In my previous post I showed how you can install Active Directory Domain Services on Windows Server Core and in this post I´m going to show how you can add an additional Domain Controller to your environment because best practice recommends that you have at least two of them.

To add an additional Domain Controller we need to do following:

1. Rename the server

2. Set the IP and DNS address

3. Join the server to domain

4. Install Active Directory Domain Services Server Role

5. Deploy the Domain Controller

 

Before you continue I recommend to read my first post.

 

Here are steps that we need to do

Step 1

First thing we need to do is to change the server name and after that reboot the server using Restart-Computer –Force cmdlet

clip_image002

Verify server name after reboot using PowerShell built-in environment variable

clip_image003

Step 2

Our next step is to set static IP address and we for that task we can use Net-NetIPAddress cmdlet and for DNS Set-DNSClientServerAddress cmdlet

clip_image005

DNS address configuration with Set-DNSClientServerAddress cmdlet

clip_image007

Step 3

Now we need to add the server to domain. In this example my domain name is ViaMonstra. You can use Add-Computer cmdlet to add the computer to domain. After domain join restart the server.

clip_image009

Step 4

After server reboot lets install Active Directory Domain Services server role

clip_image011

Step 5

Our last step is to invoke Domain Controller deployment with Install-ADDSDomainController cmdlet.

clip_image013

As you see it is really easy to deploy additional Domain Controllers with PowerShell. You can query all the Domain Controllers with Get-ADGroupMember cmdlet

clip_image015

 

Here are all the commands

#Step 1
Rename-Computer -NewName DC02
Restart-Computer -Force 

#Step 2
New-NetIPAddress –InterfaceIndex 12 –IPAddress 192.168.2.3 -PrefixLength 24
Set-DNSClientServerAddress –InterfaceIndex 12 -ServerAddresses 192.168.2.2

#Step 3
Add-Computer -DomainName ViaMonstra -Credential (Get-Credential)
Restart-Computer -Force

#Step 4
Install-WindowsFeature -Name AD-Domain-Services

#Step 5
$Password = ConvertTo-SecureString -AsPlainText -String !1Qwertyuiopüõ -Force
Install-ADDSDomainController -DomainName Corp.ViaMonstra.com -DatabasePath "%SYSTEMROOT%\NTDS" `
-LogPath "%SYSTEMROOT%\NTDS" -SysvolPath "%SYSTEMROOT%\SYSVOL" -InstallDns `
-ReplicationSourceDC DC01.corp.viamonstra.com -SafeModeAdministratorPassword $Password `
-NoRebootOnCompletion

#Step 6
Restart-Computer -Force

#Get all the Domain Controllers
Get-ADGroupMember "Domain Controllers"