Install a Domain Controller with Windows Server 2019 Core

Just a quick post about Windows Server 2019 Core. Once in a while I just rebuild my whole development environment including my Windows Server Core virtual machines. Rebuilding a Domain Controller is pretty easy, but requires just a few steps you’ll have to take one after another.

Rename the computer

Log in to your new Windows Server 2019 Core instance, launch a PowerShell console and rename the computer to whatever you desire.

Rename-Computer -NewName SRV-DomainController

Don’t reboot yet. First we set a static IP address and DNS server to make sure we don’t forget that.

#Get all network adapters
Get-NetAdapter

#Set IP address and DNS
$ip = "10.0.0.1"
$dns = "127.0.0.1"
New-NetIPAddress -InterfaceAlias Ethernet -IPAddress $ip -AddressFamily IPv4 -PrefixLength 24
Set-DnsClientServerAddress -InterfaceAlias Ethernet -ServerAddresses $dns

Set the correct timezone

Since I’m living in The Netherlands, my timezone will be W. Europe Standard Time.

Set-TimeZone -Id "W. Europe Standard Time"

Now reboot the server!

Install the Active Directory Domain Services

Install the Active Directory Domain Services (ADDS) and make sure you will include the management tools. You also might receive a few warning about DNS and security tokens. You can safely ignore that.

Install-WindowsFeature AD-Domain-Services -IncludeManagementTools

With ADDS installed, create your first domain forest and give it a proper name. Choose wisely, because you won’t be able to change it with ease.

Install-ADDSForest -DomainName techblog.local
Provide your domain name and choose a Safe Mode password

Choose a password for the safe mode administrator. If you need to recover the domain when nobody else is able to, you would still have this password. After setting the password, the server would like to reboot to complete the setup.

Windows will sign you out to finish installing ADDS

Validate your new domain controller

Yes! Welcome to your new domain. But first we will verify a few things to make sure that everything is setup correctly.

 Get-Service adws,kdc,netlogon,dns

Check in the Event Viewer if logs can be retrieved for ADDS.

Get-Eventlog "Directory Service" | Select-Object entrytype, source, eventid, message
Get-Eventlog "Active Directory Web Services" | Select-Object entrytype, source, eventid, message

PowerShell DSC

Even want to do it a bit faster? You could also use PowerShell Desired State Configuration to setup a new domain controller. More information on that can be found on this website.

Leave a Reply

Your email address will not be published. Required fields are marked *