Answered by the Webhosting Experts
Tags +

Managed Services

We’re Experts with Windows
Is keeping your Windows server up and running eating away at precious man-hours? Let Hivelocity manage your server with one of our Windows Managed Services plans. With reboots, monitoring, updates, and more, a managed services plan from Hivelocity gives your team the time it needs to focus on growth instead of just maintenance.

Configure your server today and see the benefits a Hivelocity managed Windows solution can offer you!

Tags +

Install Active directory on a windows server

Note: Windows server 2003 web edition does not support active directory , it can be installed on enterprise and standard editions.

First make sure you read and understand Active Directory Installation Requirements. If you don’t comply with all the requirements of that article you will not be able to set up your AD (for example: you don’t have a NIC or you’re using a computer that’s not connected to a LAN).
Here is a quick list of what you must have:
An NTFS partition with enough free space
An Administrator’s username and password
The correct operating system version
Properly configured TCP/IP (IP address, subnet mask and – optional – default gateway)
A network connection (to a hub or to another computer via a crossover cable)
An operational DNS server (which can be installed on the DC itself)
A Domain name that you want to use
The Windows 2000 CD media (or at least the i386 folder)
Brains (recommended, not required…)
This article assumes that all of the above requirements are fulfilled.
Step 1: Configure the computer’s suffix
(Not mandatory, can be done via the Dcpromo process).
1. Right click My Computer and choose Properties.
2. Click the Network Identification tab, then Properties.

3. Set the computer’s NetBIOS name. On a W2K server this cannot be changed after the computer has been promoted to Domain Controller.
4. Click More.

5. In the Primary DNS suffix of this computer box enter the would-be domain name. We will use for this example, you should use your own domain name. Make sure you got it right. No spelling mistakes, no “oh, I though I did it right…” because on W2K this cannot be changed after the computer has been promoted to Domain Controller and if you got it wrong the Dcpromo process might fail.

6. Click Ok.
7. You’ll get a warning window.

8. Click Ok.
9. Check your settings. See if they’re correct.

10. Click Ok.
11. You’ll get a warning window.

13. Click Ok to restart.
Step 2: Configuring the computer’s TCP/IP settings
You must configure the would-be Domain Controller to use it’s own IP address as the address of the DNS server, so it will point to itself when registering SRV records and when querying the DNS database.
Configure TCP/IP
1. Click Start, point to Settings and then click Control Panel.
2. Double-click Network and Dial-up Connections.
3. Right-click Local Area Connection, and then click Properties.

4. Click Internet Protocol (TCP/IP), and then click Properties.

5. Assign this server a static IP address, subnet mask, and gateway address. Enter the server’s IP address in the Preferred DNS server box.

6. Click Advanced.
7. Click the DNS Tab.
8. Select “Append primary and connection specific DNS suffixes”
9. Check “Append parent suffixes of the primary DNS suffix”
10. Check “Register this connection’s addresses in DNS”. If this Windows 2000-based DNS server is on an intranet, it should only point to its own IP address for DNS; do not enter IP addresses for other DNS servers here. If this server needs to resolve names on the Internet, it should have a forwarder configured.

11. Click OK to close the Advanced TCP/IP Settings properties.
12. Click OK to accept the changes to your TCP/IP configuration.
13. Click OK to close the Local Area Connections properties.
Step 3: Install and configure the DNS Service
Now you need to install Microsoft DNS Service:
Install and Configure Windows 2000 DNS Server
Install and Configure Windows 2000 DNS Server to Prepare for AD
Step 4: Running DCPROMO
After completing all the previous steps (remember you didn’t have to do them) and after double checking your requirements you should now run Dcpromo.exe from the Run command.
1. Click Start, point to Run and type “dcpromo”.
2. The wizard windows will appear. Click Next.

