In this tutorial, we will see how to set up an Active Directory domain.
In summary, an Active Directory is a database (LDAP) that contains a set of objects (users, computers, etc.) and delivers several services:
- Centralization of objects on the network in a single database
- User Authentication
- Rights management
- Policy Application (GPO)
The AD architecture is based on:
- Domain: which can be registered or not.
- Tree: consisting of a domain and subdomain (child domain)
- Forest: consisting of linked trees with an approval relationship.
- Global Catalog: A domain controller that contains information about the entire forest.
- FSMO role that are 5 in number.
In this tutorial, we will create a forest with a tree made up of the lab.lan domain.
What you need to complete this tutorial:
- A Windows server (2012 / 2012R2 / 2016) with a fixed IP address
- A client (Windows 7 or +) with an IP address, it must also have how server dns Windows server.
According to Microsoft best practices, it is recommended that you have at least 2 domain controllers (global catalog) per domain.