Www

Home/Enterprise Virtualization & Containerization

Building a Windows Server 2022 Domain Controller in a Homelab VM

Homelab Server Build for Enterprise IT Professionals · Enterprise Virtualization & Containerization

Let's be honest. Running a full-blown Windows Server Domain Controller in your house isn't normal. Your gaming rig doesn't need to authenticate against Active Directory. But here's the thing: it's the ultimate practice field. Screwing up here costs you nothing but a little time and pride. Want to learn Group Policy for real? Test deployment scripts without getting fired? This is how. It transforms abstract theory into muscle memory. Trust me.

Gathering Your Digital Tools (It's Not Just the ISO)

Before you hit install, get your ducks in a row. You'll need the Windows Server 2022 evaluation ISO from Microsoft. It's free for 180 days. More importantly, you need a hypervisor. VMware Workstation Pro, VirtualBox, Hyper-V on Windows 11 Pro—pick your poison. I'm a VMware guy. Also, decide on a naming scheme. `LAB-DC01` works. Write down a static IP for it. Your brain will forget. Lastly, grab a coffee. This is the calm before the config storm.

Spinning Up The VM: Don't Overthink This Part

Creating the VM is straightforward. Give it at least 4GB of RAM. Two cores. The disk? 60GB dynamically allocated is plenty for a lab DC. The crucial step everyone misses? Set the network adapter to a mode that lets your VM talk to your host machine and the internet. "Bridged" or "NAT" usually does it. Attach the ISO. Boot. Hit the "Install Now" button. This isn't the hard part. The hard part is staying focused during the inevitable reboots.

The Quiet Before the Storm: Server Setup & Initial Config

You'll land on the desktop. Server Manager pops up. Ignore most of it for now. First, rename the stupid server from 'WIN-xxxx' to your planned name. Reboot. Then, open PowerShell as Admin. This is where you set the static IP. Use `New-NetIPAddress` and `Set-DnsServerClientServerAddress`. Pro-tip: point the DNS server to *its own future IP*. This feels wrong but is 100% right for a domain controller. It's the first "aha" moment in the AD journey.

The Magic Words: Installing the AD DS Role

Back in Server Manager, click "Add roles and features." Click next a bunch. You'll get to a list of roles. Check the box for **Active Directory Domain Services**. It'll ask to add some required features. Say yes. Click install. This doesn't create your domain yet. It just gives the server the capability. Think of it as unpacking the toolbox. The real construction starts with the promotion. The installation bar gives you a perfect moment to refill that coffee.

Promotion Day: Turning a Server into *The* Domain Controller

Here we go. After the role installs, there's a yellow notification flag. Click it and "Promote this server to a domain controller." You're now at the heart of the operation. Select "Add a new forest." Pick a root domain name. For the love of all that is good, use something like `homelab.local`. Not `mycompany.com`. Set a Directory Services Restore Mode password. Write it down. Click through the rest. It'll do its thing, reboot, and boom. You now own a Windows domain. The login screen changes. It's a beautiful sight.

First Login & The "Now What?" Moment

Log in with your new domain credentials (DOMAIN\Administrator). Open Server Manager, look at the "Tools" menu. See all those new AD tools? That's your playground. Open "Active Directory Users and Computers." Create an organizational unit called "Lab Users." Make a test user. Feel the power. Then open "DNS Manager" and see all the records it created automatically. This is the foundation. Everything in enterprise Windows builds on this. Your homelab just got a whole lot more interesting.