Having a single Domain Controller can be quite risky because in case of any kind of hardware or some other technical failure, the entire network can be destroyed. Recently, we wrote a guide on How to create a Domain in Windows Server 2008, in this post we will tell you how to create a backup Domain or anAdditional Domain Controller (ADC). Having an ADC means that in case your primary Domain fails, it takes over the functions of the Primary Domain and keeps the network functional. Client operating systems in this scenario do not get disconnected and a complete network failure is hence, avoided. Moreover, one or more ADCs can help in balancing load of the Domain, fault tolerance and to improve the availability and reliability of network services.
To get started, go to the command prompt or Run, type dcpromo and hit Enter. Whether you are making a Domain, Child Domain, ADC or removing any of them, the dcpromo command is used.
This will take you to the first step of the wizard from where you can create an Additional Domain Controller. Make sure that the advance mode installation option is unchecked and click Next. In case you are wondering what the advance mode installation is used for, it is used for making a RODC (Read Only Domain Controller). An RODC is used by organizations to deploy a DC (Domain Controller) in scenarios where physical security issues occur, such as a subsidiary branch office. It can also be used where local storage of domain passwords is unsafe.
In the next step you will see the same page regarding operating system compatibility which appears when making a DC. Simply click Next to proceed.
When choosing a deployment configuration, select Existing Forest, then select Add a Domain Controller to an existing forest and hit Next.
After that, you will be asked for network credentials which in other words means that you need to enter the name of the Domain that you wish to connect this server to as an ADC. After adding the Domain name, click on the Set button.
This will prompt you to enter credentials to connect to the Domain. Note: the credentials must have administrative privileges. In this case I am using an account that is apart of the Domain Controllers group. After verifying the information, the wizard will allow you to proceed further. Click Next to continue.
In the next section you will be asked to select a Domain Controller. The Domain Controller you entered in the previous step will be selected by default, simply move forward to the next step.
When selecting a site name, leave the default site name as it is and proceed.
Make sure that the DNS Server and Global Catalog check boxes are checked and hit Next. Note: do not check RODC.
Just like when creating a Domain, you will get the choice to set a location for the database, SYSVOL and NTDS files. You may change the destination or let them remain in the default location and proceed to the next step.
Moving forward, you will be asked to save a restore mode password (which is separate from the Domain Administrator’s account). As mentioned in the previous post, this password is configured to be used when the Domain Controller is started in Directory Services Restore Mode. Choose a password and click Next.
Finally, you will be presented with a summary of the selected options which you can review before moving forward.
The Active Directory Domain Installation Wizard will configure services and take you to the next step, where you simply need to click Finish to complete the process.
You will be prompted to restart the system after which your configurations will take effect. Finally you can login with a Domain account and manage your Additional Domain Controller.
No comments:
Post a Comment