How do I install a secondary Active Directory (AD) domain controller (DC) to an existing domain?

Posted: (EET/GMT+2)

 

Adding a second domain controller increases redundancy and reliability in an Active Directory environment. The process is straightforward with Windows Server 2016 and later.

Here's a set of quick steps:

  1. Join the new server to the existing domain using the System Properties dialog or PowerShell:
Add-Computer -DomainName "mydomain.local" -Restart
  1. After reboot, open Server Manager and click Add Roles and Features.
  2. Select "Active Directory Domain Services".
  3. When the wizard completes, click "Promote this server to a domain controller".
  4. Choose "Add a domain controller to an existing domain".
  5. Provide credentials and select the domain.
  6. Check "DNS server" and "Global Catalog" as appropriate.
  7. Complete the wizard and restart the server.

Replication will begin automatically. You can verify it with:

repadmin /replsummary

Having at least two domain controllers per domain ensures users can still log in and services continue even if one DC is offline for maintenance or failure.

Safety first!