Configuring the Windows Server 2016 Domain Controller

These are step-by-step instructions to create the first DC in a lab environment, or even an environment which you intend to turn into a production network:

1. Install the Windows Server 2016 operating system onto your server, whether virtual or physical. You can run a DC as a Server Core, but if this is your first Windows Server into an environment, I strongly recommend you choose the option for Desktop Experience. Only this option will give you a full point-and-click graphical interface for interacting with your server. The default Windows Server 2016 Standard option is for implementing Server Core, which would generally only be used by more experienced administrators:

1. Once inside the operating system, configure a static IP address. While it is possible to change the IP address of a DC if you really need to, it is common practice to consider an IP address on a DC to be a permanent fixture, because changing it down the road could result in problems. So, choose your IP wisely. Since basically everyone installs both the Active Directory Domain Services and the DNS roles at the same time on all of their DCs, we will assume that should be the case for you as well and as such, you want to also insert this DC's own IP address as the primary DNS address inside the NIC properties, as shown. Alternatively, you could input 127.0.0.1 as the Preferred DNS server, that would work just as well:

1. Give this server a permanent hostname. You can accomplish this by right-clicking on the Start flag, then choosing to open System properties. Then click Change settings under the Computer name section, and press the Change... button:

1. Input the name of your DC. This name will not be able to be changed later, so make sure you pick a good one. DC1 always works well for a test lab:

1. After changing the hostname, you will be asked to Restart the server. Go ahead and do that now. Once it reboots, you should now be sitting on the desktop, looking at the Server Manager tool (it opens automatically).
2. Near the middle of Server Manager, click on Add roles and features.
3. Click Next three times. You should now be at the Select server roles screen. This screen is a list of all the Roles that are available to install on to your Windows Server.

1. Check the box for Active Directory Domain Services. When you select this box, you will be asked whether you want to Add features that are required for Active Directory Domain Services? Make sure to press the Add Features button to agree to add these features:

1. Back at the Select server roles screen, make sure to also check the box next to DNS Server, to make sure those components are installed as well. DCs are almost always DNS servers.

1. Click Next and you'll find yourself on the Select features screen. You don't have to do anything here, but you'll notice that there is already a checkbox next to Group Policy Management. This is your indication that when this role finishes installing, you will have the Group Policy toolset available to you on this new server:

1. Click Next three more times, and then click the Install button. This will kick off the installation process for Active Directory services on this server:

1. When the role installation is complete, you will notice a yellow exclamation mark near the top of Server Manager. Go ahead and click on that, and it will tell you that additional configuration is required for Active Directory Domain Services. Click on the link that says Promote this server to a domain controller.

1. Since this is the first DC in our environment, choose the option for Add a new forest and then type a name for your domain:

1. This name is even more important than the hostname of your DC, because the name of your domain will be integrated into everything and will be around for a very long time!
2. On the Domain Controller Options screen, specify a Directory Services Restore Mode password and click Next. When setting up a brand-new domain, the rest of the settings that default on this page are generally the ones that you want to stick with:

1. Unless you have a specific need to change one of the remaining settings, you can simply click Next through all the remaining screens of this wizard.

1. There will be a few expected warnings on the Prerequisites Check screen, and these are normal. Go ahead and click Install. When finished, the server will reboot automatically. You now have a fully functional domain hosted on this new DC, and you are ready to start playing around with Group Policy!