{"id":192,"date":"2026-05-31T23:14:47","date_gmt":"2026-06-01T06:14:47","guid":{"rendered":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/"},"modified":"2026-05-31T23:14:47","modified_gmt":"2026-06-01T06:14:47","slug":"how-to-configure-active-directory-domain-controller-windows-server","status":"publish","type":"post","link":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/","title":{"rendered":"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server"},"content":{"rendered":"<h2>Overview<\/h2>\n<p>Active Directory (AD) is Microsoft&#8217;s directory service for managing users, computers, and policies across a Windows network. When you install it on a server, that server becomes a <strong>domain controller<\/strong> \u2014 the authority that authenticates everyone logging into your domain. If you&#8217;re running a business network, hosting internal apps on a <a href=\"https:\/\/www.hostandtech.com\/dedicated\/\">Dedicated Server<\/a>, or building out a Windows-based infrastructure, Active Directory is almost certainly part of the plan.<\/p>\n<p>Most people hit this guide because they&#8217;ve spun up a fresh Windows Server instance and need to get AD running from scratch \u2014 either for a new domain or to add a second domain controller to an existing one. This article covers the first scenario: a clean installation on Windows Server 2019 or 2022, promoting the server to a new forest and domain.<\/p>\n<p>The process itself takes about 20 minutes. What takes longer is cleaning up mistakes made during setup \u2014 DNS misconfiguration being the big one. I&#8217;ll flag those as we go.<\/p>\n<h2>Prerequisites<\/h2>\n<ul>\n<li>Windows Server 2019 or 2022 (Standard or Datacenter edition) \u2014 fully updated<\/li>\n<li>Administrator-level access to the server<\/li>\n<li>A static private IP address assigned to the server&#8217;s network adapter \u2014 DHCP addresses will cause problems after promotion<\/li>\n<li>A planned domain name in the format <code class=\"\" data-line=\"\">yourdomain.local<\/code> or an internal subdomain like <code class=\"\" data-line=\"\">corp.yourdomain.com<\/code> \u2014 avoid using your public domain name directly<\/li>\n<li>At least 4 GB RAM and 40 GB disk space (AD SYSVOL and logs grow over time)<\/li>\n<li>RDP access or direct console access \u2014 you will need to restart the server during this process<\/li>\n<\/ul>\n<p>\ud83d\udcdd Note: If this server is hosted on bare metal, Host &amp; Tech&#8217;s <a href=\"https:\/\/www.hostandtech.com\/dedicated\/\">Dedicated Servers<\/a> give you full control over network configuration including static IPs, which is exactly what AD needs. VPS environments work too, but confirm you can set a static private IP before starting.<\/p>\n<h2>Step-by-Step Instructions<\/h2>\n<h3>Step 1: Set a Static IP Address<\/h3>\n<p>Before installing any roles, assign a static IP. Once this server is a domain controller, other machines will point to it for DNS. If the IP changes, authentication breaks.<\/p>\n<ol>\n<li>Open <strong>Settings &gt; Network &amp; Internet &gt; Change adapter options<\/strong>.<\/li>\n<li>Right-click your primary network adapter and select <strong>Properties<\/strong>.<\/li>\n<li>Select <strong>Internet Protocol Version 4 (TCP\/IPv4)<\/strong> and click <strong>Properties<\/strong>.<\/li>\n<li>Set your IP, subnet mask, and default gateway. For the <strong>Preferred DNS Server<\/strong>, enter <code class=\"\" data-line=\"\">127.0.0.1<\/code> \u2014 this server will be its own DNS after promotion.<\/li>\n<\/ol>\n<p>\u26a0 Warning: Do not skip the DNS field. If the server can&#8217;t resolve DNS for its own domain after promotion, replication and authentication will silently fail. Setting <code class=\"\" data-line=\"\">127.0.0.1<\/code> here is the correct move.<\/p>\n<h3>Step 2: Set the Server Hostname<\/h3>\n<p>Pick a meaningful hostname now \u2014 changing it after promotion is painful and can break AD replication.<\/p>\n<ol>\n<li>Open <strong>Server Manager &gt; Local Server<\/strong>.<\/li>\n<li>Click the current computer name and select <strong>Change<\/strong>.<\/li>\n<li>Enter your hostname (e.g., <code class=\"\" data-line=\"\">DC01<\/code>) and click <strong>OK<\/strong>.<\/li>\n<li>Restart when prompted.<\/li>\n<\/ol>\n<h3>Step 3: Install the AD DS Role<\/h3>\n<p>You can do this through Server Manager or PowerShell. PowerShell is faster and easier to document for repeat deployments.<\/p>\n<p><strong>Option A \u2014 PowerShell (recommended):<\/strong><\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-1\"><code class=\"\" data-line=\"\">Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools<\/code><\/pre>\n<\/div>\n<p><strong>Option B \u2014 Server Manager GUI:<\/strong><\/p>\n<ol>\n<li>Open <strong>Server Manager<\/strong> and click <strong>Add roles and features<\/strong>.