What is the process for adding a domain controller?

What is the process for adding a domain controller?

Having an extra domain controller can help balance the load and increase fault tolerance. This page explains how to add a domain controller to your Active Directory (AD) environment.

Step 1: Install the Active Directory Domain Services (ADDS)

  • Log in with your Active Directory Server credentials.
  • Open Server Manager → Roles Summary → Add roles and features.


  • You will then see the "Before you begin" screen, which is solely for informational purposes. Read through it and click "Next".
  • Choose the installation type. Select the Remote Desktop Services option if the deployment is based on a virtual machine. Choose Role-based or Feature-based installation if you prefer.


  • Now, choose the server on which the role will be installed. Verify that the IP address displayed is the one of the selected server. Else, close the Server Manager and retry.


  • Select the roles you want to install on this server. Active Directory Domain Services are required for this server to become a domain controller.


  • It is now possible to install the features for this role. By default, the basic features are selected. Click the next button.


  • Confirm your installation selections.

Note: The "Automatically restart the destination server if necessary" option is recommended.

  •      9.Install the software. After the installation is complete, close the window.



Step 2: Configure the server as a domain controller

Note: Domain Admins can only perform the following actions.

  • A notification flag will appear next to the Manage menu when the ADDS role is installed on this server. Select "Promote this server to a domain controller".


  • Launches the ADDS configuration wizard. On the Deployment configuration page, select "Add a domain controller to an existing domain". Specify the domain to which the new DC will be added.


  • You will then see the "Domain controller options" page. A DNS server and a Global Catalog server are the default settings on this DC. You can make this DC read-only if you wish. Set the password for the DSRM mode and the site name for the DC.


  • Note: DSRM mode allows access to an environment if all domain administrator accounts are revoked or if the domain controller fails.
  • We are configuring a DNS server as part of our efforts, so a delegation for this DNS server cannot be created. You can ignore this.


  • Optional: Select where you want your DC to replicate from. Active Directory can replicate from any domain controller or from a specific one.
  • Confirm the locations of the ADDS database, log files, and SYSVOL on the "Paths" page. You can either use the default location or folder, or choose another folder of your choice.


  • On the next screen, review your selections and click Next. A prerequisite check will be performed by Windows. Press Install once it is complete.

After replication is complete, your system will be rebooted. From the command line, run dcdiag /v to verify the domain controller's health.