Skip to content

Domain_controller_setup.md

Latest commit

 

History

History
264 lines (156 loc) · 4.31 KB

Domain_controller_setup.md

File metadata and controls

264 lines (156 loc) · 4.31 KB

🪟 Windows Server 2022 Setup Guide (AD, DNS, NTP)

Visit this link to setup and install Windows server in proxmox: https://www.youtube.com/watch?v=bEoGu50G09E

This guide covers:

  • 🏢 Active Directory Domain Services (AD DS)
  • 🌐 DNS Server (Forward & Reverse Lookup Zones)
  • ⏱️ NTP Server Configuration

⚙️ 1. Initial Server Configuration

🌐 Configure Static IP

Go to:

Control Panel > Network and Sharing Center > Change adapter settings

  • Right-click Ethernet → Properties → IPv4

Configure:

  • IP Address → 10.100.30.2
  • Subnet Mask → 255.255.255.0
  • Gateway → 10.100.30.1
  • Preferred DNS → 10.100.30.2 (itself)

Click OK

🏢 2. Install Active Directory Domain Services

Go to:

Server Manager > Manage > Add Roles and Features

📦 Installation Steps

  • Select: Role-based or feature-based installation
  • Select your server
  • ✅ Check:
    • Active Directory Domain Services
    • DNS Server (auto-selected)

Click Next → Install

🧩 3. Promote to Domain Controller

After installation:

Click ⚠️ Promote this server to a domain controller

🌐 Deployment Configuration

  • Select: Add a new forest
  • Root domain name:
    • local.lab

Click Next

🔐 Domain Controller Options

  • Forest Functional Level: Windows Server 2016+
  • Domain Functional Level: Windows Server 2016+
  • ✅ DNS Server
  • Set DSRM Password

Click Next → Install

🔁 Server will reboot automatically

👥 4. Create Users & Departments (Organizational Units)

Go to:

Server Manager > Tools > Active Directory Users and Computers

🏢 Create Organizational Units (Departments)

Right-click your domain → New > Organizational Unit

Create the following:

  • 💰 Finance
  • 💼 Sales
  • 🧑‍💼 HR

1

💡 This helps organize users and apply Group Policy later.

👤 Create Users

💼 Sales Department

Right-click Sales OUNew > User

  • 👤 Username: Sale1
  • 🔑 Password: UMbrceT7

🧑‍💼 HR Department

Right-click HR OUNew > User

  • 👤 Username: Hr1
  • 🔑 Password: zGW4twKh

💰 Finance Department

Right-click Finance OUNew > User

  • 👤 Username: Fin1
  • 🔑 Password: pu7D7zDz

⚙️ User Configuration

For each user:

  • ✅ User must change password at next logon: ❌ Disabled
  • 🔒 Password never expires: ✅ Enabled (lab only)
  • 🚫 Account is disabled: ❌ Disabled

Click Finish

2

🌐 5. DNS Configuration

Go to:

Server Manager > Tools > DNS

📌 Forward Lookup Zone (Domain)

  • Expand server → Forward Lookup Zones
  • You should see:
    • local.lab (auto-created)

➕ Create New Forward Zone (Optional)

  • Right-click → New Zone

Configure:

  • Zone Type: Primary
  • Zone Name: local.lab (optional)

3

🔄 Reverse Lookup Zone

➕ Create Reverse Zone

  • Right-click → Reverse Lookup Zones > New Zone

⚙️ Configuration

  • Zone Type: Primary
  • IPv4 Reverse Lookup Zone
  • Network ID:
    • 10.100.10

Click Finish

➕ Add PTR Record

  • Right-click → New Pointer (PTR)

Fill:

  • Host IP: 2
  • Hostname: ise.local.lab

Click OK

4

⏱️ 6. Configure NTP Server

🛠️ Enable NTP Service

Open Command Prompt (Admin):

w32tm /config /manualpeerlist:"time.windows.com,0x8" /syncfromflags:manual /reliable:yes /update
net stop w32time
net start w32time

🔓 Allow NTP Through Firewall

netsh advfirewall firewall add rule name="NTP" dir=in action=allow protocol=UDP localport=123

🔍 Verify NTP Status

w32tm /query /status
w32tm /query /configuration

5.0

5.1

📌 Design Notes

  • 🧠 DNS is critical for AD — must point to itself
  • ⏱️ NTP ensures Kerberos authentication works properly
  • 🔐 AD integrates with Cisco ISE for enterprise authentication

🎯 Summary

This setup includes:

  • 🏢 Active Directory Domain Controller
  • 🌐 DNS Server with forward & reverse lookup
  • ⏱️ NTP Server for time synchronization
  • 👥 Centralized user authentication