In my previous post I showed how you can install Active Directory Domain Services on Windows Server Core and in this post I´m going to show how you can add an additional Domain Controller to your environment because best practice recommends that you have at least two of them.
To add an additional Domain Controller we need to do following:
1. Rename the server
2. Set the IP and DNS address
3. Join the server to domain
4. Install Active Directory Domain Services Server Role
5. Deploy the Domain Controller
Before you continue I recommend to read my first post.
Here are steps that we need to do
First thing we need to do is to change the server name and after that reboot the server using Restart-Computer –Force cmdlet
Verify server name after reboot using PowerShell built-in environment variable
Our next step is to set static IP address and we for that task we can use Net-NetIPAddress cmdlet and for DNS Set-DNSClientServerAddress cmdlet
DNS address configuration with Set-DNSClientServerAddress cmdlet
Now we need to add the server to domain. In this example my domain name is ViaMonstra. You can use Add-Computer cmdlet to add the computer to domain. After domain join restart the server.
After server reboot lets install Active Directory Domain Services server role
Our last step is to invoke Domain Controller deployment with Install-ADDSDomainController cmdlet.
As you see it is really easy to deploy additional Domain Controllers with PowerShell. You can query all the Domain Controllers with Get-ADGroupMember cmdlet
Here are all the commands
#Step 1 Rename-Computer -NewName DC02 Restart-Computer -Force #Step 2 New-NetIPAddress –InterfaceIndex 12 –IPAddress 192.168.2.3 -PrefixLength 24 Set-DNSClientServerAddress –InterfaceIndex 12 -ServerAddresses 192.168.2.2 #Step 3 Add-Computer -DomainName ViaMonstra -Credential (Get-Credential) Restart-Computer -Force #Step 4 Install-WindowsFeature -Name AD-Domain-Services #Step 5 $Password = ConvertTo-SecureString -AsPlainText -String !1Qwertyuiopüõ -Force Install-ADDSDomainController -DomainName Corp.ViaMonstra.com -DatabasePath "%SYSTEMROOT%\NTDS" ` -LogPath "%SYSTEMROOT%\NTDS" -SysvolPath "%SYSTEMROOT%\SYSVOL" -InstallDns ` -ReplicationSourceDC DC01.corp.viamonstra.com -SafeModeAdministratorPassword $Password ` -NoRebootOnCompletion #Step 6 Restart-Computer -Force #Get all the Domain Controllers Get-ADGroupMember "Domain Controllers"