3. Choose Domain Controller for a new domain and click Next.

4. Choose Create a new domain tree and click Next.

5. Choose Create a new forest of domain trees and click Next.

6. Enter the full DNS name of the new domain, for example – – this must be the same as the DNS zone you’ve created in step 3, and the same as the computer name suffix you’ve created in step 1. Click Next.

This step might take some time because the computer is searching for the DNS server and checking to see if any naming conflicts exist.
7. Accept the the down-level NetBIOS domain name, in this case it’s DPETRI. Click Next

8. Accept the Database and Log file location dialog box (unless you want to change them of course). The location of the files is by default %systemroot%\NTDS, and you should not change it unless you have performance issues in mind. Click Next.

9. Accept the Sysvol folder location dialog box (unless you want to change it of course). The location of the files is by default %systemroot%\SYSVOL, and you should not change it unless you have performance issues in mind. This folder must be on an NTFS v5.0 partition. This folder will hold all the GPO and scripts you’ll create, and will be replicated to all other Domain Controllers. Click Next.

10. If your DNS server, zone and/or computer name suffix were not configured correctly you will get the following warning:

This means the Dcpromo wizard could not contact the DNS server, or it did contact it but could not find a zone with the name of the future domain. You should check your settings. Go back to steps 1, 2 and 3. Click Ok.
11. You do have an option to let Dcpromo do the configuration for you. If you want, Dcpromo can install the DNS service, create the appropriate zone, configure it to accept dynamic updates, and configure the TCP/IP settings for the DNS server IP address. Click Next.

Accept the default choice or, if you want, quit Dcpromo and check steps 1-3.
12. Accept the Pre-Windows 2000 compatible permissions.

13. Enter the Restore Mode administrator’s password. You can leave it blank (in Windows Server 2003 you must enter a password) but whatever you do – remember it! Without it you’ll have a hard time restoring the AD if you ever need to do so. Click Next.

14. Review your settings and if you like what you see – Click Next.

15. See the wizard going through the various stages of installing AD. Whatever you do – NEVER click Cancel!!! You’ll wreck your computer if you do. If you see you made a mistake and want to undo it, you’d better let the wizard finish and then run it again to undo the AD.

16. If all went well you’ll see the final confirmation window. Click Finish.

17. You must reboot in order for the AD to function properly. Click Restart now.

Step 5: Checking the AD installation
You should now check to see if the AD installation went well.
1. First, see that the Administrative Tools folder has all the AD management tools installed.

2. Run Active Directory Users and Computers (or type “dsa.msc” from the Run command). See that all OUs and Containers are there.

3. Run Active Directory Sites and Services. See that you have a site named Default-First-Site-Name, and that in it your server is listed.

4. Open the DNS console. See that you have a zone with the same name as your AD domain (the one you’ve just created, remember? Duh…). See that within it you have the 4 SRV record folders. They must exist.
= Good
If they don’t (like in the following screenshot), your AD functions will be broken (a good sign of that is the long time it took you to log on. The “Preparing Network Connections” windows will sit on the screen for many moments, and even when you do log on many AD operations will give you errors when trying to perform them).
= Bad
This might happen if you did not manually configure your DNS server and let the DCPROMO process do it for you.
Another reason for the lack of SRV records (and of all other records for that matter) is the fact that you DID configure the DNS server manually, but you made a mistake, either with the computer suffix name or with the IP address of the DNS server (see steps 1 through 3).
To try and fix the problems first see if the zone is configured to accept dynamic updates.
1. In DNS Manager, expand the DNS Server object.
2. Expand the Forward Lookup Zones folder.
3. Right-click the zone you created, and then click Properties.
4. On the General tab, click to select the Allow Dynamic Update check box, and then click OK to accept the change.

5. Do the same for the Reverse Lookup Zone.

You should now restart the NETLOGON service to force the SRV registration.
From the command prompt type “net stop netlogon”, and after it finishes, type “net start netlogon”.

