What is Domain Controller and why do we need it?
A domain controller is a server computer that provides security in a domain by responding to an authentication request from other devices in the network. It is also called Microsoft Active Directory Domain Services. We mainly need it to protect the network from unauthorized access by verifying users at the network level.
In this example, I will be adding a Windows Server 2012 R2 as the first DC for the domain. The first DC is the primary DC and performs all the five FSMO roles:
- Schema master
- Domain naming master
- RID master
- PDC emulator
- Infrastructure master
When you have multiple Domain controllers you can transfer the FSMO role. For more information check the link here.
Installation and Configuration
I have already installed the following role – Active Directory Domain Services/DHCP Server/ DNS Server from the Server Manager. The roles can be installed from the Server Manager/Add Roles and Feature. We will need the DHCP to assign IP addresses and the DNS to resolve the hostname of devices to IP address assigned by DHCP.
Next, we will complete the post-deployment configuration by promoting the server as domain controller from Server Manager
We will follow the Wizard:
- Apply the root domain name
- In the domain controller option, we will keep the domain/forest functional level as it is. Select DNS/GC and provide the DSRM password. DSRM will be needed when we want to retrieve the active directory database in case of any issue.
- Rest we will complete the wizard as it is, do the pre-requisite check and then install it. Once the installation is complete the server will restart.
Voila, the setup is complete and ready to act as a domain controller. To check if the server has an FSMO role and running properly, run the following command in Powershell on the Domain controller.
Netdom query FSMO
Dcdiag /c
- KB170098
