An Additional Domain Controller is required for services redundancy and for domain authentication improvement in remote Site. Additional Domain Controllers avoid business discontinuity in case of server failure for the primary Domain Controller. Multiple domain controllers can also improve performance by making it easier for clients to connect to a domain controller when logging on to the network.
My primary domain controller is a Windows Server 2012 with a static IP address : 192.168.150.12
Its Forest Functional Level and Domain Functional Level are displayed in the below snapshots :
To setup an additional domain controller, you will need a new server. This can be either a physical or a virtual server. Follow the below steps to set up an additional domain controller for an existing domain controller :
1. Configure the server’s network card properties to be a static IP address from the same subnet or subnet which is routable within a network. As directory services rely on DNS server, you need to properly point where the service is running.
2. Join the server to the domain. So first it will be a domain member, once it is a domain member like any other station in the network, then we can promote it and configure it and an additional Domain Controller.
3. Logon to the server with a username that has an administrative roles in Active Directory
4. Open Server Manager and click on Add roles and features
5. The wizard will open, showing you the Before you begin page, click Next to continue
6. Select Role-based or feature-based installation as we will be installing a role on a single server, click Next
7. As this is a local installation, the server will be listed and selected automatically from the server pool. Click Next
8. From the list of roles, select Active Directory Domain Services
9. The required features for AD DS will be automatically selected , click Add Features
You will be back to the roles page, click Next to proceed to the features page
10. On the features page, all installed features and required features by AD DS will be selected. Click Next to continue
11. The main role you selected to install will have a brief information about it. Click Next
12. Confirm installation by reviewing what settings you have chosen. Select Restart destination server automatically so that the server reboot once it completes installation of the roles and features if required.
13. Once installation is completed, another step is required. Promoting this server to a domain controller
When role is installed, You will notice a yellow exclamation mark on the dash board in server manager. It tells you that post deployment configuration steps are required
Click on Promote this server to a domain controller
14. On the Deployment configuration page, select
Add a domain controller to an existing domain
The domain name
The logged in user will be displayed, if you need to select another user with administrative rights on the domain, then click Change and select the preferred user.
Then click Next
15. On the Domain Controller settings page, specify if this DC will be a DNS server as well and if it will be a Global Catalog or not. It is definitely recommended that the additional domain controller is setup as a DS & a GC as well. Unless you have dedicated DNS Services installed on another servers.
If this is a remote site and you don’t have IT staff in it, or you don’t want anyone to commit any changes to your Domain Controllers, then select the checkbox Read only domain controller (RODC).
If you only have a single site then it will be displayed by default, if you have multiple site names, then using the drop down list select the preferred site
Type a password for directory services restore mode and confirm it then click Next
16. Safely ignore the warning regarding DNS delegation, as this server is not yet a DNS server .Click Next
17. Select the source DC to replicate from.
You can define if you want to install this Domain Controller from Install From Media (IFM) ,if you have it, and point from which DC replication should be done. When you do not specify, server will choose the best location for AD database replication. If you have no special requirements for that, keep the default setting as : Any domain controller
18. The locations to install AD DS databases will be displayed. Browse to a different locations if you need to change the default paths.
19. Review selection and click Next
20. Prerequisites checks will be performed, and the result will be displayed. Click Install
21. Installation will be completed and the server will reboot automatically.
22. The Server is successfully configured as an additional domain controller and AD DS is ready to be used on this server.
You can add additional domain controllers to the domain to improve the availability and reliability of network services. Adding additional domain controllers can help provide fault tolerance, balance the load of existing domain controllers, and provide additional infrastructure support to sites.
More than one domain controller in a domain makes it possible for the domain to continue to function if a domain controller fails or must be disconnected. Multiple domain controllers can also improve performance by making it easier for clients to connect to a domain controller when logging on to the network. You can add additional domain controllers over the network or from backup media.