Create a new domain tree

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To create a new domain tree

  1. Click Start, click Run, and then type dcpromo to start the Active Directory Installation Wizard.

  2. On the Operating System Compatibility page, read the information and then click Next.

    If this is the first time you have installed Active Directory on a server running Windows Server 2003, click Compatibility Help for more information.

  3. On the Domain Controller Type page, click Domain controller for a new domain, and then click Next.

  4. On the Create New Domain page, click Domain tree in an existing forest.

  5. On the Network Credentials page, type the user name, password, and user domain of the user account you want to use for this operation, and then click Next.

    The user account must be a member of the Enterprise Admins group.

  6. On the New Domain Tree page, type the full DNS name for the new domain, and then click Next.

  7. On the NetBIOS Domain Name page, verify the NetBIOS name, and then click Next.

  8. On the Database and Log Folders page, type the location in which to install the database and log folders, or click Browse to choose a location, and then click Next.

  9. On the Shared System Volume page, type the location in which to install the Sysvol folder, or click Browse to choose a location, and then click Next.

  10. On the DNS Registration Diagnostics page, verify if an existing DNS server will be authoritative for this forest or, if necessary, choose to install and configure DNS on this server by clicking Install and configure the DNS server on this computer, and set this computer to use this DNS server as its preferred DNS server, and then click Next.

  11. On the Permissions page, select one of the following:

    • Permissions compatible with pre-Windows 2000 Server operating systems

    • Permissions compatible only with Windows 2000 or Windows Server 2003 operating systems

  12. On the Directory Services Restore Mode Administrator Password page, type and confirm the password that you want to assign to the Administrator account for this server, and then click Next.

    Use this password when starting the computer in Directory Services Restore Mode.

  13. Review the Summary page, and then click Next to begin the installation.

  14. Restart the computer.


  • To perform this procedure, you must be a member of the Domain Admins group (in the forest root domain) or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.

  • Before installing Active Directory, you will need to consider pre-Windows 2000 compatible security levels and identify the DNS name of the domain. For more information, see the checklist in Related Topics.

  • When a new domain tree is created in an existing forest, a two-way, transitive tree root trust is established by default.

  • The wizard options on the Permissions page affect application compatibility with computers running pre-Windows 2000 and Windows Server 2003 operating systems and are not related to domain functionality. For more information about permissions, see Related Topics.

  • You can also use a smart card to verify administrative credentials. For more information about smart cards, see Related Topics.

  • The Active Directory Installation Wizard allows Active Directory domain names up to 64 characters or up to 155 bytes. Although the limit of 64 characters is usually reached before the limit of 155 bytes, the opposite could be true if the name contains Unicode characters consuming three bytes. These limits do not apply to computer names.

  • You cannot install Active Directory on a computer running Windows Server 2003, Web Edition, but you can join the computer to an Active Directory domain as a member server. For more information about Windows Server 2003, Web Edition, see Related Topics.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also


Checklist: Creating a new domain tree
Domain controllers
Using Smart Cards
Using the Active Directory Installation Wizard
Domain and forest functionality
Overview of Windows Server 2003, Web Edition