Windows Server 2025 Core 24H2 | Active Directory Install & Configure, New Forest & Domain

This video is parallel and part of a series regarding the installation and configuration of Microsoft Active Directory. In this parallel video, we’ll create a new Active Directory forest and domain using Windows Server 2025—CORE. That means no convenient GUI. The procedures detailed here are the same for Windows Server 2022 Core and similar for Windows Server 2019 Core and 2016 Core. Topics covered: △ Operating System Preparation △ Promotion to a Domain Controller △ Post Domain Promotion First Actions △ Next Domain Steps Applies to: 🪟 Windows Server 2025, Windows Server 2022, Windows Server 2019, Windows Server 2016 Chapters 0:00 Introduction 1:02 Operating System Preparation 3:11 Promote the Computer to a Domain Controller 4:00 Post Domain Promotion First Actions 5:51 Create User and Computer Organizational Units 6:24 Create a New Administrator Account 6:52 Setup a DNS IPv4 Reverse Zone 7:10 Set up a Central Store for Group Policy Templates 8:22 Next Domain Steps 9:19 Thank you for watching, and please like and subscribe Glossary: AD = Active Directory ADDS = Active Directory Domain Services CIDR = Classless Inter-Domain Routing DC = Domain Controller DNS = Domain Name System DSRM = Directory Services Restore Mode FSMO = Flexible Single Master Operation (pronounced "fizmo") GPO = Group Policy Object GUI = Graphical User Interface IPv4 = Internet Protocol version 4 IPv6 = Internet Protocol version 6 KCC = Knowledge Consistency Checker NetBIOS = Network Basic Input/Output System NTDS.DIT = New Technology Directory Services Directory Information Tree OU = Organizational Unit SSH = Secure Shell SYSVOL = System Volume SCONFIG = Server Configuration PDC = Primary Domain Controller OS = Operating System DHCP = Dynamic Host Configuration Protocol Additional Terms: RID = Relative Identifier (part of the Security Identifier or SID, uniquely identifies objects within a domain) SRV Record = Service Resource Record (DNS record used to define the location of services) SAM = Security Account Manager (stores user accounts and passwords) LDAP = Lightweight Directory Access Protocol (used to query and modify directory services) FSMO Roles = Roles required for the proper operation of AD, including Schema Master, Domain Naming Master, RID Master, PDC Emulator, and Infrastructure Master DNS Zone = A portion of the DNS namespace managed by a DNS server RODC = Read-Only Domain Controller (a domain controller that holds a read-only copy of AD data) UPN = User Principal Name (used to sign into AD, usually in the form of an email address) SID = Security Identifier (a unique ID assigned to each user or group) PowerShell CMDLETs (commands): New-NetIPAddress ` -InterfaceAlias Ethernet ` -IPAddress [IPAddress] ` -PrefixLength [CIDR Notation] ` -DefaultGateway [router/gateway] Get-WindowsFeature ad Add-WindowsFeature AD-Domain-Services Install-ADDSForest -DomainName [doman.name] New-ADOrganizationalUnit "Domain Users" New-ADOrganizationalUnit "Domain Computers" $newAdminUser="New Admin User" $newAdmUsrPW="subScr1be2Dar!en’sT1ps2024$" New-ADUser $newAdminUser ` -Path "OU=Domain Users,DC=hawktips,DC=it" ` -PasswordNeverExpires $true ` -AccountPassword (ConvertTo-SecureString $newAdmUsrPW ` -AsPlainText -Force) ` -Enabled $true $adminGroups=Get-ADUser Administrator -Properties memberof | ` Select-Object -ExpandProperty memberof ForEach ($curGp in $adminGroups) { Add-ADGroupMember -Identity $curGp -Members $newAdminUser } Get-ADUser $newAdminUser -Properties memberof | ` Select-Object -ExpandProperty memberof Add-DnsServerPrimaryZone ` -NetworkId "ipnetwork/subnetlength" ` -ReplicationScope "Domain" ` -DynamicUpdate Secure cd C:\Windows\SYSVOL\domain\Policies New-Item -Type Directory PolicyDefinitions Copy-Item -Recurse C:\Windows\PolicyDefinitions\* C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions\ dir C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions\ dir C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions\en-US\ Links: https://learn.microsoft.com/en-us/pow... https://learn.microsoft.com/en-us/pow... https://learn.microsoft.com/en-us/pow... https://learn.microsoft.com/en-us/pow... https://learn.microsoft.com/en-us/tro... https://learn.microsoft.com/en-us/tro... https://learn.microsoft.com/en-us/win... https://petri.com/how-to-copy-active-...