Active Directory – Installing Second or Additional Domain Controller
In this post, we will learn about Installing Secondary or Additional Active Directory Domain Services on Windows Server 2016. Since Microsoft has all the information documented by SME’s, I will be using reference to Microsoft posts.
Before we go further, I would like you to visit few important links here:
- What’s new in Active Directory Domain Services for Windows Server 2016
- Active Directory Domain Services Overview
- AD DS Design and Planning
- What’s New in Active Directory Domain Services Installation and Removal
The AD DS installation process is now built on Windows PowerShell and is integrated with Server Manager. The number of steps required to introduce domain controllers into an existing Active Directory environment is reduced. This makes the process for creating a new Active Directory environment simpler and more efficient. The new AD DS deployment process minimizes the chances of errors that would have otherwise blocked installation.
In addition, you can install the AD DS server role binaries (that is the AD DS server role) on multiple servers at the same time. You can also run the AD DS installation wizard remotely on an individual server. These improvements provide more flexibility for deploying domain controllers that run Windows Server 2012 , especially for large-scale, global deployments where many domain controllers need to be deployed to offices in different regions.
There are two ways you can install the AD DS:
- Installing AD DS by Using Windows PowerShell
- Installing AD DS by using Server Manager
We will be installing AD DS by Using Windows PowerShell.
Installing the Active Directory Domain Service
First thing to is to add the role using Windows PowerShell. This will install following roles:
- AD DS server role
- Active Directory module for Powershell
- AD DS and AD LDS Server Administration Tools, It also install sub components:
- Active Directory Administrative Center
- AD DS Snap-ins and Command-line tools
When AD DS is installed via PowerShell, Server administration tools are not installed by default . You can install these via including switch –IncludeManagementTools to manage the local server.
Alternatively you can install Remote Server Administration Tools to manage a remote server.
Install-WindowsFeature -Name AD-Domain-Services –IncludeManagementTools
Import the Required Modules
After AD DS role is installed on your server, next step is to promote the box as a DC. But before that you will need to import the AD DS Deployment module, so you have all available commands to promote this server as DC.
Import-module ADDSDeployment
Install Additional Domain Controller
Run Following PowerShell command to Install Secondary or Additional Domain Controller with DNS
# Windows PowerShell script for AD DS Deployment
Install-ADDSDomainController -NoGlobalCatalog:$false -CreateDnsDelegation:$false -CriticalReplicationOnly:$false -DatabasePath “C:\Windows\NTDS” -DomainName “harmikbatth.lab” -InstallDns:$true -LogPath “C:\Windows\NTDS” -NoRebootOnCompletion:$false -SiteName “Default-First-Site-Name” -SysvolPath “C:\Windows\SYSVOL” -Force:$true
During the Installation you will see the progress and some identified errors. Setup will run the pre-checker first and notify of any errors.
After the Installation is complete, you will get the Status message as Success or Failure along with Reboot required or not.
I recommend doing a restart even if it is not required or advised by the Installation. This will make sure any pending installation or setup is completed properly.
There are some commands which you can run in order to identify the installation of Domain Controllers
Get-ADForest
NetdOM /query FSMO
This completes the Installation of Secondary Domain Controller.
References
https://technet.microsoft.com/windows-server-docs/identity/ad-ds/deploy/ad-ds-installation-and-removal-wizard-page-descriptions#BKMK_DepConfigPage
No Comments