News We Recently Launched AD Migrator and AD Reporter.

How to Set up a Domain Controller Server 2012 r2 Guide With Tips

  author
Written By Andrew Jackson
Anuraag Singh
Approved By Anuraag Singh
Published On May 22nd, 2024
Reading Time 7 Minutes Reading

Admins whose organizations invest in an on-premise Windows Active Directory often ask how to set up a domain controller server 2012 r2 at the earliest. This is because the installation process is quite confusing. Moreover, for newly appointed AD managers, this can be a huge undertaking. Even for veterans of the industry, a refresher on the best practices can be helpful in their next installation. So without further ado, let’s begin.

Table of Contents

Part 1 of GUI-Based Setup of A Domain Controller Server 2012 R2

Step 1. Get to the Server Manager Portal and Open Roles and Features

Login to the workstation where you have to complete the setup and search for Server Manager.

On the right-hand side of the top menu ribbon, you will find the Manage option click on it to expand the hidden menu.

Choose the Roles and Features options from the list and wait for the installation agent to appear.

Get to the Server Manager Portal

Step 2. Ensure that Roles and Features Prerequisites are Complete

Depending on your setup, you may or may not see a before you begin option. However, ensure that you complete the tasks mentioned here before proceeding.

Admin attempting the setup should have a strong password.

Static IPs and other network settings should be preconfigured.

The Windows machine should be on the latest security update.

If you do not want this screen to appear in future DC setups, toggle the checkbox. Then press Next.

complete Roles and Features Prerequisites

Step 3. Choose an Installation Type

This is the first major junction in the answer for how to set up a domain controller server 2012 R2 environment. The options include either Role/Feature-Based Installation or Remote Desktop installation. Go with the default Role/Feature-Based option unless you have one or more of the following requirements.

  • The company wants the user’s apps and their workstations to be on different servers.
  • A fast but fixed-style setup is what your organization wants.
  • There is no plan to expand the domain control functionality.
  • Security considerations associated with remote access are acceptable.

Our steps continue with the default selections.

Installation Type

Part 2 in the GUI Style Setup of A DC Server 2012 R2

Step 4. Pick the Destination to Place the Server

Here also, admins have two options to choose from. The default pre-selected option is one where they have to choose a specific server from the available list. Here, the list should not display more than one server unless admins have added them manually.

Another way is to set up a virtual hard disk. The secondary requirement of a VHD is that the share should have both read and write permissions. You won’t be able to complete the setup with just the user-only access. Once done, click Next.

Destination

Step 5. Complete Server Role Selection

One of the most important steps in our progress toward how to set up a domain controller server 2012 R2 is role selection. This determines what you can and cannot do inside the new DC. Although the services can be installed later on many admins prefer to complete it alongside the installation itself.

So we suggest that you follow the same, mark the boxes next to the roles you would require. Read through the role description present in the wizard to make your section; after that, press Next.

Complete Server Role Selection

Step 6. The Features page and ADDS page requires no changes so just press the Next button on both.

Step 7. In the Confirmation page too you need to press the Next Button. Moreover, it allows you to setup an automatic reboot of the system once the configuration is complete.

Step 8. ADDS should start installation once it is complete close this dialog box and go to the Server Manager portal. There, hit the Flag icon, click “Promote this server to Domain Controller” and move on to the next part.

Part 3 on How to Set up a Domain Controller Server 2012 R2

  • Once the ADDS configuration wizard launches, select Add a new forest and fill in your root domain name. Not that it must be unique. After that, hit Next.
    Add a new forest
  • On the Domain Controller Options Screen, don’t change the Forest functional level and Domain functional level as it is. Likewise, keep the check in the DNS box. Add a password for Directory Services Restore Mode and hit Next.
    Domain Controller Options
  • The DSRM password is to ensure we can boot the DC in recovery mode.
  • Skip the warning notification and hit the Next Button.
  • Perform NetBIOS verification and Hit Next.
  • Add the ADDS Database, Log Files, and SYSVOL folder path. The Wizard selects these paths on its own so don’t change unless required.
    ADDS Database, Log Files, and SYSVOL folder path
  • Check your selections and press Next.
  • Once the Wizard confirms the prerequisite checks hit the Install button.
  • After Installation ends click on Close.
  • Your machine needs to restart to reflect the changes.

