In today’s post, I will show you the process on promoting a Windows Server 2016 Server Core that is Domain Joined to be a Domain Controller in an Existing Active Directory Forest. As mentioned before, using Server Core means less resources used and a smaller attack surface on your server.
NOTE: This Guide assumes you already configured a static IP and that your Server is Domain Joined.
1) Log into your Server with a account that has at least Domain Admin Privileges and begin a PowerShell Session by typing in the following Command.
powershell
2) In the PowerShell Session, use the following command to install the Active Directory Services Role.
Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Wait for the Installation to Finish
The installation should be successful.
3) Type in the following command to promote the Server to be a Domain Controller in the Domain you want it to be in.
Install-ADDSDomainController -DomainName "PZ.LOCAL" -InstallDns:$true -CreateDnsDelegation:$false -DatabasePath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -LogPath "C:\Windows\NTDS" -NoRebootOnCompletion:$false -Force:$true
NOTE1: I used “PZ.LOCAL” as the Domain Name. You can change this to suit your environment.
NOTE2: For more info on the switches used, go to the following Microsoft TechNet Link.
4) You will be asked to enter a SafeModeAdministrator Password. Input and record the Password you put in.
5) Wait for the Configuration to Finish.
6) Once the configuration is complete, the server will automatically reboot.
Once the Server has rebooted, you will have a functioning Domain Controller. Please note that you should have a Client Machine with the latest Microsoft RSAT Tools installed in order to make it easier to manage your server.
I hope this Post has been Helpful! 😀