Prerequisites
- Windows Server 2019/2022/2025
- Admin privileges
- Static IP + proper DNS plan
1. Install AD DS Role
Use Server Manager or PowerShell:
Powershell
Install-WindowsFeature AD-Domain-Services -IncludeManagementTools2. Promote to Domain Controller
- Post-install tasks → Promote this server to a domain controller.
- Create new forest (example: corp.local).
- Specify DSRM password and complete wizard.
3. DNS Configuration
Ensure clients use the DC IP as primary DNS.
Common Tasks
- Create OUs (Users, Computers, Servers).
- Create users & groups (least privilege).
- Link baseline GPO (password, audit, hardening).
Best Practices
- Document OU & GPO structure.
- Keep SYSVOL healthy & replicate.
- Regular system state backups.