Tested, trusted & part of my daily flow.
đž Proton VPN â Private Connection
đ Proton Pass â Encrypted Passwords
*Partner links â support DevOps Compass đ
Need answers fast? Your friendly Spider-Dev is live on Discord:
Install Active Directory Domain Services on Windows Server 2008 R2
This article is for those looking for a detailed and straightforward guide on installing Active Directory Domain Services on Windows Server 2008 R2.
IMPORTANTIn this guide, we will consider the case when you already have a server with Windows Server 2008 R2 installed on it.
For details on installing Windows Server 2008 R2, read my guide: Install Windows Server 2008 R2.
NOTETo learn how to install Active Directory Domain Services on Windows Server 2019, read: Install Active Directory Domain Services on Windows Server 2019.
CAUTIONBefore installing the Active Directory Domain Services role, make sure to assign the server a proper name according to your organizationâs standards. Then, configure a static IP address, subnet mask, gateway, and DNS server address.
We go into the system under an account with administrator rights and go to the âStartâ menu, right-click on âComputerâ and select âPropertiesâ.
Next, in the âSystemâ window in the âComputer name, domain, and workgroup settingsâ section, click on the âChange settingsâ button.
In the âSystem Propertiesâ window on the âComputer Nameâ tab, click on the âChangeâ button.
I highly recommend that you think ahead about the name of the servers in your organization.
Next, specify the new server name in the âComputer Nameâ field and click on the âOKâ button.
The system will warn you that you need to restart the server to apply the new settings.
Click the âOKâ button.
In the âSystem Propertiesâ window, click on the âCloseâ button.
Now the system will offer to restart the server for the new settings to take effect.
Click on the âRestart Nowâ button.
Next, the server will start to reboot.
Now you need to register a static IP address in the network connection settings.
We log into the system under an account with administrator rights and go to the âStartâ menu, right-click on âNetworkâ and select âPropertiesâ.
Next, in the âNetwork and Sharing Centerâ window, click on the âChange adapter settingsâ button.
Now right-click on the âEthernetâ network connection and select âPropertiesâ.
Select âInternet Protocol Version 4 (TCP / IPv4)â and click on the âPropertiesâ button.
Next, select the item âUse the following IP addressâ and specify a free IP address, subnet mask, and gateway.
NOTEYou must understand in advance how your network works and know which IP addresses are available.
In the âPreferred DNS serverâ field, specify the IP address of this server, since your server will have the âDNS Serverâ role, which is installed together with the âActive Directory Domain Servicesâ role.
Click on the âOKâ button.
In the âLocal Area Connection Propertiesâ window, click the âCloseâ button.
You are now ready to install the Active Directory Domain Services role.
Open âServer Managerâ and select âAdd Rolesâ in the âRolesâ item.
Click on the âNextâ button.
Select the âActive Directory Domain Servicesâ role.
In the next step, the Role Installation Wizard will warn you that several components need to be installed to install the Active Directory Domain Services role.
Click on the âAdd Required Featuresâ button.
It is not necessary to select the DNS Server role at this point. It will be installed later.
Click on the âNextâ button.
Next, the âRole Installation Wizardâ invites you to familiarize yourself with additional information regarding the âActive Directory Domain Servicesâ role.
Click on the âNextâ button.
In order to start the installation of the selected role, click on the âInstallâ button.
The installation of the selected role and the components required for it has begun.
Installation of the Active Directory Domain Services role is now complete.
Now click on the button âClose this wizard and launch the Active Directory Domain Services Installation Wizard (dcpromo.exe)â in order to promote the role of your server to the domain controller level.
I highly recommend that you think ahead about which domain name you will use when adding a new forest.
Click on the âNextâ button.
Further, it is proposed to read additional information regarding the functionality of Windows Server 2008 R2.
Click on the âNextâ button.
This tutorial is about adding a new forest, so in the âActive Directory Domain Services Installation Wizardâ window, select âCreate a new domain in a new forestâ.
Click on the âNextâ button.
