If you're looking to create an unattended installation scenario for Active Directory, one approach would be to script your installation using PowerShell. This article describes the installation steps for Active Directory Domain Services. While originally written for Server 2012, these steps remain the standard for modern Windows Server deployments.
2026 Update: For modern deployments (Windows Server 2022/2025), ensure your Forest and Domain functional levels are set to at least
Win2016 or Win2025.
Preparation Steps for All Future Domain Controllers
1. Set Timezone Appropriately Using tzutil
tzutil /s "Eastern Standard Time"
2. Install AD DS Windows Role
Install-WindowsFeature -name AD-Domain-Services -IncludeManagementTools
3. Ensure AD DS Windows Service is set to Automatic
Set-Service -Name "NTDS" -StartupType "Automatic"
Configuring the Initial Domain Controller (New Forest)
The following script handles the promotion of the first DC. Note the DomainMode and ForestMode parameters—these define the minimum OS version allowed for future DCs in this forest.
$secureRestoreModePassword = ConvertTo-SecureString -string "<<Password>>" -AsPlainText -Force Install-ADDSForest ` -CreateDnsDelegation:$false ` -DatabasePath "D:\Windows\NTDS" ` -DomainMode Win2025 ` -DomainName "corp.contoso.local" ` -DomainNetbiosName "CORP" ` -ForestMode Win2025 ` -InstallDNS:$true ` -LogPath "D:\Windows\NTDS" ` -NoRebootOnCompletion:$false ` -SafeModeAdministratorPassword $secureRestoreModePassword ` -SysvolPath "D:\Windows\SYSVOL" ` -Force:$true
Modern Note: Starting with Windows Server 2025, Active Directory now supports 32k page sizes for