Let it finish, go back to the DNS console, click your zone and refresh it (F5). If all is ok you’ll now see the 4 SRV record folders.
If the 4 SRV records are still not present double check the spelling of the zone in the DNS server. It should be exactly the same as the AD Domain name. Also check the computer’s suffix (see step 1). You won’t be able to change the computer’s suffix after the AD is installed, but if you have a spelling mistake you’d be better off by removing the AD now, before you have any users, groups and other objects in place, and then after repairing the mistake – re-running DCPROMO.
5. Check the NTDS folder for the presence of the required files.

6. Check the SYSVOL folder for the presence of the required subfolders.

7. Check to see if you have the SYSVOL and NETLOGON shares, and their location.

If all of the above is ok, I think it’s safe to say that your AD is properly installed.



Need More Personalized Help?

If you have any further issues, questions, or would like some assistance checking on this or anything else, please reach out to us from your account and provide your server credentials within the encrypted field for the best possible security and support.

If you are unable to reach your account or if you are on the go, please reach out from your valid account email to us here at: [email protected] We are also available to you through our phone and live chat system 24/7/365.

Rapid Restore

Backup your entire server’s data every night and have access to 5 days of rolling restore points.  Restore your server’s data, OS and configuration any time you need it.

Our Rapid Restore service saves the day during accidental data loss, hardware failures and virus contraction. Simply pick your recovery point and restore the data from that day. 

DDoS Protection

While our competitors may advertise DDoS protection, most often, they are merely implementing easily evaded router rules or simply black-holing targeted servers. They consider this “DDoS protecting their network.” However, neither of these solutions should give comfort to any online business. Should your site be attacked, chances are likely both of these options will end with your server being taken offline. At Hivelocity, we take the responsibility of keeping your servers online very seriously. For this reason, we offer two very serious forms of DDoS protection.


Every solution we provide includes our Filtering Edge of Network System (FENS). FENS is a series of proprietary systems that proactively monitors and protects the entire Hivelocity Network from most common Denial of Service (DOS) and Distributed Denial of Service (DDoS) attacks.


For an extra fee, you can enhance your server’s protection further with the addition of our Server Defense System. Our Server Defense System sits in front of your server, inspecting inbound data and looking for malicious traffic. The moment an attack is detected, it instantly begins scrubbing each data packet. Hivelocity’s Server Defense System delivers business continuity even in the face of massive and complex attacks.

Our Server Defense System is like adding an alarm and armed guard to your business, alerting you to and destroying anything attempting to jump that fence. Our Server Defense System utilizes internally developed proprietary systems in addition to Corero’s Threat Defense Smartwalls for data packet scrubbing. Each of our data centers is a scrubbing center with Corero Smartwalls on-premise, allowing us to provide on-prem zero-lag data scrubbing.

SSL Certificates

The security of your online commerce and protecting your customers’ data is as important to us as it is to you. When your customers see the green bar, they will know their connection to you is protected. We offer single domain, multi-domain, and wild-card certificates.

We offer industry leading 128-bit encryption certificates, allowing you to conduct e-commerce with complete security. Inspire confidence in your customers by displaying any number of seals and indicators certifying that your site is secure.

Load Balancing

Adding this service to two servers with identical content will allow you to distribute your load evenly across your hardware. Don’t lose business because you couldn’t handle the demand. Load balance and handle your biggest resource spikes with ease.


Stop attacks, prevent unauthorized access, and achieve regulatory compliance. Our Juniper hardware firewalls offload the work so your server never has to consume resources protecting itself from malicious traffic. A single firewall can be used to protect multiple servers.

Cloud Storage

Cloud storage offers users redundancy and easy accessibility, ensuring your data remains secure and readily available. Scale to as much as you need for only a 20¢/GB.

Cloud Storage is distributed and replicated across many servers, protecting your data from hardware failure. Highly scalable, it can handle thousands of client connections via TCP/IP. Connect to your virtual drive with SFTP, FTP, and SSHMount and in the future NFS and AFP. Cloud Storage is based on a stackable design which is upgradeable up to 2TB per instance.