As explained previously, Active Directory Domain Services (AD DS) can be used, for example, to centralize user management.
We are therefore going to create a user in our Active Directory domain using the "Active Directory Users and Computers" console.
As you can see, this Active Directory console is quite easy to use.
To create a new user, right click on the "Users" folder and click on : New -> User.
Provide a username and a first name for it.
Enter a password that meets the complexity requirements of your Active Directory server and is at least 8 characters long.
By default, the wizard allows you to define a password and considers that it's up to the user to change his password at the next logon.
Which is the behavior adopted most of the time in production. But in our case, we will uncheck the 1st box and check the "Password never expires" box, because we are in a test environment.
A summary is displayed.
The user appears in the list.
On the client PC on Windows 10, right-click on the network icon in the taskbar and click on : Open network and Internet settings.
Important : you must have a Professional or Enterprise edition to be able to join your client PC to an Active Directory domain.
The Home edition is therefore not supported.
Then, go down a little in the right part and click on : Change adapter options.
Then, right click "Properties" on your network adapter.
Select "Internet Protocol Version 4 (TCP/IPv4)" and click on : Properties.
Specify the IP address of your domain controller as the primary DNS server.
Then, deactivate and reactivate the network adapter for this change to take effect.
Note that in production, you will likely use a DHCP server on Windows Server to distribute this IP address as the primary DNS server to all of your client PCs.
Open File Explorer and right click "Properties" on "This PC".
Click on : Change settings.
Click on : Change.
Select "Domain" and specify the Active Directory domain name to which you want to join this client computer.
In our case : informatiweb.lan
Specify the administrator credentials of the domain you want to join.
If the join to your Active Directory domain is successful, you will see this message :
Welcome to the informatiweb.lan domain
Then, Windows 10 will tell you that the computer needs to restart.
Click on : Close.
Then, on : Restart now.
The client computer restarts.
After the client computer has restarted, you will be able to log in with a domain account.
Note that on Windows 10, you can log in in 2 ways with your user account :
During your first connection with your user account, your user profile will be created.
Which usually takes less than a minute.
As you can see, we are logged in on the client computer with our Active Directory account.
If you open the system properties of the client PC, you will see that your computer is now a member of your Active Directory domain.
If you open the "Active Directory Users and Computers" console on your domain controller, you will see that a new object of type "Computer" has automatically been created in the "Computers" folder.
This object uniquely represents your client PC and was created when your client PC was joined to your Active Directory domain.
As explained previously, Active Directory relies on the DNS system.
If you open the DNS manager from the start menu of your server, you will see that 2 forward lookup zones have been created there :
In the "_msdcs.informatiweb.lan" DNS zone, you will find some folders :
For the "informatiweb.lan" DNS zone, it contains in particular the list of DNS records automatically created by Active Directory for the servers and computers that you have joined to this AD domain.
Windows Server 11/12/2011
Windows Server 8/8/2012
Windows Server 12/25/2016
Windows Server 6/4/2021
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2020 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.