Since the Domain Controller plays a vital role in Active Directory, it is good to have multiple DCs to improve reliability and availability. If the primary domain controller fails, the additional Domain, also called the Backup Domain Controller, performs the tasks and avoids discontinuity. To add the new Domain Controller to an existing domain correctly, read the following paragraphs.
The main task of a Domain Controller in the domain environment is to authenticate users and applies security policies.
When you add additional domain controllers, they replicate the database with each other. And if the primary domain controller fails, the secondary domain controller authenticates users.
For clarification, I have a primary domain controller (DC1) in my lab. To add the new DC, first, I make the second server (DC2) a member of the primary domain controller and then install the AD DS role on the second server, and finally add the new domain controller to an existing domain.
Note: I work on Windows Server 2022, and the processes are the same as windows server 2019.
Step one: join your server to Domain
Before anything, you must join your server to the Domain. To do that, assign the existing DCs IP address to the DNS address of the second server you want to make additional DC.
- In the server manager windows, click on the local server options on the left-hand side.
- In the local server window, click on the IP address in front of the Ethernet.
- Right-click on the network you are connected to and click on the properties.
- From the network properties window, select Internet protocol version 4 (You can select Internet protocol version 6 if you are using IPV6). Click on the Properties button.
- Select Use the following IP address checkbox and assign the static IP and DNS server addresses.
Note: Remember to assign an IP in the range of the primary server’s IP address and set the primary server’s IP address to the DNS address of the second server.
- After setting the static IP address and DNS server address, click OK, close the wizards and return to the local server window.
- Click the WORKGROUP hyperlink on the local server window to join your server to the Domain.
- In the system properties, click on the Change button.
- Select the Domain check box and write the Domain you want to join. Click Ok.
- Enter the username and password of an account with permission to join the Domain. Click ok.
- A small window pops up, welcoming you to the Domain. Click ok and restart your computer.
Step two: install Active Directory Domain Services role on your server
You must install the AD DS role on your server in the second step. Since I already have an article about installing the AD DS on Windows Server, here I pass the steps quickly. If you are interested in figuring out the steps deeply, check the article How to install the Active Directory Domain Services on Windows Server.
- In the server manager window, click on the Dashboard.
- Click on Manage > Add roles and features.
- Pass the before you begin wizard and select the installation type.
- Select the destination server.
- Select and check the Active Directory Domain Services role and click next.
- Click next without selecting new features. A new window provides basic information regarding the AD DS; click next.
- Finally, confirm the installation selection and click Install.
The installation takes time. After the installation is completed, either you can directly click on the Promote the server to domain controller hyperlink or close the wizard and follow the below steps.
Step three: Add a new domain controller to an existing domain
Finally, using the server manager, you can add a new DC to an existing domain.
- In server manager dashboard, click on the notification flag next to Manage.
- Click on Promote this server to domain controller option.
- In the deployment configuration window, ensure the Add new domain controller to an existing domain option is selected. Write or select the domain information.
- Now, click on the Change button to supply the domain credential. And next.
- The Domain controller options wizard lets you check or uncheck the DC capabilities and site information. After specifying the capabilities and site information, provide the DSRM password and click next.
- Pass the DNS delegation wizard by hitting the next button.
- Specify the replication option; you want to replicate with a specific DC or any Domain Controller. Click next.
- Specify the location of the AD DS database, log files, and SYSOL. Click next.
- Review the option and click next.
- After the prerequisites check passed successfully, click on the install button.
- The domain controller installation takes a few minutes. And then your computer restart.
When your computer rebooted, go to the administrative tools > Active Directory User and Computer in the server manager dashboard. Under the domain name, click on the Domain Controller Organizational unit to check the DCs in your current Domain.
Related: How to enable or disable the Global Catalog on Windows Server 2022
Conclusions
Finally, you have successfully added the new domain controller to an existing domain in three steps. I hope the tutorial sharpened your skills and wish you all the best.
You can share your thoughts and questions in the comment section.