Active Directory Install and Setup

Setting up an Active Directory Instance

Install Windows Server Std with no GUI. Make sure the domain controller has a static IP address or is manually set to get it from DHCP.

Command to install Domain Services

install-windowsfeature ad-domain-services -includemanagemnttools

Trusted Hosts

Confirm winrm is working first.

Viewing current trusted hosts

get-item wsman:\localhost\client\trustedhosts

Adding trusted hosts

set-item wsman:\localhost\client\trustedhosts **** Can either add items separatly, mulitple items must be separated by commas in quotes. Can also use computer name or domain name. Using a * character is bad security practice as it allows all machines.

Configuring Active Directory

import-module addsdeployment
install-addsforest

Installs the AD Forest things. This will setup the domain name.

DNS Message: A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run Windows DNS Server. If you are integrating with an existing DNS infrastructure, you can manually create a delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain. Otherwise no action is required.

Machine will reboot when done.

Change DNS to the machine itself.

Client Config

Make sure to change the computer name. get-dnsclientserveraddress View DNS settings for the machine set-dnsclientserveraddress -interfaceindex # -serveraddress DC_IP_Address add-computer -domainname name -credential (get-credential) -force -restart Add the computer to the new domain. Add ad\ in front of the username.

Building out Active Directory with Users and Groups