Active Directory  «Prev  Next»
Lesson 5 Add a domain controller to an existing domain
Objective Add a domain controller to a domain.

Add Domain Controller to an Existing Domain in Active Directory

To add a domain controller to an existing domain using Active Directory on Windows Server 2019, follow these authoritative and instructive steps:
  1. Prepare the server: Ensure that the server meets the necessary system requirements, has a static IP address assigned, and is fully updated with the latest patches.
  2. Join the server to the existing domain: Before promoting the server to a domain controller, make sure it is joined to the target domain. Log in to the server using domain administrator credentials, open 'System Properties', click 'Change' next to 'Computer Name', and follow the prompts to join the server to the existing domain. Restart the server after domain membership is established.
  3. Install Active Directory Domain Services (AD DS): Follow steps 2-10 from the previous answer ("List the steps to run the 'Installation Wizard' to install Active Directory on Windows Server 2019") to install the AD DS role on the server.
  4. Promote the server to a domain controller: In the 'Server Manager' dashboard, click on the notification icon with a yellow triangle and exclamation mark, then select 'Promote this server to a domain controller'.
  5. Select 'Add a domain controller to an existing domain': In the 'Active Directory Domain Services Configuration Wizard', choose the 'Add a domain controller to an existing domain' option under 'Deployment Configuration'. Select your existing domain from the drop-down menu, and click 'Next'.
  6. Provide domain credentials: If you are not logged in with domain administrator credentials, click on 'Change' next to 'Supply the credentials to perform this operation' and enter the required credentials. Click 'Next' to proceed.
  7. Configure domain controller options: On the 'Domain Controller Options' screen, select the desired options, such as 'DNS server' and 'Global Catalog'. Set the Directory Services Restore Mode (DSRM) password, which is required for restoring the server in case of a failure. Click 'Next' to continue.
  8. Configure DNS delegation: If the server is also a DNS server, you may need to configure DNS delegation. Follow the prompts on the 'DNS Options' screen and click 'Next'.
  9. Set NTDS and SYSVOL paths: On the 'Paths' screen, confirm or modify the default paths for the AD DS database, log files, and SYSVOL folder. Click 'Next' to proceed.
  10. Review your selections: On the 'Review Options' screen, verify your configuration choices. If necessary, click 'Previous' to go back and modify any settings. Click 'Next' to run prerequisite checks.
  11. Perform prerequisite checks: The wizard will check if the server meets all requirements for promoting it to a domain controller. If any issues are detected, resolve them before proceeding. Once all checks pass, click 'Install'.
  12. Complete the promotion process: The server will now be promoted to a domain controller in the existing domain. The server will restart automatically after the process is finished. After the restart, the new domain controller will be fully operational and synchronized with the existing domain.

By following these steps, you can successfully add a domain controller to an existing domain using Active Directory on Windows Server 2019.

Domain Controllers are used for adding an existing Domain

Domain controllers are still essential for adding an existing domain within Active Directory, even in Windows Server 2022.** Here's a breakdown of how they function in this context:
Domain Controllers in Active Directory:
  • Store and manage: Domain controllers house the central database of a Windows domain, storing and managing information about users, computers, groups, policies, and other objects within the domain.
  • Authenticate and authorize: They act as gatekeepers, authenticating users and computers when they attempt to log in to the domain and authorizing access to resources based on their permissions.
  • Replicate data: To ensure fault tolerance and high availability, domain controllers replicate their data with each other, keeping a consistent copy of the domain information across multiple servers.

Adding a Domain Controller to an Existing Domain in Windows Server 2022:
  1. Prerequisites:
    • A static IP address
    • DNS server settings configured
    • Necessary server roles and features installed
  2. Promotion Process:
    • Use Server Manager or PowerShell to promote the server to a domain controller.
    • Specify the existing domain you want to join.
    • Provide credentials for a domain administrator account.
    • Choose whether to create a new domain forest or add to an existing one.
    • Configure additional options as needed.

Key Points:
  • Adding a domain controller to an existing domain expands its capacity and resilience.
  • It enhances authentication and authorization services for users and computers.
  • It provides additional redundancy and fault tolerance for the domain.
  • Windows Server 2022 supports adding domain controllers to domains at any functional level.

Additional Considerations:
  • Plan the placement of domain controllers strategically for optimal performance and redundancy.
  • Regularly back up domain controllers to safeguard critical domain data.
  • Implement security measures to protect domain controllers from unauthorized access.
How do I add a domain controller to an existing domain using Active Directory on Windows Server 2019? | 16 May 2023
You learned earlier that a domain controller is a Windows 2019 Server computer, which contains a copy of Active Directory for the domain and authenticates user logons. One or more domain controllers exist in each Windows 2000 domain. Creating a domain automatically creates the first domain controller for that domain. After you create a domain, you should create an additional domain controller in the domain. In fact, Microsoft recommends that every domain have at least two domain controllers. Why? To provide fault tolerance and provide load balancing for Active Directory.

How to add a Domain Controller

You begin the process of adding a domain controller to an existing domain in the same way that you begin the process of creating a root domain: Run Dcpromo.exe to start the Active Directory Installation Wizard. The remaining steps for this process are outlined below:
  1. Click Additional domain controller for an existing domain. Specify the username, password, and domain name of a user account that has rights to create domain controllers in Active Directory, as shown here:

This shows the wizard box where you choose to create a domain controller.
This shows the wizard box where you choose to create a domain controller
  1. After you have typed in this information, the wizard will carry you through the installation process. You'll need to specify the following information:
    1. The DNS name of the existing domain for which this computer will become an additional domain controller
    2. The locations for the Active Directory database and log files
    3. The location for the shared system volume
  1. After you finish specifying the installation information, the Active Directory Installation Wizard converts the computer to a domain controller, replicates Active Directory from an existing domain controller, converts the computer to a domain controller, and adds the Active Directory consoles discussed in the previous module to the Administrative Tools menu on that computer.
In the next lesson, you will learn how to create a child domain.

SEMrush Software5