In this blog post i will cover the installation of an Additional Domain Controller on Windows Server 2019 Standard with a Graphical User Interface.
Before adding an additional domain controller there are some pre-flight checks which need to be completed before installing the role.
[x] Existing Domain Controller [ad.hyperlab.co.uk]
[x] Static IP Address and DNS Pointing to Initial Domain Controller.
[x] Server Named
Installing Additional Domain Controller From Server Manager
From Server Manger under the dashboard select option two: Add Roles and Features.
Click ‘Next‘.
Select: Role-based or Feature based installation.
Select a server from the server pool, for this example only one server is shown under the server manager ‘hypervlab-dc02’ finally click ‘Next‘.
Select the: Active Directory Domain Services.
Click ‘Add Features‘.
Select ‘Next‘.
Select ‘Next‘.
Select ‘Install‘
Once the Role installation has completed you can click ‘Close‘.
Promoting Windows Server to an Additional Domain Controller
From the final screen click on ‘Promote this server to a domain controller‘.
From the Configuration Wizard, Select ‘Add a domain controller to an existing domain’ enter the domain and domain administrator credentials.
Enter the Active Directory DSRM Recovery Password and then click ‘Next’.
Click ‘Next‘.
Click ‘Next‘.
Click ‘Next’.
At this point if we click on ‘View Script’ we can save the PowerShell Setup Script for the ad.hypervlab.co.uk additional domain controller which can be used to rebuild the domain controller when re-creating the lab environment. – finally click ‘Next‘.
Below is a screenshot of the PowerShell Code which was automatically generated by Server Manager.
#
# Windows PowerShell script for AD DS Deployment
#
Import-Module ADDSDeployment
Install-ADDSDomainController `
-NoGlobalCatalog:$false `
-CreateDnsDelegation:$false `
-Credential (Get-Credential) `
-CriticalReplicationOnly:$false `
-DatabasePath "C:\Windows\NTDS" `
-DomainName "ad.hypervlab.co.uk" `
-InstallDns:$true `
-LogPath "C:\Windows\NTDS" `
-NoRebootOnCompletion:$false `
-SiteName "Default-First-Site-Name" `
-SysvolPath "C:\Windows\SYSVOL" `
-Force:$true
The Warning displayed below are cautionary errors than anything game breaking as you can see All the Pre-Flight have passed successfully and we can promote the hypervlab-dc02 to become an additional domain controller for the ad.hypervlab.co.uk domain.
Active Directory Installation taking place.
Active Directory Installation Completed. The server will now reboot and run through the final domain controller step-up.
hypervlab-dc02 Additional Domain Controller ready to log into.
From the start menu we can launch ‘Active Directory Users and Computers’ or ‘dsa.msc’ from a run prompt.
Installing Additional Domain Controller From Microsoft PowerShell
Launch PowerShell as an Administrative Session.
Install-WindowsFeature -Name 'AD-Domain-Services' -IncludeManagementTools 
AD-Domain-Services Installed.
Promoting Windows Server to an Additional Domain Controller with PowerShell
# Import Active Directory Powershell Module
Import-Module ADDSDeployment
Install-ADDSDomainController `
-NoGlobalCatalog:$false `
-CreateDnsDelegation:$false `
-Credential (Get-Credential) `
-CriticalReplicationOnly:$false `
-DatabasePath "C:\Windows\NTDS" `
-DomainName "ad.hypervlab.co.uk" `
-InstallDns:$true `
-LogPath "C:\Windows\NTDS" `
-NoRebootOnCompletion:$false `
-SiteName "Default-First-Site-Name" `
-SysvolPath "C:\Windows\SYSVOL" `
-Force:$trueEnter the domain administrator credentials and DSRM Password.
Once the AD Credentials and DSRM Password have been entered the installation process starts.
Installation Completed! Server will now auto-reboot.
hypervlab-dc02 Additional Domain Controller ready to log into.