<\/li>\n<li>Click through to <strong>Server Roles<\/strong> and check <strong>Active Directory Domain Services<\/strong>.<\/li>\n<li>Accept the additional features prompt and click <strong>Install<\/strong>.<\/li>\n<li>Wait for installation to complete \u2014 don&#8217;t restart yet.<\/li>\n<\/ol>\n<h3>Step 4: Promote the Server to a Domain Controller<\/h3>\n<p>Installing AD DS doesn&#8217;t make the server a domain controller. You need to run the promotion wizard next.<\/p>\n<p><strong>Via PowerShell (new forest, clean install):<\/strong><\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-2\"><code class=\"\" data-line=\"\">Import-Module ADDSDeployment\n\nInstall-ADDSForest `\n  -CreateDnsDelegation:$false `\n  -DatabasePath &quot;C:WindowsNTDS&quot; `\n  -DomainMode &quot;WinThreshold&quot; `\n  -DomainName &quot;corp.yourdomain.com&quot; `\n  -DomainNetbiosName &quot;CORP&quot; `\n  -ForestMode &quot;WinThreshold&quot; `\n  -InstallDns:$true `\n  -LogPath &quot;C:WindowsNTDS&quot; `\n  -NoRebootOnCompletion:$false `\n  -SysvolPath &quot;C:WindowsSYSVOL&quot; `\n  -Force:$true<\/code><\/pre>\n<\/div>\n<p>You&#8217;ll be prompted to enter a <strong>Safe Mode Administrator Password<\/strong> (DSRM password). Store this somewhere secure \u2014 it&#8217;s the only way to recover AD if something goes wrong at the directory level.<\/p>\n<p>\ud83d\udcdd Note: <code class=\"\" data-line=\"\">WinThreshold<\/code> corresponds to Windows Server 2016 functional level, which is the current maximum even on Server 2022. This is intentional \u2014 Microsoft hasn&#8217;t released a new functional level since 2016.<\/p>\n<p><strong>Via GUI:<\/strong><\/p>\n<ol>\n<li>In Server Manager, click the flag icon with the warning triangle (appears after AD DS installs) and select <strong>Promote this server to a domain controller<\/strong>.<\/li>\n<li>Select <strong>Add a new forest<\/strong> and enter your root domain name.<\/li>\n<li>Set forest and domain functional levels to <strong>Windows Server 2016<\/strong>.<\/li>\n<li>Leave <strong>DNS server<\/strong> checked.<\/li>\n<li>Set your DSRM password and click through the remaining screens.<\/li>\n<li>Click <strong>Install<\/strong>. The server will restart automatically.<\/li>\n<\/ol>\n<h3>Step 5: Verify the Domain Controller is Healthy<\/h3>\n<p>After the server restarts, log in with your domain admin account: <code class=\"\" data-line=\"\">CORPAdministrator<\/code> or <code class=\"\" data-line=\"\">Administrator@corp.yourdomain.com<\/code>. Then run the following checks.<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-3\"><code class=\"\" data-line=\"\"># Check AD DS services are running\nGet-Service adws, kdc, netlogon, dns | Select-Object Name, Status\n\n# Verify the domain controller\nGet-ADDomainController\n\n# Run the built-in diagnostic tool\ndcdiag \/test:dns \/v<\/code><\/pre>\n<\/div>\n<p>All critical tests in <code class=\"\" data-line=\"\">dcdiag<\/code> should pass. If DNS tests fail, see the troubleshooting section below.<\/p>\n<h3>Step 6: Create Your First Organisational Unit and User<\/h3>\n<p>This is the minimal setup you need to start managing users through AD instead of local accounts.<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-4\"><code class=\"\" data-line=\"\"># Create an Organisational Unit\nNew-ADOrganizationalUnit -Name &quot;Staff&quot; -Path &quot;DC=corp,DC=yourdomain,DC=com&quot;\n\n# Create a user inside it\nNew-ADUser `\n  -Name &quot;Jane Smith&quot; `\n  -GivenName &quot;Jane&quot; `\n  -Surname &quot;Smith&quot; `\n  -SamAccountName &quot;jsmith&quot; `\n  -UserPrincipalName &quot;jsmith@corp.yourdomain.com&quot; `\n  -Path &quot;OU=Staff,DC=corp,DC=yourdomain,DC=com&quot; `\n  -AccountPassword (ConvertTo-SecureString &quot;P@ssword123!&quot; -AsPlainText -Force) `\n  -Enabled $true<\/code><\/pre>\n<\/div>\n<p>\u26a0 Warning: That password is for illustration only. Enforce a real password policy before any users go near this system. Set it in <strong>Group Policy Management &gt; Default Domain Policy &gt; Computer Configuration &gt; Windows Settings &gt; Security Settings &gt; Account Policies<\/strong>.<\/p>\n<h2>Common Issues &amp; Troubleshooting<\/h2>\n<h3>DNS resolution fails after promotion<\/h3>\n<p>This is the most common post-promotion problem. The server promoted fine but <code class=\"\" data-line=\"\">nslookup<\/code> or <code class=\"\" data-line=\"\">dcdiag \/test:dns<\/code> returns errors. The usual cause: the network adapter&#8217;s DNS server is still pointing to an external IP (your router, ISP, or a public resolver like <code class=\"\" data-line=\"\">8.8.8.8<\/code>) instead of <code class=\"\" data-line=\"\">127.0.0.1<\/code>.