Creating an Active Directory Domain Service (AD DS)

Active Directory (AD) is at the core of enterprise identity and access management, making it a critical component in both IT administration and cybersecurity. On this page, I showcase my hands-on work with AD, including: Deployment of Domain Controllers and DNS, User, Group, and Organizational Unit (OU) Management, Domain Join & Client Integration, Group Policy Configuration for Security & Compliance, Access Control and Permission Management

Objective

The main objective of this project is to create and configure and active directory. This will enable us to create user accounts, categorize them in groups, and Group Policies. This is aimed at demonstrating how an organization can control what happens in an employer’s computer. This kind of set-up ensures security within the organization.

Tools & Resources

Windows Server 2025 (Virtual Machine).
Windows 10 Client (Virtual Machine).
Virtualization software: VirtualBox.
At least 4GB RAM for server and 2GB RAM for client.
ISO images of Windows Server and Windows 10

STEPS TO TAKE

1. SETTING UP A DOMAIN CONTROLLER

Pre-requisit for the installation;

- Windows Server Operating System: A supported version of windows server, such as windows server 2019 or windows server 2025(which is the one I used in my case)

- Active Directory Domain Controller (AD DS): This role provides the core functionality for a domain controller.

- DNS server role: DNS is required for Active Directory to function properly

- DHCP Server role(Optional): If you want your domain controller to manage IP addresses for your network

- Certificate Services (AD CS): If you want to implement Public Key Infrastructure (PKI) for your organization.

INSTALLATION STEPS

- Install Windows Server: Install a supported version of windows server on your machine.

- Add the AD DS role: Use the Server manager to add the Active Directory Domain Service role.

- Configure AD DS: Run the Active Directory Domain services configuration Wizard to configure your domain controller.

- Add the DNS server role: Use the Server Manager to add the DNS Server role.

- Configure DNS: Configure your DNS settings, including creating a zone for your domain.

2. CONFIGURING USER AND GROUP MANAGEMENT.

Post Installation Tasks.

- Configure domain settings: Configure settings for your domain, such as password, policies and account lockout policies.

- Create user and group account: Create user and group accounts for your organization. In my case, I created the users Kv Dalila, Rabiatu Farida, and Bongkem Faouzi under the ecorp.local domain.

3. JOINING CLIENT TO THE DOMAIN

On the Windows 10 VM → Network Settings → set DNS to the Server’s IP (192.168.0.2).
Go to This PC → Properties → Change settings → Change to Domain: ecorp.local.
Enter domain admin credentials.
Restart client

IMPLEMENTATION

figure 1: Installation of Roles

figure 2: Select tools at the top

figure 3: Choose Users and Computers

figure 4 : Create users' account and assign them groups

figure 5 : Creating Group Policies

NB: Group Policy in Active Directory is a feature that allows administrators to centrally manage and configure operating systems, applications, and user settings across a network of computers. It’s one of the most powerful tools for enforcing security standards, controlling user environments, and automating administrative tasks.

figure 6 : Client Machine Configuration

NB: Go to setting and navigate to your about settings. From there, you can choose Rename this PC (Advanced)

figure 7 : Change domain and rename PC(if you want)

figure 8 : Restart PC and log into one of ther user's account created in your Active Directory

figure 9 : insert the user's logon name and password to login