Setting up Additional Domain Controller (ADC)

You’ve probably heard the Additional Domain Controller (ADC) and Why and when we need it in our system?

As you know, the Active Directory Domain Services is a place that holds all user/computer objects, authenticates, GPOs and etc…This service keeps an important role in Domain Controllers. In case the Primary Domain Controller (PDC) is down, your user will not able to authenticate against to domain controller or access any network resources (shares, printers, …).

In order to reduce the downtime by enhancing the high availability and load balancing for the PDC, you should have another ADC for backup as well as scalability later. Here I divided into 3 basic cases to apply ADC to the business.

  1. Multiple Site: Your business has many branches, you desire to centralized management.
  2. High availability: You need a backup domain to ensures that people can still log on in case of a failure or planned downtimes of PDC.
  3. Load balancing: The number of users increases, PDC has to work harder.

Ensure you have a Primary Domain Controller first then you can able to add the Additional Domain Controller.

Here are the few steps to add the ADC to the existing domain. Let’s move on.

In this tutorial, I’ve used Windows Server 2019 for my testing lab. You need to assign IP like below:

PDC ADC
IP Address 192.168.1.50 192.168.1.51
Subnet Mask 255.255.255.0 255.255.255.0
Default Gateway 192.168.1.1 192.168.1.1
Prefer DNS 127.0.0.1 192.168.1.50
Alt DNS 127.0.0.1

To get started, Open Server Manager, click Manage > Add Roles and Features

In the Wizard, let keep moving to the Server Roles section. Tick the checkbox Active Directory Domain Services, another wizard pop-up place it default and press Add Features to move to another step.

Move to Confirmation installation selections, click Install.

From Server manager windows, click Promote this server to a domain controller.

Tick to the checkbox Add a domain controller to an existing domain. At Domain section input your domain name.

You must supply a domain administrator account of PDC otherwise you cannot move to the next step.

At this step, input the password for Directory Services Restore Mode (DSRM), the DSRM allows an administrator to repair or recover an Active Directory database. Click Next to continue.

Move to Additional Options, select the replicate server. You should select the PDC server if you have more than one domain controller.

Prerequisites Check should be passed. Click the Install button to start the promotion.

The installation process will depend on the data of PDC and server hardware.

Once the promotion complete, reboot the ADC server. Verify the ADC has joined as a member of the domain controller.

If the installation process doesn’t go wrong, the ADC will be in Domain Controllers OU.

Now, let do a test, create a user account Helpdesk from the PDC server.

Switch to the ADC server to check if the user is synchronized. As you can see the helpdesk account was synchronized to ADC.

Now, you can schedule maintenance within working hours without care of being affected or interrupted users. However, you need to take care of PDC thoroughly since it holds 5 FSMO Roles in Active Directory, without it the Domain Active Directory may not operate.

That’s it. I hope it helps.

Leave a Reply

avatar
  Subscribe  
Notify of