How to add an additional domain controller

Share this:

In this Tutorial we are going over the process to add a new Domain Controller into an existent domain.

Solution


The first step is to add the role on Windows Server 2012 R2, we cover all the steps and a few hints on the following Tutorial: http://ITPROCentral.com/add-active-directory-domain-services-role/, make sure that you complete those steps before continuing in this Tutorial.

Before promoting the new server as Domain Controller, we will make sure that we covered these key points:

  • To avoid problems avoid having multi-homed Domain Controllers, so one network adapter is good enough
  • Configure the primary DNS of this new server to point out to an existent domain controller
  • This happens more often than we think, make sure that you rename the server properly (nowadays Windows Server 2012 R2 makes so easy to deploy it that sometimes we forget that the server comes with a random name).

After installing the role, open Server Manager if it is not already open, click on the notification icon located on the right-upper corner and then click on Promote this server to a domain controller.

image_thumb

In the Deployment Configuration page. In this page is where we define where the current server will be placed in the current environment. For this Tutorial the goal is to add an additional Domain Controller into an existent domain, so we will select Add a domain controller to an existing domain, and we wil provide the domain credentials clicking on Changeā€¦ button, and finally we are going to select or type the FQDN of the domain. After providing the authentication, selecting the domain and the deployment operation we can safely click on Next to continue.

image_thumb3

In the Domain Controller Options page. By default, we will have the DNS and Global Catalog selected, and unless you have a specific requirement we recommend to keep the default settings. Make sure that the Active Directory site is selected properly based on your environment, and the last step is to define a password to use the DSRM (Directory Services Restore Mode).

Note: The DSRM password is not the local administrator and that password will only be used during troubleshooting process. This password can be changed at any time using ntdsutil.

image_thumb4

In the DNS Options page. Click Next.

image_thumb5

In the Additional Options page. Leave default settings and click Next. The administrator can decide which domain controller the initial replication will occur but default settings are fine for the vast majority of the deployments.

image_thumb6

In the Paths page. We will leave default settings, and then click on Next.

image_thumb7

In the Review Options page. A summary of all options covered during the wizard are going to be displayed, click on Next.

image_thumb8

In the Prerequisites Check page. The wizard will check the current environment to validate if everything is fine to continue, check all warning and if there is no major issues, click on Install.

image_thumb9

A restart is required when installing a new domain controller, and by default the server will restart automatically after the initial replication, as shown in the figure below.

image_thumb10

After the restart we will give some time for the server to create the replication connections with the existent domains, enable the Global Catalog, wait the default shares (netlogon and sysvol) to be listed and so forth. Give at least 20 minutes for that process in a small network.

Conclusion


In this Tutorial we went over the process to add an additional domain controller running Windows Server 2012 R2.

Written by Anderson Patricio

Anderson Patricio

Anderson Patricio is a Canadian MVP in Cloud and Datacenter Management, and Office Server and Services, besides the Microsoft Award he also holds a Solutions Master (MCSM) in Exchange and several other certifications. Anderson has been contributing to the Microsoft Community with articles, tutorials, blog posts, twitter, forums and book reviews. He is a regular contributor here at ITPROCentral.com, MSExchange.org, Techgenix.com and Anderson Patricio.org (Portuguese).