Windows Server Core Series | 2-Install, Configure & Manage First Domain Controller


In continuous to my previous post of Windows Server Core series, today we will see how to install,Configure and manage our first domain controller in a windows server 2019 core OS.

Please check below post for how to install a server 2019 core OS on a Microsoft hyper-V VM


In my previous post we have installed server core 2019 on server named as CoreDc-01

Before we install AD-DS role, we need to assign a static IP on the server. To do the same, login to server CoreDc-01 and type #sconfig

You will see following screen. For Network Setting , Type 8 and press Enter

For the next steps, just follow the options and get the static IP configured.

Install AD-DS Role

Now lets do a wildcard search for AD roles/features. Run below command in PowerShell

You can install with or without management tools. So choose as per your wish 🙂

Get-WindowsFeature *AD*
Install-WindowsFeature AD-Domain-Services –IncludeManagementTools

We will install AD-Domain-Services using below command

Install-WindowsFeature AD-Domain-Services

After the installation completed, you will see below screen

Promote – Domain Controller

Now we will promote the server as a Domain Controller. To do that follow below steps:

Step-1: – Import ADDSDeployment Module

Step-2:- Create the Forest

Install-ADDSForest -CreateDnsDelegation:$false `
 -DatabasePath "C:\Windows\NTDS" `
 -DomainMode "WinThreshold" `
 -DomainName "" `
 -ForestMode "WinThreshold" `
 -InstallDns:$true `
 -LogPath "C:\Windows\NTDS" `
 -NoRebootOnCompletion:$false `
 -SysvolPath "C:\Windows\SYSVOL" `

Parameter Explanations:

-DatabasePath – File System path to store AD Database

 -DomainMode “WinThreshold” ` – Available latest Domain Functional Level

 -DomainName – Name of your Forest/Domain

 -ForestMode “WinThreshold” ` – Available latest Forest Functional Level

 -InstallDns:$true ` – This will install DNS role

 -LogPath – File System path to store AD related log files

 -NoRebootOnCompletion:$false ` – This will reboot the server after installation completed

 -SysvolPath “C:\Windows\SYSVOL” ` – This is self explanatory

 -Force:$true – This is self explanatory

After you run the above command in Powershell, next it will ask for DSRM password

Enter password and press enter

DC promotion started

After DC promotion completed, it will kick off the server reboot

After the server reboot, we are all set with our first domain controller in forest/domain

Managing the Active Directory

Now to manage the AD infra, we have two options – Powershell OR through GUI based RSAT tools.

As the DC is having Windows Core OS, so if we login to DC, the only option to manage the AD objects is by Powershell

However most of us very much interested to perform the AD tasks via ADUC,GPMC etc consoles.

So from here we will not login to DC to perform AD tasks, rather install another member server OR windows10 client PC and install RSAT tools for AD.

I have a created another VM having Windows10 OS ( You can install other OS such as Server 2012 R2, 2016 or 2019 – Latest is better 🙂 )

Note: Since Windows10 version 1809 and Later, there is a different way to install RSAT tools. See below link

My Windows10 version is 2004, hence I have followed above link to install AD RSAT tools.

After you install RSAT tools, Join the Windows10 PC in to Domain (

After the PC joined to domain, open the respective RSAT tools to start managing your Active Directory

Go to RUN – Type “dsac.msc” > It will display ADUC console as below

Go to RUN – Type “gpmc.msc” > It will display Group Policy Management console

Go to RUN – Type “dnsmgmt.msc” > it will display DNS management console ( you need to choose DC fqdn to connect )

All good till now 🙂

We have successfully installed a server core 2019 server, installed AD role, Promoted as first DC and able to manage graphically via RSAT tool from a different GUI based PC.

That’s it for today guys! will see you in my next post

Till the stay safe and happy reading!!!