Creating a LDAP Database on Windows Server.

Server Manager

Image 01: Server manager option on the startup menu.

In Windows Server is natively possible to create a LDAP database to feed an Active Directory structure. We will need to access the Server Manager to install the Active Directory service. First, locate the Server Manager on the Startup Menu and launch it.

Image 02: Server Manager Main window.

In its main window, access the "Roles" Option, and create a new role using "Add Roles"

Image 03: Roles.

Add Role Wizard

Image 04: Add Role Wizard home.

Read and follow this page recomendations and then continue.

Image 05: Choosing services to install.

This page allows us to choose the services we want to install to the role we are adding. Check the option "Active Directory Domain Services" and continue

Image 06: Active Directory Domain Services.

There is some important notes about the Active Directory Domain Services in this page.

Image 07: Installation.

This page show what will be installed from now. To proceed with the installation click the "Install" button. After the processing, there will be shown the "Results" window with the installation log.

Image 08: Results.

Domain Controller

Image 09: Active Directory role page.

Image 10: AD DS Install Wizzard.

This wizzard will create our domain(or associate an existing one).

Image 11: OS compatibility.

Image 12: Creating a new tree.

To create a new tree, select the "Create a new domain in a forest" option and click "Next" to set up its name.

Image 13: Setting up a domain Qualified Name.

For this example we are going to use admartini.scriptcase.com as the domain name.

Image 14: Setting the functional level for admartini.scriptcase.info.

This step will define the computers that will be able to become domain servers or delegate controllers.

Image 15: Additional options.

To make sure that other computers will be able to find this domain, turn it on a DNS server or use your default DNS server, relationing the domain name to the AD server's IP adress.

Image 16: Defining database, log and SYSVOL path.

Here you can define the path for the LDAP database, the log files and the SYSVOL. There is no need to change this in most of cases.

Image 17: Setting up a Restore Mode password.

This password will allow you to access the AD server's Restore Mode, it is not related with the LDAP admin password.

Image 18: Installation summary.

Image 19: Installation progress.

Image 20: Installation finished.

Creating a New User

Image 21: Creating new user Object.

Select the "Active Directory Users and Computers" option under the AD DS menu, then select your domain and right click to create a new user object. Insert the user data and define a new password for it. Then confirm the changes to finish the process.

Image 22: New User data.

Image 23: Defining user's password.

Image 24: Object Created.

Results

This tutorial created a LDAP authentication environment. The authentication data for this example are: