Installing a New Windows Server 2008 Domain Tree by Using the Graphical User Interface (GUI)

  • Article

Applies To: Windows Server 2008, Windows Server 2008 R2

The Windows interface provides two wizards that guide you through the installation process for Active Directory Domain Services (AD DS). The first wizard is the Add Roles Wizard, which you can access in Server Manager. The second wizard is the Active Directory Domain Services Installation Wizard, which you can access in the following ways:

  • When you complete the Add Roles Wizard, click the link to open the Active Directory Domain Services Installation Wizard.

  • Click Start, click Run, type dcpromo.exe, and then click OK.

Administrative credentials

To perform this procedure, you must be a member of the Enterprise Admins group in the forest.

To install a new domain tree by using the Windows interface

  1. Open Server Manager. Click Start, point to Administrative Tools, and then click Server Manager.

  2. In Roles Summary, click Add Roles.

  3. If necessary, review the information on the Before You Begin page, and then click Next.

  4. On the Select Server Roles page, click the Active Directory Domain Services check box, and then click Next.

Note

On a server that runs Windows Server 2008 R2, you might have to click Add Required Features to install .NET Framework 3.5.1 features before you can click Next.

  1. If necessary, review the information on the Active Directory Domain Services page, and then click Next.

  2. On the Confirm Installation Selections page, click Install.

  3. On the Installation Results page, click Close this wizard and launch the Active Directory Domain Services Installation Wizard (dcpromo.exe).

  4. On the Welcome to the Active Directory Domain Services Installation Wizard page, select the Use advanced mode installation check box, and then click Next.

    The option to install a new domain tree appears only if you select the Use advanced mode installation check box.

  5. On the Operating System Compatibility page, review the warning about the default security settings for Windows Server 2008 and Windows Server 2008 R2 domain controllers, and then click Next.

  6. On the Choose a Deployment Configuration page, click Existing forest, click Create a new domain in an existing forest, select the Create a new domain tree root instead of a new child domain check box, and then click Next.

  7. On the Network Credentials page, type the name of any existing domain in the forest where you plan to install a new domain. Under Specify the account credentials to use to perform the installation, click My current logged on credentials or click Alternate credentials, and then click Set. In the Windows Security dialog box, provide the user name and password for an account that can use to install the new domain tree. To install a new domain tree, you must be a member of the Enterprise Admins group. When you are finished providing credentials, click Next.

  8. On the Name the New Domain Tree Root page, type the domain name for the new domain tree, and then click Next.

    Although Dcpromo.exe in Windows Server 2008 and Windows Server 2003 allows you to create a single-label DNS domain name, you should not use a single-label DNS name for a domain for several reasons. In Windows Server 2008 R2, Dcpromo.exe does not allow you to create a single-label DNS name for a domain. For more information, see https://go.microsoft.com/fwlink/?LinkId=92467.

  9. On the Domain NetBIOS Name page, change the name, if necessary, and then click Next.

  10. On the Set Domain Functional Level page, select the domain functional level that accommodates the domain controllers that you plan to install anywhere in the domain, and then click Next.

  11. On the Select a Site page, select a site from the list or select the option to install the domain controller in the site that corresponds to its IP address, and then click Next.

  12. On the Additional Domain Controller Options page, select any additional options for the domain controller, and then click Next.

    The DNS server option is selected by default so that your domain controller can function as a DNS server and so that a delegation is created in Domain Name System (DNS) for this domain.

    The Global catalog option is not selected by default. If you select this option, be aware that this domain controller will also host the domain-wide operations master (also known as flexible single master operations or FSMO) roles for the new domain, including the infrastructure master role. Hosting the infrastructure mater role on a global catalog server in a child domain can cause problems unless all the domain controllers in the domain are global catalog servers.

    If you do not have static IPv4 and IPv6 addresses assigned to your network adapters, a warning message might appear advising you to set static addresses for both of these protocols before you can continue. If you have assigned a static IPv4 address to your network adapter and your organization does not use IPv6, you can ignore this message and click, Yes, the computer will use a dynamically assigned IP address (not recommended).

Important

We recommend that you not disable the IPv6 protocol.

  1. On the Source Domain Controller page, select Any writable domain controller or select This specific domain controller to specify a domain controller from which to replicate the configuration and schema directory partitions, and then click Next.

  2. On the Location for Database, Log Files, and SYSVOL page, type or browse to the volume and folder locations for the database file, the directory service log files, and the SYSVOL files, and then click Next.

    Windows Server Backup backs up the directory service by volume. For backup and recovery efficiency, store these files on separate volumes that do not contain applications or other nondirectory files.

  3. On the Directory Services Restore Mode Administrator Password page, type and confirm the restore mode password, and then click Next. This password must be used to start AD DS in Directory Service Restore Mode (DSRM) for tasks that must be performed offline.

  4. On the Summary page, review your selections. Click Back to change any selections, if necessary.

    To save the installation settings that you selected to an answer file that you can use to automate subsequent installations of AD DS, click Export settings. Type the name for your answer file, and then click Save.

    When you are sure that your selections are accurate, click Next to install AD DS.

  5. On the Completing the Active Directory Domain Services Installation Wizard page, click Finish.

  6. You can either select the Reboot on completion check box to have the server restart automatically or you can restart the server to complete the AD DS installation when you are prompted to do so.