In this new tutorial dedicated to Windows Server 2025 and the ADDS role which allows you to install a domain controller, we will see how to install this role and create a new Active Directory domain.
Before getting into the technical part, here are the new features brought by Windows Server 2025 to the ADDS role:
- A change in the Active Directory database that increases the page size from 8k to 32k.
- Schema update
- AD Object Repair Feature
- New functional level of the domain and forests
- Several security improvements
- NUMA support for better performance
You can find the list of changes here : https://learn.microsoft.com/fr-fr/windows-server/get-started/whats-new-windows-server-2025#active-directory-domain-services
We can say that Windows Server 2025 is rich in updates on the Active Directory, the last real evolution of which came out with Windows Server 2016, 9 years ago.
Server Configuration Prerequisites Before You Begin
Having dealt with the installation and configuration of the ADDS role on Windows Server several times, I will simply give you a “quick” reminder of what you need to do before installing the ADDS role on your Windows server:
- Name the server correctly, don’t leave it with its default name
- Configure a fixed IP address on the server
- Install Windows Updates
To add a Windows Server 2025 domain controller, you will also need:
- Make sure that the Windows Server 2025 server can resolve the Active Directory domain name
Install ADDS role on Windows Server 2025
Launch the Add Roles and Features Wizard, from Server Manager, click Add Roles and Features 1.
When launching the wizard, click on the Next button 1.
Select the installation type: Role-based or feature-based installation 1 then click Next 2.
Select the server 1 where the ADDS role installation will be performed and click Next 2.
In the list, find the Active Directory Domain Services role 1 and check the box.
When you check the Active Directory Domain Services box, a new window opens to install the administration tools, click on the Add Features 1 button.
The Active Directory Domain Service box is selected, click the Next button 1.
Skip the list of features by clicking Next 1.
A description of the AD DS role is displayed, click Next 1.
A summary of the installation that will be performed is displayed, click on the Install button 1.
Please wait while the Active Directory role and features are installed on Windows Server 2025. Once the installation is complete, close the wizard.
Creating an Active Directory Domain on Windows Server 2025
The components are installed, we will move on to Promoting the server as a domain controller and creating our Active Directory domain.
From Server Manager, click on the notification icon 1 then click on Promote this server to a domain controller 2.
Choose the operation: Add a new forest 1, enter the desired domain name 2 then click Next 3.
Normally at this step you only need to enter the DSRM password 1 and then click Next 2.
Skip the DNS options by clicking Next 1.
The wizard will configure the NetBios name of the domain 1, click Next 2.
At this step you have the option to change the location of the files, click Next 1.
A summary of the configuration of the future Active Directory domain is displayed, click Next 1.
Wait while checking… if there are no blocking errors click on Install 1.
Please wait while the server is being promoted to domain controller, the server should reboot several times.
After several reboots, we can see that our server is now a domain controller and a member of it.
As in previous versions of Windows Server, we still have the same administrator consoles:
- Active Directory Users and Computers
- ADAC
If this is your first domain controller, I’ll let you browse the site which offers several tutorials.
Add a Windows Server 2025 domain controller to an existing domain
For this part, I am not going to redo a complete tutorial because this has already been covered in the following tutorial: Add an AD DS domain controller to an existing domain.
To begin, you need to install the Active Directory Domain Services role on your Windows Server 2025 server, the server must have a fixed IP and its DNS configuration must allow it to resolve the DNS name of the domain.
After installation you have two possibilities:
- This is the first Windows Server 2025 DC in your forest, you need to add the account you are going to use to Promote the domain controller to the Enterprise Admins and Schema Admins group, once this is done, it is imperative to remove the user from the groups.
- This is not the first Windows Server 2025 DC, nothing special to do.
Dans ce tutoriel dédié à Windows Serveur 2025, on a vu comment installer le rôle : services de domaine Active Directory et comment créer un domaine Active Directory.
If you are used to managing Active Directory environments, Windows Server 2025 should not change your daily routine much.
If you can and your environment allows it, it may also be worth upgrading the domain and forest functional level to take advantage of the latest improvements. To upgrade to Windows Server 2025, you must have only Windows Server 2025 domain controllers.