How to create a new Active Directory Domain Controller in Windows Server 2016/2008 R2

If you have installed Windows Server 20916/2008 R2 for the first time settings up, an active directory controller can be tricky if you haven’t done it before. The problem is you don’t have direct options in the menus, which lets you create a controller right away. Before you start settings up, the domain controller, make sure your local administrator has a robust password setup, which is most of the cases are blank by default. It is one of the first error you will receive before you start setting up the new forest.

How to change the password for Local Administrator in Windows Server

  • Type control userpasswords2 in the run prompt of the start menu. Hit enter.
  • It will open the User Accounts Window. First check on the label which says Users should use Alt + Ctrl + Del to enter password
  • Then select the user account, which means Administrator and belongs to the Group Administrator.
  • Click on the Reset Password button. Add a strong password and save then exit.

Password change for local administrator

Once you are done with this, we are ready to create our first active directory on the brand new server. Remember, once you create Active directory here, this will become the host, and other computers can join this.

Create a new Active Directory Domain Controller in Windows Server 2016/2008 R2

  1. Launch active directory domain service installation, wizard
  2. Create a new domain in the new domain forest
  3. Configuring the DNS
  4. Final Setup

1] Launch the Active Directory Domain Service Installation Wizard

Type dcpromo in run prompt. It will then launch the service, which will check and install Active Directory Binaries if required. Done that, you should see Active Directory Domain Service Installation Wizard.

Create Active Directory Domain Controller

In the Active Directory Wizard, you can choose Advance Mode or normal. There is no issue even if you create without advance mode as settings can be changed later on. Click next, and you will receive a notification window which tells you about Operating System Compatibility. If you are system admin, just make sure what it says.

ADDS Start

2] Create a new domain in the new domain forest

Since this is the first time we are creating this, choose the option which says Create a new domain in a new forest. Click Next. Now, if you did follow the instructions to set the local administrator password to a strong one, you should not receive any error. The reason for setting up a password is, as the local administrator becomes the owner of the new Active Directory, it must be under secured policies.

Create Active Directory Domain Controller

Click next to enter the new domain name or FQDN of the forest root domain. It can be anything like technospot.ten or Before creating, it checks for any existing domains to make sure there is no conflict.

Name of Forest Root Domain

Next is to select the Forest Functional Level, which should be the same as your Operating System, i.e. Windows Server 2008 R2, for this case.

Adds Forest Functional Level

3] Configuring the DNS

The next screen will give you the option to configure the DNS. By default, if you have a dynamic IP set, it will ask to set up a static ip, which is always a preferred option.

Adds Controller Options

4] Final Setup

The next step lets you set up a log location, which is essential, and then it gives you a brief overview of settings that will be used to create the domain controller. You can export it if you want.


After this, the machine will reboot, and your login screen will change with your username show as domain\username, which in this case, is Technospot\Domain.

Domain User Login

This concludes our installation and creation of Active Directory Services and Setting up DNS. Once you reboot and login, there will more to configure in settings, and that is entirely different aspect.


Please enter your comment!
Please enter your name here