<\/p>\n<p>Go back to your adapter settings and set the preferred DNS to <code class=\"\" data-line=\"\">127.0.0.1<\/code>. Then flush DNS and re-register:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-5\"><code class=\"\" data-line=\"\">ipconfig \/flushdns\nipconfig \/registerdns\nRestart-Service dns<\/code><\/pre>\n<\/div>\n<h3>&#8220;The operation failed because: The RPC server is unavailable&#8221;<\/h3>\n<p>Usually a firewall issue. AD requires a significant number of ports open between domain controllers and client machines. Check that Windows Firewall isn&#8217;t blocking RPC. The quickest diagnostic is temporarily enabling the built-in &#8220;Active Directory Domain Services&#8221; firewall rule group:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-6\"><code class=\"\" data-line=\"\">Enable-NetFirewallRule -DisplayGroup &quot;Active Directory Domain Services&quot;<\/code><\/pre>\n<\/div>\n<p>If that fixes it, tighten the rules properly rather than leaving the full group open.<\/p>\n<h3>Users can&#8217;t log in: &#8220;The trust relationship between this workstation and the primary domain failed&#8221;<\/h3>\n<p>This means the computer account in AD is out of sync \u2014 common after a VM snapshot restore or cloning a machine. Fix it by rejoining the domain. On the affected workstation:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-7\"><code class=\"\" data-line=\"\"># Run as local administrator\nReset-ComputerMachinePassword -Server DC01 -Credential (Get-Credential)<\/code><\/pre>\n<\/div>\n<p>Then restart the workstation. No need to remove and rejoin the domain.<\/p>\n<h3>dcdiag reports &#8220;failed test VerifyReferences&#8221; or &#8220;failed test SysVolCheck&#8221;<\/h3>\n<p>SYSVOL isn&#8217;t replicating or hasn&#8217;t finished initialising. This often happens on a freshly promoted DC if you check too quickly. Wait 5 minutes and run <code class=\"\" data-line=\"\">dcdiag<\/code> again. If it still fails, check the NETLOGON and SYSVOL shares exist:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-8\"><code class=\"\" data-line=\"\">net share<\/code><\/pre>\n<\/div>\n<p>If they&#8217;re missing, the DFSR service may not have completed initial sync. Check Event Viewer under <strong>Applications and Services Logs &gt; Microsoft &gt; Windows &gt; DFSR<\/strong> for errors.<\/p>\n<h3>Promotion fails with &#8220;Verification of prerequisites failed&#8221;<\/h3>\n<p>Almost always caused by the server not being able to resolve its own hostname via DNS before promotion. Make sure the static IP and DNS settings from Step 1 are correct, then run:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-9\"><code class=\"\" data-line=\"\">Resolve-DnsName $env:COMPUTERNAME<\/code><\/pre>\n<\/div>\n<p>If that fails, fix DNS first. Promotion won&#8217;t proceed until the server can resolve itself.<\/p>\n<h2>FAQ<\/h2>\n<div class=\"ht-faq-section\">\n<h2>Frequently Asked Questions<\/h2>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">Do I need a dedicated server to run Active Directory, or can I use a VPS?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>A VPS can run a domain controller, but for production environments handling real user authentication, a dedicated server is a better fit. AD is sensitive to network latency and consistent IP addressing \u2014 things bare metal handles more predictably. If you&#8217;re evaluating or running a small internal setup, a VPS is fine to start with.<\/p>\n<\/div>\n<\/div>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">What&#039;s the difference between a domain and a forest in Active Directory?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>A forest is the top-level security boundary in AD \u2014 it&#8217;s the container that holds one or more domains. Most small-to-medium organisations run a single forest with a single domain. You&#8217;d use multiple domains within one forest if you have separate business units that need different policies but still need to trust each other.<\/p>\n<\/div>\n<\/div>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">Should I use .local for my internal Active Directory domain name?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>No \u2014 and this is a mistake a lot of people made in the early 2000s that&#8217;s still causing headaches. The .local TLD conflicts with mDNS (Bonjour\/Avahi) and can cause certificate issues. Microsoft&#8217;s current guidance is to use a subdomain of a domain you actually own and control, like corp.yourdomain.com or ad.yourdomain.com.<\/p>\n<\/div>\n<\/div>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">How do I add a second domain controller for redundancy?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>Install AD DS on the second server, then run the promotion wizard and choose &#8216;Add a domain controller to an existing domain&#8217; instead of creating a new forest. Point the second server&#8217;s DNS at the first DC during setup. Once promoted, update it to also point at itself as a secondary DNS. You want at least two DCs in any production environment \u2014 if the only domain controller goes down, nobody can log in.