Other than the GUI, users have the option to deploy PowerShell scripts too so let’s see how it’s done.

How to Set up a Domain Controller Server 2012 R2 PowerShell Cmdlets

The PowerShell method unlocks much more granular control over the installation process. However, we suggest that you stick with the GUI approach unless you have prior experience.

Step 1. Prepare the Server for Domain Controller setup.

Ensure that the OS is on the latest security patch.

To make a static IP via PowerShell use the following pair of cmdlets:

New-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress "0.0.0.0" -PrefixLength 24 -DefaultGateway "0.0.0.0"

Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses "0.0.0.0"

Step 2. Install the ADDS (Active Directory Domain Service) Role using the following PowerShell command:

Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

Step 3. Convert the default Server into the Domain Controller. For that import the ADDSDeployment module, then pick one of two scripts.

If deploying the DC in a new forest:

Install-ADDSForest -DomainName "example.com" -CreateDnsDelegation:$false -DatabasePath "C:\Windows\NTDS" -DomainMode "Win2012R2" -DomainNetbiosName "EXAMPLE" -ForestMode "Win2012R2" -InstallDns:$true -LogPath "C:\Windows\NTDS" -NoRebootOnCompletion:$false -SysvolPath "C:\Windows\SYSVOL" -Force -SafeModeAdministratorPassword (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force)

To add the DC in an existing domain:

Install-ADDSDomainController -DomainName "example.com" -InstallDns:$true -SiteName "Default-First-Site-Name" -DatabasePath "C:\Windows\NTDS" -LogPath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -NoRebootOnCompletion:$false -Force -SafeModeAdministratorPassword (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force)

Step 4. DNS configuration settings and installation verification

Get-DnsServerZone

Get-DnsServerResourceRecord -ZoneName "example.com"

Get-ADDomain

Get-ADDomainController

Get-ADForest

Step 5. Post Installation configuration

Build OU’s:

New-ADOrganizationalUnit -Name "OU_Name" -Path "DC=example,DC=com"

Create Users:

New-ADUser -Name "FName LName" -GivenName "FName" -Surname "LName" -SamAccountName "user1" -UserPrincipalName "[email protected]" -Path "OU=Users,DC=example,DC=com" -AccountPassword (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force) -Enabled $true

Make Groups:

New-ADGroup -Name "Group_Name" -SamAccountName "Group_Name" -GroupCategory Security -GroupScope Global -Path "OU=Groups,DC=example,DC=com"

Add Policies:

New-GPO -Name "Policy_Name"

New-GPLink -Name "Policy_Name" -Target "OU=OU_Name,DC=example,DC=com"

Aftermath of Domain Controller Server 2012 r2 Installation

A key step that administrators need to complete is to make a report on the object behavior in the new DC. For that, they can use the SysTools Active Directory Reporting software.

Download Now Purchase Now

With it, admins can find what OU a user is in and also see if the AD user is locked or not. Moreover, it is recommended that administrators keep scheduled checks at regular intervals to check user login history in Active Directory. Apart from that, administrators may need the access to Microsoft’s official troubleshooting guide in case things go south.

Conclusion

Here in this write-up, we taught users how to set up a domain controller server 2012 r2 in an AD environment. We hope that admins are able to complete the installation by using either the GUI or PowerShell method. Other than that, once the configuration is done, we ask admins to complete the audit of their AD with the tool that is prescribed. Doing this allows the admin to double-check the object deployment and ensure that the setup happened correctly.

  author

By Andrew Jackson

I am SQL DBA and SQL Server blogger too. I like to share about SQL Server and the problems related to it as well as their solution and also I do handle database related user queries, server or database maintenance, database management, etc. I love to share my knowledge with SQL Geeks.