- The Domain Controller(s) will act as your DNS and NTP servers for your kit and need to be setup as the first VMs that are created. Installation: 1. ![[CreateVM.png]] - Click "Create/Register VM" 2. Select "Create a new virtual machine" 1. Click Next 3. ![[DCName.png]] - Name: DC 1 - Compatibility: ESXi 7.0 U2 virtual machine - Guest OS Family: Windows - Guest OS Version: Microsoft Windows Server 2019(64 bit) - Click Next 4. Click Next 5. ![[DCsettings.png]] - CPU: 4 - Memory: 16GB - Hard Disk: 100GB Thin Partition - Network Adapter: Domain - CD/DVD Drive: Datastore ISO File - Find Disk Image File within Datastore - Select "Connect at Power On" - Click Next 6. Review Configuration if correct click finish 7. Power on VM 8. Open Console 9. Once boot order opens click enter 10. Then press any key to boot from CD/ROM 11. ![[WinSer1.png]] - Language to install: English (United States) - Time and currency format: English (United States) - Keyboard or input method: US - Click Next 12. Click "Install Now" 13. ![[DesktopExperience.png]] - Select "Windows Server 2019 Standard (Desktop Experience)" - Click Next 14. Accept the license terms - Click Next 15. ![[SelectCustom.png]] - Select Custom 16. ![[Partitioning.png]] - Select New - Select Apply - After some time display should look the same as the above photo - Select Partition 4 - Click Next 17. Wait for Windows Server to Install 18. ![[DCPassword.png]] - Make password should be standard - Click Finish Assigning static IP address: - For you r Domain Controller to properly communicate with the rest of your network. 1. ![[SelectNetIcon.png]] - Click Network icon from the bottom right of the task bar. 2. ![[NetSettings.png]] - Click "Network & Internet settings" 3. ![[ChangeAdapterOptions.png]] - Click "Change adapter options" 4. Right Click "Ethernet0" - Select "Properties" 5. ![[IPv4.png]] - Double Click "Internet Protocol Version 4" 6. ![[IPAssignment.png]] - Select "Use the following IP address:" - IP address: 10.2.1.5 (or your choosing within the Domain VLAN) - Subnet mask: 255.255.255.0 - Default gateway: 10.2.1.1 - Select "Use the following DNS server addresses:" - Preferred DNS server: 10.2.1.5 - Alternate DNS server: *blank* - Click OK 7. Check Functionality: - ![[Ping.png]] - Ping your default gateway. ```windows ping 10.2.1.1 ``` - Ping your ESXi host. ```windows ping 10.2.10.30 ``` - if both are successful with no errors IP configuration is correct. 8. Return to Server Manager. 9. ![[AddRolesandFeatures.png]] - Select Manage in the top right - Select "Add Roles and Features" 10. Click Next 11. Select "Role-based or feature-based installation" - Click Next 12. Select this server from the list - Click Next 13. Select "Active Directory Domain Services" and "DNS Server" - Click Next 14. Leave Everything on this screen the same - Click Next 15. Click Next 16. Click Next 17. Confirm Configuration - Click Install 18. Close Window 19. ![[FlagWarning.png]] - From the top right select the flag icon with the warning symbol - Under the warning sign select "Promote this server to a domain controller" 20. ![[Forest.png]] - Select "Add a new forest" - Root domain name: dco.mil - Click Next 21. ![[ForestFunc.png]] - Forest functional level: Windows Server 2016 - Domain functional level: Windows Server 2016 - Specify domain controller capabilities: - Domain Name System (DNS) server: Selected - Global Catalog (GC): Selected - Read only domain controller (RODC): Not Selected - Password: Standard - Click Next 22. ![[DNSdelegation.png]] - Do not Select DNS Delegation - Click Next 23. ![[NetBIOSdomainname.png]] - The NetBIOS domain name: DCO - Click Next 24. Leave Paths as they are - Click Next 25. Review Options - Click Next 26. Allow prerequisites check to complete - Click Install 27. Domain Controller will restart 28. After Logging back in and letting Server Manager restart if all roles and server groups are green then everything is functioning properly. 29. Next set would be NTP server setup: 1. Press Windows Key + "R" 2. Type "regedit" then press enter 3. Navigate to "Computer\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\TimeProviders\\NtpServer" 4. Double Click on "Enabled" - Set value to 1 5. Navigate to "Computer\\HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Config" 6. Double Click "Announce Flags" - Set value to 5 7. Close Registry Editor 8. Using the search menu open "Services" 9. Navigate to "Windows Time" - Right Click "Windows Time" - Select Restart 10. NTP is now enabled.