<\/p>\n<\/div>\n<\/div>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">What is the DSRM password and do I actually need it?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>DSRM stands for Directory Services Restore Mode \u2014 it&#8217;s a special boot mode for recovering a corrupted or failed Active Directory database. The password is set during promotion and is separate from your regular administrator password. You probably won&#8217;t need it often, but if AD breaks badly enough that you can&#8217;t log in normally, it&#8217;s the only way in. Store it in a password manager or secure vault the moment you set it.<\/p>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Setting up Active Directory for the first time isn&#8217;t hard, but there are a few gotchas that&#8217;ll cost you hours if nobody warns you. This guide walks through promoting a Windows Server to a domain controller, from role installation to first login \u2014 with the real-world stuff included.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[84],"tags":[452,454,457,456,453,455,458,67],"class_list":["post-192","post","type-post","status-publish","format-standard","hentry","category-windows-server","tag-active-directory","tag-ad-ds","tag-configure-active-directory","tag-dns-windows","tag-domain-controller","tag-group-policy","tag-how-to-configure-active-directory-and-set-up-your-first-domain-controller-on-windows-server","tag-windows-server"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server<\/title>\n<meta name=\"description\" content=\"Learn how to configure Active Directory and promote a Windows Server to a domain controller. Step-by-step guide covering installation, DNS, and common issues.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server\" \/>\n<meta property=\"og:description\" content=\"Learn how to configure Active Directory and promote a Windows Server to a domain controller. Step-by-step guide covering installation, DNS, and common issues.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/\" \/>\n<meta property=\"og:site_name\" content=\"Host And Tech knowledge base\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/stshostandtech\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-01T06:14:47+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@stshostandtech\" \/>\n<meta name=\"twitter:site\" content=\"@stshostandtech\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/windows-server\\\/how-to-configure-active-directory-domain-controller-windows-server\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/windows-server\\\/how-to-configure-active-directory-domain-controller-windows-server\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#\\\/schema\\\/person\\\/b6fa79c48ddaba71af32e395c5b017ee\"},\"headline\":\"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server\",\"datePublished\":\"2026-06-01T06:14:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/windows-server\\\/how-to-configure-active-directory-domain-controller-windows-server\\\/\"},\"wordCount\":1539,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#organization\"},\"keywords\":[\"active-directory\",\"AD-DS\",\"configure Active Directory\",\"DNS-windows\",\"domain-controller\",\"group-policy\",\"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server\",\"Windows Server\"],\"articleSection\":[\"Windows Server\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/hostandtech.com\\\/kb\\\/windows-server\\\/how-to-configure-active-directory-domain-controller-windows-server\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/windows-server\\\/how-to-configure-active-directory-domain-controller-windows-server\\\/\",\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/windows-server\\\/how-to-configure-active-directory-domain-controller-windows-server\\\/\",\"name\":\"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#website\"},\"datePublished\":\"2026-06-01T06:14:47+00:00\",\"description\":\"Learn how to configure Active Directory and promote a Windows Server to a domain controller. Step-by-step guide covering installation, DNS, and common issues.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/windows-server\\\/how-to-configure-active-directory-domain-controller-windows-server\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/hostandtech.com\\\/kb\\\/windows-server\\\/how-to-configure-active-directory-domain-controller-windows-server\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/windows-server\\\/how-to-configure-active-directory-domain-controller-windows-server\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#website\",\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/\",\"name\":\"Host And Tech knowledge base\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#organization\",\"name\":\"Host And Tech knowledge