How to Add Domain Controller to Existing Domain

The domain controller is the most important server inside your network. It ensures that users can log in, and handles permissions, policies, etc. But what if your domain controller goes offline? Having a second domain controller in your network increases the reliability of your whole network. So how do we add a domain controller to an existing domain?

Adding a domain controller doesn’t only increase the reliability of your domain, but it also helps with the load balancing of the services. And if you have multiple offices then having a second domain controller on the other sites, ensures that users can still login in the event of an internet/VPN outage.

In this article, we are going to add a domain controller to an existing domain step by step. The steps below work for Windows Server 2012 and upwards to Windows Server 2022.

Requirements

Before we start with adding the domain controller to the existing domain, there are a few requirements that we need to check. I assume you have completed the Windows Server installation.

  • Static IP Address – Give the new server a static IP Address
  • DNS to existing DC – Set the Preferred DNS server to the existing DNS Server (DC01)
  • Computer name – Make sure that you have changed to computer name (DC02) of the new server before promoting it to a domain controller.
  • Date and Time – Make sure that the date and time and time zone match between the servers
  • Join the server to the domain – The server needs to be a member of the domain

Add Domain Controller to Existing Domain

With our server ready we can start by promoting it to a domain controller and adding it to the existing domain.

Step 1 – Installing Active Directory Domain Services

The first step is to install the AD DS (Active Directory Domain Services) on the new server.

  1. Click on Start and open the Server Manager
  2. Click on Manage > Add Roles and Features
add domain a controller
  1. Click Next, make sure Role-based or feature-based installation is selected, and click Next
Install domain controller role
  1. In the Select destination server make sure that your new server is selected (it’s by default), and click Next
  2. Select Active Directory Domain Services. A new dialog screen will appear, click Add Features to add the tools that are required.
  3. Click Next to continue
Add server roles
  1. We don’t need to add additional features, so just click Next on the Select features page.
  2. You will get a summary of the Active Directory Domain Services, click Next to continue
  3. A reboot is not required, so we can leave Restart destination server… off and click on Install.
install ad ds services

Step 2 – Promote Server to Domain Controller

After the installation of AD DS is completed, you can click on Close. We can now promote the server to a domain controller. During these steps, we will add the new domain controller to the existing domain.

  1. In the Server Manager, click on the flag/warning icon and click Promote this server to a domain controller.
server manager to promote domain controller
  1. Make sure that Add a domain controller to an existing domain is selected. Enter the domain and supply the domain admin credentials. Click on Next when done.
finding domain
  1. In the domain controller options page, leave the default items selected. You only need to enter the DSRM password twice
add dc server
  1. Ignore the warning on the DNS option page. This is normal and can be skipped.
replicate domain controller
  1. In the additional options page, we can select the domain controller from which we want to replicate. Normally you want to be able to replicate from any domain controller.
    But if you have two domain controllers in your data center, and installing additional controllers on branch offices, then you probably want to replicate from the data center.
add domain controller to existing domain
  1. We can skip the next two screens. It’s best practice to leave the paths in the default location and you can click next on the review screen.
  2. Click on Install after the Prerequisites Check is completed. It’s normal that you see two warnings (just like in the screenshot below)
promote domain controller

Wait for the installation to finish. The server will automatically reboot once completed.

Step 3 – Verifying AD replication

After the server is rebooted, we need to verify the domain replication. We start in the Active Directory Users and Computers. Expand the domain controllers and verify that both domain controllers are listed:

check domain controller in active directory

Next, we want to check if that there are no errors occurred during the replication. For this, we are going to use the built-in repadmin utility.

  1. Open PowerShell or a Command Prompt on the new domain controller.
  2. Type repadmin /replsummary dc02 where dc02 is the name of your new domain controller
domain server replication status

As you can see in the screenshot above, there were no errors during the replications.

Configure DNS Servers

The last step is that we need to configure the DNS servers correctly on the two domain controllers. The preferred DNS server should always point to the other domain controller. The Alternate DNS server must point to its own IP address (or the loopback address 127.0.0.1)

So in the screenshots below:

  • 192.168.1.201 is DC01
  • 192.168.1.202 is DC02

Wrapping up

Adding a domain controller to an existing domain is pretty straightforward as you have seen. Make sure that you configure the DNS servers correctly, otherwise, the replication will probably fail.

After you have added your new domain controller it’s time to demote the old one. You can find a complete guide here.

I hope you found this article useful, if you have any questions, just drop a comment below.

15 thoughts on “How to Add Domain Controller to Existing Domain”

  1. Thanks, I haven’t had to do this in a while. I followed the steps and had no problems. Keep up the good work. Thanks again.

  2. Hello,

    I have 2 DC on my domain. Primary (DC1) died. How do i promote DC2 to primary and add in the new PC as secondary domain.

  3. Hi bro,
    I have 1 DC and 1 ADC (additional domain) running server 2008R2. Now I want to upgrade to server 2022.
    Can I build 1 server 2022 (DC2022) and join to DC2008 as Additional Domain. After, transfer 5 roles from DC2008 to DC2022?!

    Thanks bro!

    • ADC normally stands for Active Directory Connector. Do you mean with additional domain, just a second domain controller? Or are you running two domains?

      I you have just one domain, and two domain controllers, then yes you can add a thrird one (2022), and transfer the roles.

  4. Nice article 🙂
    I’m just curious, why should the preferred DNS be the other DC and the alternative point to it’s own IP? I have always done it the other way around, preferred DNS point to it’s own IP and the alternative point to the other DC.

Leave a Comment

0 Shares
Tweet
Pin
Share
Share