In the âFQDN of the new forest root domainâ field, specify the desired name for the root domain.
Click on the âNextâ button.
The next step is to select the functional level of the new forest and root domain.
If you are adding a new forest and plan to continue using servers based on the Windows Server 2008 R2 operating system, then you must select âWindows Server 2008 R2â.
Click on the âNextâ button.
For the domain controller to work correctly, the âDNS serverâ role must be installed.
Select âDNS serverâ and click on the âNextâ button.
At this point, the AD DS Configuration Wizard will warn you that a delegation for this DNS server cannot be created.
Click on the âYesâ button.
You can now change the paths for the AD DS database directories, log files and the SYSVOL folder. I recommend leaving these default values.
Click on the âNextâ button.
Specify the password for DSRM (Directory Service Restore Mode) and click on the âNextâ button.
The next step displays a summary of the server configuration.
Click on the âNextâ button.
The process of promoting the server to the domain controller has begun.
The process of promoting the server to the domain controller is complete.
Click on the âFinishâ button.
Now the system will offer to restart the server for the new settings to take effect.
Click on the âRestart Nowâ button.
Next, the server will start to reboot.
Server promotion to a domain controller is complete.
You can use the Active Directory Users and Computers snap-in to manage users, groups, and other Active Directory objects.
We go into the system under an account with domain administrator rights.
Go to the âStartâ menu and select the âAdministrative Toolsâ item, then select âActive Directory Users and Computersâ.
The Active Directory Users and Computers snap-in opens.
Patreon Exclusives
đ Join my Patreon and dive deep into the world of Docker and DevOps with exclusive content tailored for IT enthusiasts and professionals. As your experienced guide, I offer a range of membership tiers designed to suit everyone from newbies to IT experts.
Tools I Personally Trust
If youâre building things, breaking things, and trying to keep your digital life a little saner (like every good DevOps engineer), these are two tools that I trust and use daily:
đž Proton VPN - My shield on the internet. It keeps your Wi-Fi secure, hides your IP, and blocks those creepy trackers. Even if Iâm hacking away on free cafĂ© Wi-Fi, I know Iâm safe.
đ Proton Pass - My password vault. Proper on-device encryption, 2FA codes, logins, secrets - all mine and only mine. No compromises.
These are partner links - you wonât pay a cent more, but youâll be supporting DevOps Compass. Thanks a ton - it helps me keep this compass pointing the right way đ
Gear & Books I Trust
đ Essential DevOps books
đ„ïž Studio streaming & recording kit
đĄ Streaming starter kit
Social Channels
đŹ YouTube
đŠ X (Twitter)
đš Instagram
đ Mastodon
𧔠Threads
đž Facebook
đŠ Bluesky
đ„ TikTok
đ» LinkedIn
đŁ daily.dev Squad
âïž Telegram
đ GitHub
Community of IT Experts
đŸ Discord
Refill My Coffee Supplies
đ PayPal
đ Patreon
đ„€ BuyMeaCoffee
đȘ Ko-fi
đ GitHub
⥠Telegram Boost
đ Bitcoin (BTC): bc1q2fq0k2lvdythdrj4ep20metjwnjuf7wccpckxc
đč Ethereum (ETH): 0x76C936F9366Fad39769CA5285b0Af1d975adacB8
đȘ Binance Coin (BNB): bnb1xnn6gg63lr2dgufngfr0lkq39kz8qltjt2v2g6
đ Litecoin (LTC): LMGrhx8Jsx73h1pWY9FE8GB46nBytjvz8g
Is this content AI-generated?
No. Every article on this blog is written by me personally, drawing on decades of hands-on IT experience and a genuine passion for technology.
I use AI tools exclusively to help polish grammar and ensure my technical guidance is as clear as possible. However, the core ideas, strategic insights, and step-by-step solutions are entirely my own, born from real-world work.
Because of this human-and-AI partnership, some detection tools might flag this content. You can be confident, though, that the expertise is authentic. My goal is to share road-tested knowledge you can trust.