In practice, at the small scale you simply can't protect from a real DDOS as even ignoring resource usage issues it's very easy for even a thousand machines to swamp quite a large connection.
The only real things to do is standard config and hardening, ensuring only what's needed is running, and that what is needed it configured optimally.
Hopefully your ISP / colo will have some procedures to fix some things at their end if there are any attacks. However, unless you're a gambling, pornography or other (legal) fringe site such an attack is extremely unlikely.
This is going to be fairly difficult, but the only thing you can do to guarantee uptime is to set up a temporary 2nd server (I'm guessing this will be a recomissioned workstation... good luck with that!) and set it to do EVERYTHING that the current server is doing.
Set it up as a full AD controller, replicating eveything. Set up its DHCP, DNS, WSUS, anything at all that the first server is doing. Test, test and then test again. Using DFS synchronise the folder redirection to the new server.
Then, unplug the main server from the network. Ensure that everything works. Do more testing. Before you nuke the server, leave it for 24 hours, unplugged, to make sure that no last-minute issues arise (use this time wisely - make an image of the server using Ghost or similar so if it all goes to shit you can roll back easily).
Now, you can set about re-building your server. Once it's rebuilt, one by one transfer services back to it. Join it to do the domain, promote it to a domain controller, replicate everything back to it, re-sync the DFS, etc etc.
Once you're sure everything is working again, unplug the temporary server. Keep it on hand for a few days to make sure that everything is OK before you nuke it back to its original state.
If you can, its probably best if you pull an all-nighter to do the switchovers (both of them). Doing it in the middle of the night means that there's little chance of someone trying to access something during the transition process, and if it doesn't work you can stop, roll back, get some sleep and try again the next night.
Best Answer
Here are two great places to start hardening any server: