Windows Server 2008 is a system specially designed for servers that request the high-level security. This system requires that passwords must meet the password complexity requirements by default and enforces the user or domain controller to set a strong password and change it regularly. Microsoft recommends people to manage the computers that more than a certain number of 10 or more in a group by a domain control. To do this, you must install Active Directory Domain Controller in Windows Server 2008.
Steps of installation:
1. Open the Run box and type "dcpromo" and click OK.
The system will start to check if Active Directory Domain Services ( ADDS) binaries are installed and then run the installation wizard. The binaries could be installed if you had run the "dcpromo" command previously and then canceled the operation after the binaries were installed.
2. Once the Active Directory Domain Services Installation Wizard comes out, you can either select the checkbox beside Use Advanced mode installation and Click Next, or keep it unselected and click on Next.
On the next window, click Next.
3. Choose the checkbox that says Create a new domain in a new forest and Click Next.
4. Enter the Fully Qualified Domain Name of the forest root domain in the text box and click Next.
The system is checking whether the new forest name is already used. Wait...
5. Select the Forest Functional Level, choose the level you desire (here we choose Windows 2000) and click on Next.
6. In the previous step, If you have selected any Forest Functional Level other than windows Server 2008 and clicked on Next, you will see another dialog box of selecting the domain functional level, make sure to read the description of each functional level to understand the difference between each one. select Windows 2000 Native and click Next
7.(Optional) In the Additional Domain Controller Options page, you can select installing the Domain Name Service to your server ( if you want ) and then click on Next.
Note：The first domain controller in a forest must be a Global Catalog, so that’s why the checkbox beside Global Catalog is disabled.
8. If you don’t have static IP assigned to your server, you will see the following screen shot. At this point, you need to assign static IP and restart the above process; or you can choose Yes to continue.
9. After examining DNS configuration, if the wizard cannot create a delegation for the DNS server, it will display a message to indicate that you can create the delegation manually. To continue, click Yes to go on.
10. Now you will have the location where the domain controller database, log files and SYSVOL are stored on the server. Recommend you to accept the defaults and hit Next.
The database stores information about the users, computers and other objects on the network. The log files record activities that are related to ADDS, such information about an object being updated. SYSVOL stores Group Policy objects and scripts.
11. In the Directory Services Restore Mode Administrator Password (DSRM) page, write a password and confirm it. This password is used when the domain controller is started in Directory Services Restore Mode, which might be because Active Directory Domain services is not running, or for tasks that must be performed off line. Make sure that you memorize this password when you need it.Click Next.
12. Summary page will be displayed showing you all the setting that you have set . It gives you the option to export the setting you have setup into an answer file for use with other unattended operations, if you wish to have such file, click on the Export settings button and save the file. Then click Next.
13. As you can see, the DNS Installation starts.
14. Following the installation for several minutes, the Domain Controller active Directory installation will be completed, click Finish.
15. Now restart your computer for the changes to take effect.
Click on Start > Administrative Tools, you will notice that following have been installed:
Active Directory Domains and Trusts
Active Directory Sites and Services
Active Directory Users and Computers
Group Policy Management
Even if you can select the Active Directory Users and Computers, you can see all users and groups in the pane. It indicates that Windows Server 2008 Domain Controller and DNS Server installation has been completed successfully.
Setting up a Domain Controller in Windows Server 2008 is not so complicated. But when you add a AD domain password, your should remember it.
Note: If you have lost this AD domain password, the only way to reset it is using a Windows Password Rescuer which help you reset the AD Domain password. And one of the best is Windows Password Rescuer advanced. It has 100% recovery rate and also compatible to Windows 2000/NT. You can see How to Reset Your Windows Domain Administrator Password.