Active Directory: installation and configuration of a domain controller

First step with the Active Directory

In this part, we will see several things:

  • Organizational Units (OUs) that are similar to folders that will allow us to organize the directory.
  • Creating a user
  • The joining of a post to the domain
  • Connect with the previously created user to the computer.

The term object is used to define the different elements that can be stored in the Active Directory.

All manipulations will be performed on the Active Directory Users and Computers console.

1. Open the Active Directory Users and Computers console.

Console U et O

Creation of Organization Units OU

In this part, we will create 3 OU. The first IT in which we will create two other OU (users and computers), which will be used to store the objects of the IT department.

There are also OU in the Group Policy Management console that allow you to apply GPOs to some of the AD objects.

1. Right-click on domain 1 , go to New 2 and click on Organization Units 3 .

Créer une OU

2. Enter the name of the OU 1 and click OK 2 .

Nom de l'OU

3. The OU is created 1 .

OU créé

4. Create two OU (Users and Computer) in IT.


Creating a user

1. Click on the user icon 1 , enter the first and last name 2 , the identifier 3 then click Next 4 .

Créer un utilisateur

2. Enter the password 1 and click Next 2 .

Mot de passe utilisateur

As you can see in the screenshot below, I left check User must change password at next logon.

3. Click Finish 1 to add the user.

Valider l'ajout

4. The user is added to the directory 1 .

Utilisateur ajouté

Join a computer at the domain


To join a computer to the domain, it must be ensured that it can contact him, open a command window and ping the domain name.

If you do not have a response to ping, you must configure the IP settings of the computer with DNS as the domain controller.

Ping du domaine

To resolve external domain names, you need to set up DNS forwarders.

1. Open the system properties and click Edit 1 .

Propriété système

2. In the Member of a section, select Domain 1 , enter the domain name 2 and click OK 3 .

Ajout du domaine

3. Enter the information 1 from an authorized account to join extensions to the domain and click OK 2 .

Compte admins du domaine

4. Close the confirmation window by clicking OK 1 .

Confirmation de la jonction au domaine

The firewall may be blocking communication with the domain controller.

5. Restart the station for the application of the entry in the domain.

6. Return to the Active Directory Users and Computers console and go to the Computers 1 folder where the computer counter 2 should be located.

Compte ordinateur ajouté

7. Select the object and drag and drop into the IT / Computers OU.

Déplacer dans l'OU

Connect to the computer

1. Go back to the computer and do a CTRL + ALT + DELETE.

Ouvrir session

2. Windows offers to connect with the last used account, click Change User 1 .

Changer d'utilisateur

3. Click on Other user 1 .

Autre utilisateur

4. Enter the identifier and pass mode 1 of the account that was previously created and confirm by pressing Enter.

Identifiant du compte

Under the password field, we see that the session opens on the LAB domain.

5. A message appears indicating that the user must change his password, click OK 1 .

Alerte changement mot de passe

6. Enter the password name (x2) 1 and confirm 2 .

Changer le mot de passe

7. Click OK 1 on the confirmation message.

Confirmation changement mot de passe

8. Wait during the opening session …

Ouverture de le session

9. The session is open with the user created in the Active Directory.

Session ouverte

10. (optional) Open a command window and enter set. The command returns the environment variables of the system, it allows to see on which domain controller the session has been validated LOGONSERVER and the domain with USERDNSDOMAIN and USERDOMAIN.

Commande SET