Windows Server 2012

Installing DHCP role via new Server Manager

Ensure the computer has at least one static IP address assigned before starting the role installation.

Launch the Add Role Wizard from Server Manager.
Select DHCP server role and go through the steps needed for installation.

The last page of the wizard (which comes up after the role has been installed), provides a link – “Complete DHCP configuration”.

This provides some tasks that need to be performed to enable the DHCP server role to work properly after role installation.

Launch the DHCP post-install wizard and complete the steps required.

Creation of DHCP security groups (DHCP Administrators and DHCP Users). For these security groups to be effective, the DHCP server service needs to be restarted. This will need to be performed separately by the administrator.

Authorization of DHCP server in Active Directory (only in case of a domain-joint setup). In a domain joined environment, only after the DHCP server is authorized, it will start serving the DHCP client requests. Authorization of DHCP server can only be performed by a domain user that has permissions to create objects in the Net services container in Active Directory. See how to delegate permissions to do this in active directory.

Figure 3: DHCP Post-Install configuration wizard – Authorization Page

In case completing of the post-install step is missed after role installation, the administrator will continue to see a notification on the action pane and also a link on the DHCP role tile on the main Server Manager page suggesting that some configuration is required. That link would go away only after completion of the post-install task.

The configuration of DHCP server parameters such as scope, options etc. are no longer available in the new Server Manager. The administrator can now launch DHCP MMC either via Server manager (as shown below), or via the DHCP MMC application in the Start Menu, or writing dhcpmgmt.msc on the command prompt. The administrator can now create scopes, set option values so as to be able to lease out IP addresses and provide option values to clients.

Installing via PowerShell

To install the DHCP server role via PowerShell, one needs to run the following command:
Command: Add-WindowsFeature -IncludeManagementTools dhcp
Note the extra switch (IncludeManagementTools) which is now needed, in contrast to Windows 7. Without this switch, just the DHCP server role would be installed. The DHCP server RSAT tools which includes DHCP MMC, netsh context and the new DHCP PowerShell cmdlets, is not installed by default, unless you give the above flag.

After the role is installed, there are a few other steps that the administrator needs to perform so that the server can work correctly and lease out addresses. This the post-install configuration as performed by the above mentioned post-install wizard. The administrator can either launch the Server Manager and complete the DHCP post-installation task from there (as this is UI-only task) or run the below set of commands which are an equivalent of above.
Creating DHCP security groups

Creating DHCP security groups

Command:netsh dhcp add securitygroups

You will need to restart the DHCP service for these groups to become active.
Command: Restart-service dhcpserver
Authorizing the DHCP server in Active Directory (only needed for a domain-joined setup)
Command: Add-DhcpServerInDC <hostname of the DHCP server> <IP address of the DHCP server>
Now the administrator can launch DHCP MMC either via Server manager, or via the DHCP MMC application from the start menu, or by writing dhcpmgmt.msc on the command prompt. The administrator can now also create scopes, set option values so as to be able to lease out IP addresses and provide option values to clients using DHCP MMC or the new DHCP PowerShell.
If the administrator has completed the post-install configuration using PowerShell, Server Manager may still raise a flag (alert) for its completion using the post-install configuration wizard. This alert can be suppressed by notifying the Server Manager that the post-install configuration has been completed. This can be done by the below command:

Command: Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\Roles\12 –Name ConfigurationState –Value 2.

This article will walk you through setting up the Active Directory Role on a Windows Server 2012. This article is intended to be used for those without an existing Active Directory Forest, it will not cover configuring a server to act as a Domain Controller for an existing Active Directory Forest.
Installing Active Directory

Open the Server Manager from the task bar.

From the Server Manager Dashboard, select Add roles and features.

This will launch the Roles and Features Wizard allowing for modifications to be performed on the Windows Server 2012 instance.

1- Select Role-based or features-based installation from the Installation Type screen and click Next.
Note: Roles are the major feature sets of the server, such as IIS, and features provide additional functionality for a given role.

1-The current server is selected by default. Click Next to proceed to the Server Roles tab.

1-From the Server Roles page place a check mark in the box next to Active Directory Domain Services. A notice will appear explaining additional roles services or features are also required to install domain services, click Add Features.

Note: There are other options including, Certificate services, federation services, lightweight directory services and rights management. Domain Services is the glue that holds this all together and needs to be installed prior to these other services.

1-Review and select optional features to install during the AD DS installation by placing a check in the box next to any desired features; Once done click Next.

1-Review the information on the AD DS tab and click Next.

1-Review the installation and click Install.

Note: The installation progress will be displayed on the screen. Once installed the AD DS role will be displayed on the ‘Server Manager’ landing page.

Configuring Active Directory

Once the AD DS role is installed the server will need to be configured for your domain.

1 If you have not done so already, Open the Server Manager from the task bar.

2 Open the Notifications Pane by selecting the Notifications icon from the top of the Server Manager. From the notification regarding configuring AD DS click Promote this server to a domain controller.

1-From the Deployment Configuration tab select Add a new forest from the radial options menu. Insert your root domain name into the Root domain name field.

1- Review and select a Domain and Forest functional level. Once selected fill in a DSRM password in the provided password fields. The DSRM password is used when booting the Domain Controller into recovery mode.

Note: The selection made here will have lasting effects to features and server domain controller eligibility. For further information on Domain/Forest functional levels see official Microsoft documentation.

1-Review the warning on the DNS Options tab and select Next.

1-Confirm or enter a NetBIOS name and click Next.

1-Configure the location of the SYSVOL, Log files, and Database folders and click Next.

1-Review the configuration options and click Next.

1 The system will check to ensure all necessary prerequisites are installed on the system prior to moving forward. If the system passes these checks you will proceed by clicking Install.

Note: The server will automatically be rebooted once the installation completes.

After the server is done rebooting, reconnect via RDP. Congratulations on successfully installing and configuring a Active Directory Domain Services on Windows Server 2012.