INTRODUCTION
In this exercise, you will practice some of the core administrative tasks in Active Directory related to setting up and organizing a company’s domain environment.
Imagine you are the IT administrator for a growing business that is expanding into new locations. To support this growth, you need to ensure that your Active Directory environment is structured, reliable, and ready to handle users and resources across multiple offices.
Here’s what you will do in this exercise:
- Turn a regular server into a Domain Controller: A Domain Controller (DC) is the “brain” of Active Directory, it stores the user accounts, manages authentication, and applies security rules across the network. Promoting a server to a DC makes it part of this central system.
- Move a special control role (FSMO role) to the new Domain Controller: Flexible Single Master Operations (FSMO) roles are like “special duties” in the domain that only one DC can handle at a time. You will transfer one of these roles to the new DC to balance the workload and improve reliability.
- Create a new site: Sites in Active Directory represent physical locations, such as different office branches. By creating a site, you help AD understand the company’s network structure, which improves performance and replication efficiency.
- Add a subnet to the site: Subnets tell Active Directory which IP address ranges belong to which physical location. By linking a subnet to a site, you ensure that users in that office connect to the right Domain Controller.
By completing this exercise, you will learn how IT administrators prepare an Active Directory environment for growth, distribute responsibilities across servers, and organize the network to reflect the company’s real-world locations.
Part 1 – Install Active Directory Domain Services (AD DS) and Promote to Domain Controller
In this part, you will make the server TAILWIND-MBR1 a Domain Controller for the TAILWINDTRADERS domain.
Steps:
Sign in to TAILWIND-MBR1 as:
Username: TAILWINDTRADERS\Administrator
Password: Pa55w.rdPa55w or password of your choice you used
In Server Manager, click Manage in the top-right menu and choose Add Roles and Features.
In the Add Roles and Features wizard:
On the Before you begin page → click Next.
On Select installation type → choose Role-based or feature-based installation → click Next.
On Select destination server → make sure TAILWIND-MBR1 is selected → click Next.
On Select server roles → tick Active Directory Domain Services.
A box pops up → click Add Features.
Click Next.
On Select features → click Next.
On Active Directory Domain Services info page → click Next.
On Confirm installation selections → click Install.
This may take a few minutes.
When done → click Close.
In Server Manager, click the notification flag icon in the top-right corner.
From the notification menu, click Promote this server to a domain controller.
This opens the Active Directory Domain Services Configuration Wizard.
In the wizard:
On Deployment Configuration → choose Add a domain controller to an existing domain. Make sure the domain is tailwindtraders.internal.
You will need to log in again:
Click Change.
Username: Administrator
Password: Pa55w.rdPa55w.rd
Click OK → Next.
On Domain Controller options:
Keep the defaults.
For the Directory Services Restore Mode (DSRM) password, type Pa55w.rdPa55w.rd twice.
Click Next.
On DNS Options → click Next.
On Additional Options → click Next.
On Paths → click Next.
On Review Options → click Next.
On Prerequisites Check → click Install.
This can take a few minutes, and the server will restart automatically.
When it restarts, log back in as:
Username: tailwindtraders\administrator
Password: Pa55w.rdPa55w.
Part 2 – Transfer Flexible Single Master Operations (FSMO) Role
Here you will move the RID Master role from the old Domain Controller (TAILWIND-DC1) to the new one (TAILWIND-MBR1).
Steps:
On TAILWIND-MBR1, open Server Manager.
Go to Tools → Active Directory Users and Computers.
In the left panel, right-click "Active Directory Users and Computers".
Go to All Tasks → Operations Masters.
In the Operations Masters window, on the RID tab:
Click Change.
When asked, click Yes.
Click OK.
Click Close to exit the Operations Masters window.
Part 3 – Create an Active Directory Site and Configure a Subnet
In this part, you will create a new site called Sydney in Active Directory and then set up a subnet for it.
Steps:
On TAILWIND-DC1, sign in as:
Username: tailwindtraders\administrator
Password: Pa55w.rdPa55w.rd
Open Server Manager, go to Tools, and select Active Directory Sites and Services.
In the left panel, right-click Sites → choose New Site.
Type Sydney as the site name.For the Link Name, choose DEFAULTIPSITELINK.
Click OK twice.
Expand the Sites folder, Right-click Subnets → choose New Subnet.
For Prefix, type: 172.16.1.0/24
For the Site name, select Sydney.
Click OK.
Close Active Directory Sites and Services.
Conclusion
In this exercise, you successfully promoted a server to a Domain Controller, transferred a FSMO role, and set up a new site with its subnet. These steps are essential for building a strong and organized Active Directory foundation that supports growth and reliability across different locations.
Now that the domain structure is in place, let’s move on to the next exercise: Configure User Management Operations, where you will learn how to create Organizational Units, users, and groups to start managing people within the domain.
Top comments (0)