Setting Up Active Directory on Windows Server 2025: A Comprehensive Guide

Active Directory (AD) is one of the main things of a Windows Server environment, giving centralized management of users, computers, and other resources. With the release of Windows Server 2025, AD has introduced several enhancements to lockdown security and performance. In this guide, I’ll walk you through the process of installing and configuring Active Directory Domain Services (AD DS) on Windows Server 2025.

Prerequisites

Before diving into the setup, ensure you have the following:

  • Windows Server 2025 Installation Media: Obtain the latest version from Microsoft’s official website. Windows Server 2025
  • Virtualization Platform: For testing purposes, platforms like VirtualBox or Hyper-V are suitable. Vmware Download
  • System Requirements: Ensure your hardware meets the minimum requirements for Windows Server 2025.

Step 1: Install Windows Server 2025

  1. Create a New Virtual Machine (VM):
    • Open your virtualization platform and create a new VM.
    • Allocate appropriate resources (e.g., 4 GB RAM, 60 GB storage).
    • Attach the Windows Server 2025 ISO to the VM.
  2. Install the Operating System:
    • Boot the VM from the ISO.
    • Follow the on-screen prompts to install Windows Server 2025.
    • Set a strong Administrator password when completed.

Step 2: Configure Network Settings

Assigning a static IP address is very important for a domain controller to constantly have network communication.

  1. Set a Static IP Address:
    • Navigate to Settings > Network & Internet > Ethernet.
    • Click on Change adapter options.
    • Right-click your network adapter and select Properties.
    • Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.
    • Enter the following details:
      • IP Address: 192.168.1.10
    • Private Network Range: The 192.168.x.x range is made for private networks, making it for internal infrastructure.
    • Consistency: Assigning a static IP (192.168.1.10) ensures that the Domain Controller’s address remains constant, which is important for client machines and services that rely on continuous communication with the AD DC.
      • Subnet Mask: 255.255.255.0
    • Network Segmentation: This subnet mask indicates that the first three octets (192.168.1) represent the network portion, allowing for up to 254 host addresses (192.168.1.1 to 192.168.1.254). This configuration is typical for small to medium-sized networks.
      • Default Gateway: 192.168.1.1
    • Network Routing: The default gateway serves as the access point or router that the server uses to send data to other networks or the internet. 192.168.1.1 is commonly used as the default address for network routers.
    • Preferred DNS Server: 127.0.0.1
    • Local DNS Resolution: Setting the DNS server to 127.0.0.1 (the loopback address) directs the server to use its own DNS service. Since the Domain Controller also functions as a DNS server, this configuration ensures it queries itself for DNS resolutions, reducing dependency on external DNS servers.
    • Click OK to apply the settings.

Step 3: Install Active Directory Domain Services (AD DS)

  1. Add the AD DS Role:
    • Open Server Manager.
    • Click on Add roles and features.
    • Proceed through the wizard and select Active Directory Domain Services.
    • Click Next and then Install.
  2. Promote the Server to a Domain Controller:
    • After installation, a notification will appear in Server Manager. Click on Promote this server to a domain controller.
    • Choose Add a new forest and enter your desired root domain name I just chose the default corp.local.
    • Set a Directory Services Restore Mode (DSRM) password. This password is needed for AD recovery purposes.
    • Proceed through the wizard, leaving default selections unless specific configurations are required.
    • The server will restart upon completion.

Step 4: Configure Active Directory

  1. Create Organizational Units (OUs):
    • Open Active Directory Users and Computers (ADUC) from the Server Manager.
    • Right-click your domain and select New > Organizational Unit.
    • Name the OU, made mine Cloud and make sure Protect container from accidental deletion is checked for your sake.
  2. Create User Accounts:
    • Within the created OU, right-click and select New > User.
    • Enter the user’s details.
    • Set a strong password and configure password options as needed.

Lessons Learned

This project has provided me how to use Windows Server 2025 and Active Directory really for the first time. I’ve only heard and watched some Youtube videos:

  • Understanding Active Directory Architecture: Setting up AD DS deepened my knowledge of its role in centralized network management and authentication.
  • Network Configuration Proficiency: Configuring static IP settings and DNS reinforced the importance of reliable network setups for domain controllers.
  • Active Directory Management: Creating Organizational Units and User Accounts highlighted best practices in structuring and managing network resources.

Future Goal: Integrating with AWS

I plan to use AWS later and try to connect the two once my knowledge of both is better. This hybrid approach gives a lot of benefits:

  • Seamless User Experience: Users can access both on-premises and cloud resources using a single set of credentials, enhancing productivity.
  • Scalability: Leveraging AWS allows for dynamic scaling of resources to meet organizational demands.
  • Enhanced Security: Integrating with AWS provides advanced security features and compliance certifications.

To get here, I plan to gain more hands-on experience with AWS Managed Microsoft AD and related services. Engaging with AWS workshops and tutorials will be needed in this journey.

Scroll to Top