How to to Install or setup the Active Directory environment with Windows Server 2019 using Power shell (Step -By-Step) ?


This article helps to Install / setup the active directory environment using windows server 2019 using Power shell.

Prerequisite :

  1. Install Windows server 2019 Standard / Data center on a Hardware.
  2. Active directory Topology
  3. Make sure Active directory ports are open.
  4. Patch the Server with latest Windows Updates and hot-fix.
  5. Assign the static IP address to Domain Controller
  6. Install Active directory domain services (ADDS) Role on server.
  7. Configure ADDS according to requirement.
  8. Evaluate the windows event logs to validate the health of ADDS installation and configuration
  9. Import-ActiveDirectory Modules
  10. Configure Service and Performance Monitoring
  11. ADDS Backup / DR Configuration

Active directory Topology

In my sample environment, will be the forest root domain. The first domain controller install on the forest will hold all five FSMO roles. Once additional domain controllers are in place you can place them in apposite locations.

Installation Steps

Step1 :To start the configuration, I logged in to Windows server 2019 server as local administrator.



Step2 : I already changed the name of the server to a meaningful one. Then need to check the ip config. in my initial config it got a DHCP IP. We need to change it to static first. 


Step 3 : To set the static ip, we can use below powershell command.

New-NetIPAddress` -InterfaceIndex 4 -IPAddress -PrefixLength 24 DefaultGateway`
 Note : Here I assinged IP based on my network requirement. Hence use the IP address according to your Infrastructure.

Step 4 : In above, InterfaceIndex can find using Get-NetIPAddress command.


Step 5 : Next step is to set DNS Ip addresses. The primary dc also going to act as DC so we need to set it as the preferred DNS. We can do this using below command

Set-DnsClientServerAddress -InterfaceIndex 4 -ServerAddresses ("","")

After config, we can verify it using ipconfig /all.


Step 6 : Before the AD configuration process, we need to install the AD DS Role in the given server. In order to do that we can use Following command.

Install-WindowsFeature –Name AD-Domain-Services –IncludeManagementTools`
Note: Reboot is not required to complete the role service installations.

Now we have the ADDS role installed, next step is to proceed with the configuration

Step 7 : Below is the power-shell configuration file / script for configuring the ADDS.

Install-ADDSForest `  
  -DomainName "" `  
  -CreateDnsDelegation:$false `   
  -DatabasePath "C:\Windows\NTDS" `   
  -DomainMode "7" `   
  -DomainNetbiosName "example" `   
  -ForestMode "7" `   
  -InstallDns:$true `   
  -LogPath "C:\Windows\NTDS" `   
  -NoRebootOnCompletion:$True `   
  -SysvolPath "C:\Windows\SYSVOL" `   

Following explain the Power-Shell arguments and what it will do.

PowerShell Argument



This cmdlet will allow to install windows role, role services or windows feature in local

server or remote server. It is similar to using windows server manager to install those.


This will install the management tools for the selected role service.


This cmdlet will allow to setup new active directory forest.


This parameter defines the FQDN for the active directory domain.


Using this parameter can define whether to create DNS delegation that reference

active directory integrated DNS.


This parameter will use to define the folder path to store active directory database file



This parameter will specify the active directory domain functional level. in above I, have

used mode 7 which is windows server 2016. Windows server 2019 doesn’t have separate

domain functional level.


This defines the NetBIOS name for the forest root domain.


This parameter will specify the active directory forest functional level. in above I, haveused mode 7 which is windows server 2016. Windows server 2016 doesn’t haveseparate forest functional level.


Using this can specify whether DNS role need to install with active directory domaincontroller. For new forest, it is default requirement to set it to $true.


Log path can use to specify the location to save domain log files.


-SysvolPath | This is to define the SYSVOL folder path. Default location for it will beC:\Windows


By default, system will restart the server after domain controller configuration. usingthis command can prevent the automatic system restart.



Step 8 : After executing the command it will prompt for the SafeModeAdministrator Password. This is to use in Directory Services Restore Mode (DSRM).

Make sure to use complex password (According to windows password complexity recommendations). Failure to do so will stop the configuration.

Step 9 :When configuration complete, reboot the domain controller and log back in as domain administrator.

Step 10 :To confirm the successful installation of the services.


Get-Service adws,kdc,netlogon,dns
Above command will list down the status of the active directory related services running on the domain controller.


Step 11 : Run Get-ADDomainController – It will list down all the configuration details of the domain controller.

Step 12 : Run Get-ADDomain , It will list down the details about the active directory domain.

Step 13Same way Get-ADForest will list down the active directory forest details.Get-smbshare SYSVOL will show if domain controller sharing the SYSVOL folder.

Conclusion :

As we can see AD DS components are installed and configured successfully. This marks the end of this post.Please feel free to rate and vote this article