Sunday, March 9, 2008

Your first Windows Server 2008 domain controller

Well now that we have the RTM release of Windows Server 2008 in all its glory, its time to sit down and figure out the quirks...

After the setup of standard edition completed I wanted to make the system a domain controller.
First off, be sure to set a static IP for your IPv4 protocol. Once you're done this you will see a notification that some adaptors are still using DHCP. But wait, I set a static IP already?? You can safely ignore this message and continue since IPv6 is now enabled by default and is configured to obtain an address automatically!

Install the Active Directory Domain Services role through Server Manager. Once complete, expand the Roles section of Server Manager and select Active Directory Domain Services. You will notice a link indicating you need to make the server a Domain Controller by running dcpromo.exe. But first....

Load the ISO or Windows Server 2008 CD on an existing Windows Server 2003 system. Open a command prompt and type the following two commands one after the other:

\sources\adprep\adprep.exe /forstPrep

\sources\adprep\adprep.exe /domainPrep

The first command will take some time to run as it updates the AD Schema so you can add your Windows Server 2008 DC.

Next, Begin your DCPROMO.EXE process on the Windows Server 2008 system. During the
process you may see the following message:

A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run Windows DNS server. If you are integrating with an existing DNS infrastructure, you should manually create a delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain Otherwise, no action is required.

Now I've had my domain set up for quite some time and I feel I completely understand DNS and how it works. The above warning message doesn't make much sense to me so if any of you know, please post away! The rest of the setup should complete without issue and presto! You now have a Win2k8 DC!



  1. I'm not a professional but as no else has commented, I thought I'd add the suggestion that the "A Delegation for this DNS server cannot be created..." message is coming up as the server is trying to add itself to the parent zone, which in your case would be "" - meaning that computers contacting the server of "" for server "" would not be able to get a response for the computer you are adding. Of course if happens to be the parent zone for your local network then this is a non-issue for local computers, also you can just add the record manually to the server. In my case I have my domain controller on a companyname.local naming, and it would be quite impossible to add companyname to a .local server, meaning I'll forever be getting this message!

  2. This anoying message comes every time you tried to add another DC in 2008 with DNS to an existing one.
    You are not a lone. Acroding to trainsignal trainer you should just ignore it and click yes to continue.