Create a new Active Directory forest or domain

We often run something called Active Directory on the system, but if you want to create a new Active Directory, you can do it. Of course, after installing Windows Server 2003 on a standalone server, run “ Active Directory Wizard to create a new Active Directory forest or domain and then convert the Windows Server 2003 computer to the first domain controller in the forest. To convert a Windows Server 2003 computer to the first domain controller in the forest, follow these steps:

Insert the Windows Server 2003 CD-ROM in your computer's CD-ROM or DVD-ROM drive.

Click Start , click Run , and type dcpromo .

Click OK to launch the Active Directory Installation Wizard & then click Next.

Click “domain controller for new domain", and then click Next.

Click “domain in new forest", and then click Next.

Assign a full DNS name to the new domain. Note that because this process is used to implement a lab environment, rather than integrating the environment into an existing DNS infrastructure, you can use a generic name such as mycompany.local in this setting. Click Next.

Accept the domain's default NetBIOS name (if you use the suggestions in step 6, it is “mycompany”). Click Next.

Set the location of the database and log files to the default settings c:\\winnt\ tds folder, and then click Next.

Set the location of the Sysvol folder to the default setting c:\\winnt\\sysvol folder, and then click Next.

Click “Install and configure DNS server on this computer", and then click Next.

Click "Priorities that are only compatible with Windows 2000 or Windows Server 2003 servers or operating systems>, and then click Next.

Because this is a lab environment, leave the administrator password for the directory service recovery mode blank. Please note that in a full production environment, this password should be set by using a secure password format. Click Next.

Check and confirm the selected options, then click Next.

The installation of Active Directory will continue. Please note that this will take a few minutes.

When prompted, restart your computer. After the computer restarts, verify that the Domain Name System (DNS) service location record has been created for the new domain controller. To confirm that the DNS service location record has been created, follow these steps:

Click Start, point to Administrative Tools, and then click DNS to start the DNS Management Console.

Expand the server name, expand Forward Lookup Zone, and expand the domain.

Confirm that the _msdcs, _sites, _tcp, and _udp folders already exist. These folders and the service location records they contain are critical to the operation of Active Directory and Windows Server 2003.

Adding Users and Computers to an Active Directory Domain

After a new Active Directory domain is established, create a user account in the domain as an administrative account. Use this account to add computers to the domain when the user is added to the appropriate security group.

To create a new user, follow these steps:

Click Start, point to Administrative Tools, and then click Active Directory Users and Computers to start Active Directory Users And a computer console.

Click on the created domain name and expand these directories.

Right-click Users , point to New , and then click Users .

Type the new user's first name, last name, and user login name, and then click Next.

Type a new password, confirm the password, and then click to select one of the following check boxes:

The user must change the password the next time they log in (recommended for most users)

User cannot change password

Password never expires

Account is disabled

Click Next.