base\",\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/logo-dark.png\",\"contentUrl\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/logo-dark.png\",\"width\":1134,\"height\":395,\"caption\":\"Host And Tech knowledge base\"},\"image\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/stshostandtech\",\"https:\\\/\\\/x.com\\\/stshostandtech\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#\\\/schema\\\/person\\\/b6fa79c48ddaba71af32e395c5b017ee\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/hostandtech.com\\\/kb\"],\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/author\\\/admin_fjj7qydm\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server","description":"Learn how to configure Active Directory and promote a Windows Server to a domain controller. Step-by-step guide covering installation, DNS, and common issues.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/","og_locale":"en_US","og_type":"article","og_title":"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server","og_description":"Learn how to configure Active Directory and promote a Windows Server to a domain controller. Step-by-step guide covering installation, DNS, and common issues.","og_url":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/","og_site_name":"Host And Tech knowledge base","article_publisher":"https:\/\/www.facebook.com\/stshostandtech","article_published_time":"2026-06-01T06:14:47+00:00","author":"admin","twitter_card":"summary_large_image","twitter_creator":"@stshostandtech","twitter_site":"@stshostandtech","twitter_misc":{"Written by":"admin","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/#article","isPartOf":{"@id":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/"},"author":{"name":"admin","@id":"https:\/\/hostandtech.com\/kb\/#\/schema\/person\/b6fa79c48ddaba71af32e395c5b017ee"},"headline":"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server","datePublished":"2026-06-01T06:14:47+00:00","mainEntityOfPage":{"@id":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/"},"wordCount":1539,"commentCount":0,"publisher":{"@id":"https:\/\/hostandtech.com\/kb\/#organization"},"keywords":["active-directory","AD-DS","configure Active Directory","DNS-windows","domain-controller","group-policy","How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server","Windows Server"],"articleSection":["Windows Server"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/","url":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/","name":"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server","isPartOf":{"@id":"https:\/\/hostandtech.com\/kb\/#website"},"datePublished":"2026-06-01T06:14:47+00:00","description":"Learn how to configure Active Directory and promote a Windows Server to a domain controller. Step-by-step guide covering installation, DNS, and common issues.","breadcrumb":{"@id":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/hostandtech.com\/kb\/windows-server\/how-to-configure-active-directory-domain-controller-windows-server\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hostandtech.com\/kb\/"},{"@type":"ListItem","position":2,"name":"How to Configure Active Directory and Set Up Your First Domain Controller on Windows Server"}]},{"@type":"WebSite","@id":"https:\/\/hostandtech.com\/kb\/#website","url":"https:\/\/hostandtech.com\/kb\/","name":"Host And Tech knowledge base","description":"","publisher":{"@id":"https:\/\/hostandtech.com\/kb\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hostandtech.com\/kb\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/hostandtech.com\/kb\/#organization","name":"Host And Tech knowledge base","url":"https:\/\/hostandtech.com\/kb\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hostandtech.com\/kb\/#\/schema\/logo\/image\/","url":"https:\/\/hostandtech.com\/kb\/wp-content\/uploads\/2026\/05\/logo-dark.png","contentUrl":"https:\/\/hostandtech.com\/kb\/wp-content\/uploads\/2026\/05\/logo-dark.png","width":1134,"height":395,"caption":"Host And Tech knowledge base"},"image":{"@id":"https:\/\/hostandtech.com\/kb\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/stshostandtech","https:\/\/x.com\/stshostandtech"]},{"@type":"Person","@id":"https:\/\/hostandtech.com\/kb\/#\/schema\/person\/b6fa79c48ddaba71af32e395c5b017ee","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/hostandtech.com\/kb"],"url":"https:\/\/hostandtech.com\/kb\/author\/admin_fjj7qydm\/"}]}},"_links":{"self":[{"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/posts\/192","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/comments?post=192"}],"version-history":[{"count":0,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/posts\/192\/revisions"}],"wp:attachment":[{"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/media?parent=192"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/categories?post=192"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/tags?post=192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}