Introduction

Domain Controller (DC) is a server that responds to authentication and authorization request. When user logs into the domain the DC checks their username, password and other credentials to either allow or deny for that user.

Why need an additional Domain Controller?

Most organizations can work with one domain controller but for a critical environment, the organization needs to have a backup. Additional domain controller provides fault tolerance. They replicate the Active Directory information and the backup server kicks in if the primary server fails.

Prerequisites before installing Active Directory on a secondary server

• Configure static IP address
• Assign computer name
• Change the DNS to your primary server IP address

Ensure your secondary server can communicate with the primary server and ping the primary server. In my case, ping ad1.techyul.com

Step 1: Installing roles and features

Click on Add roles and features from Server Manager

Click Next on this page

Leave the radio button on Role-based or feature-based installation on the installation page and click Next

Select the server to install Active Directory roles. In my case, I am installing it on the local server. Click Next

Check the Active Directory Domain Services box and click Add Features from the pop-up

Click Next after selecting the Active Directory Domain Services

Click Next from Select features page

Click Next again

In this section, you need to review the options and click Install.

Note: Choosing “Restart the destination server automatically if require” is optional

Wait for the installation to complete. It may take a few seconds to a few minutes

Step 2: Promote the server to a domain controller

Click on Promote this server to a domain controller link

Leave the deployment method to Add a domain controller to an existing domain

Click on Change and type your credentials of your primary domain controller, AD1

Type your credentials of the primary server. In my case, it’s AD1 and click OK

It will pull your domain. After confirming your domain click Next

Verify that Domain Name System (DNS) server and Global Catalog (GC) are selected. Type your recovery password and click Next

Ignore the DNS server error and click Next

Select the server where you want to replicate from. In my case, its AD1.techyul.com and click Next

Leave the Paths default and click Next

Review your configuration and click Next

In this step, the server checks all the prerequisites. If the prerequisite pass, click Install

Wait for the installation to complete. It may take a few minutes. The server will reboot after the installation complete

Now sign in as Domain Administrator

Step 3: Verify additional domain controller

Select Active Directory Users and Computers from Tools in Server Manager

Expand domain.local (techyul.com) and select Domain Controllers. You can find both DC here (AD1 and AD2)

Step 4: Change IP addresses

Make your Preferred DNS server IP of your AD2 IP address. Your Alternative DNS server IP should be your primary Domain Controller. In my case, the IP address of AD1

Sign in to your primary domain controller. Your Alternate DNS server IP should be your secondary server IP address. In my case, the IP address of AD2

Conclusion

We need a secondary domain controller for fault tolerance. Your IT team keeps working on recovering the primary domain controller but the organization needs access to important domain resources until your primary server goes live.

Thank you for reading, I hope you like this article please leave a comment if you have any questions.