In my previous post I showed how you can install Active Directory Domain Services on Windows Server Core and in this post I´m going to show how you can add an additional Domain Controller to your environment because best practice recommends that you have at least two of them.

To add an additional Domain Controller we need to do following:

1. Rename the server

2. Set the IP and DNS address

3. Join the server to domain

4. Install Active Directory Domain Services Server Role

5. Deploy the Domain Controller


Before you continue I recommend to read my first post.


Here are steps that we need to do

Step 1

First thing we need to do is to change the server name and after that reboot the server using Restart-Computer –Force cmdlet


Verify server name after reboot using PowerShell built-in environment variable


Step 2

Our next step is to set static IP address and we for that task we can use Net-NetIPAddress cmdlet and for DNS Set-DNSClientServerAddress cmdlet


DNS address configuration with Set-DNSClientServerAddress cmdlet


Step 3

Now we need to add the server to domain. In this example my domain name is ViaMonstra. You can use Add-Computer cmdlet to add the computer to domain. After domain join restart the server.


Step 4

After server reboot lets install Active Directory Domain Services server role


Step 5

Our last step is to invoke Domain Controller deployment with Install-ADDSDomainController cmdlet.


As you see it is really easy to deploy additional Domain Controllers with PowerShell. You can query all the Domain Controllers with Get-ADGroupMember cmdlet



Here are all the commands

#Step 1 Rename-Computer -NewName DC02 Restart-Computer -Force #Step 2 New-NetIPAddress –InterfaceIndex 12 –IPAddress -PrefixLength 24 Set-DNSClientServerAddress –InterfaceIndex 12 -ServerAddresses #Step 3 Add-Computer -DomainName ViaMonstra -Credential (Get-Credential) Restart-Computer -Force #Step 4 Install-WindowsFeature -Name AD-Domain-Services #Step 5 $Password = ConvertTo-SecureString -AsPlainText -String !1Qwertyuiopüõ -Force Install-ADDSDomainController -DomainName -DatabasePath "%SYSTEMROOT%\NTDS" ` -LogPath "%SYSTEMROOT%\NTDS" -SysvolPath "%SYSTEMROOT%\SYSVOL" -InstallDns ` -ReplicationSourceDC -SafeModeAdministratorPassword $Password ` -NoRebootOnCompletion #Step 6 Restart-Computer -Force #Get all the Domain Controllers Get-ADGroupMember "Domain Controllers"