> Install.

Add Roles and Features Wizard: Step 6

After the installation is done, we can click close.

Add Roles and Features Wizard: Step 7

Step 2: Promote Server to Domain Controller

Your server manager should have a flag with a yield sign. Click on the yield sign, and you should see the text "Promote this server to a domain controller." Click the text.

Promote this server to Domain Controller

After you click the text, the Active Directory Domain Services Configuration Wizard will appear.

In this menu, we will create our domain.

First, we will select the third option: "Add a new forest."

Then, I will name my root domain securitynguyen.com. You can also name the domain something else and click "Next."

The next section is Domain Controller Options.

For the Forest and Domain Functional Levels, I will choose "Windows Server 2016." If I want my Domain controller to become a "DNS Server," I will leave that option checked. For now, I'll leave it as it is.

Domain Controller Options - Windows Server 2022 (Active Directory)

Then, for "Directory Services Restore Mode," assign any password.

Next is DNS Options; this section has nothing to do. We will click Next.

Next is Additional Options; I'm just going to click Next.

Next, the setup will ask where you want to store the Active Directory Database, Log Files, and SYSVOL. I'm just going to keep the default setting.

Storage Location for AD DS Database, Log Files, SYSVOL

Next, Active directory will show you all the changes being made.

Then, Active Directory will check whether your Windows Server is ready for installation. After Active Directory finishes checking your Windows Server, click Install.

Prerequisites Check For Windows Server 2022
Prerequisites Check

After installation, your Windows server should restart, and a log menu with the domain name should appear. As shown below.

Active Directory Domain Login - Window Server 2022

Congratulations! You started a domain on your Windows Server.

Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to SecurityNguyen.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.