Installing Active Directory

You will also need to choose a password to be used when this server’s administrator account for the purpose of accessing directory services restore mode (from the advanced startup menu)

After all of the information has been entered, you are given an opportunity to review what has been selected, and upon confirming the domain is created. The domain controller installation process can also be automated with an unattended install. The syntax is dcpromo.exe /answer:answerfilename. For a look at the syntax of the dcpromo answer file, check the file unattend.doc in the file found in the \support\tools directory of the Windows 2000 CD.

Note that the domain controller will register a variety of service records in DNS. These should be verified, either by viewing them with the DNS tool or by doing an Nslookup query for SRV records as described earlier. It is also worth checking for the existence of the appropriate files in the NTDS directory (as shown below), reviewing the log files in event viewer, and ensuring the existence of the SYSVOL directory.

Note that NTDS.dit is the actual AD database, while the edb.* files are the transaction logs and checkpoint files. The res*.log files are reserved log files, used for transaction logging should the server run out of disk space.

The installed domain controller will add a computer object to the domain controllers OU for the domain. It will also add a server object to the appropriate site (depending on what has been created) in Active Directory Sites and Services, based on its subnet address. By default the first domain controller in a new forest will be created in a site called Default-First-Site-Name (literally), and can be moved once you create other sites (discussed later in the series).

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.