Recently, I decided to add a second domain controller to my mikefrobbins.com domain. The existing server and this new server that will become a domain controller both run the Microsoft Windows Server 2012 operating system and both were installed with the default installation type of server core (no GUI).
Even though the GUI can be turned on and off in Windows Server 2012 (unlike in Windows Server 2008 and 2008 R2), I prefer not to add the GUI unless absolutely necessary.
You’ve already loaded the base operating system, added it to the domain, and configured the server as per your organization’s standards. Log into the new server you want to add as an additional domain controller and launch PowerShell by typing “powershell.exe”. You’ll need to first add the AD-Domain-Services role to the server:
1 | Add-WindowsFeature AD-Domain-Services |
The installation of this role completes and a restart is not required:
Now to make this server an additional domain controller in the mikefrobbins.com domain:
1 | Install-ADDSDomainController -CreateDnsDelegation:$false -DatabasePath 'C:\Windows\NTDS' -DomainName 'mikefrobbins.com' -InstallDns:$true -LogPath 'C:\Windows\NTDS' -NoGlobalCatalog:$false -SiteName 'Default-First-Site-Name' -SysvolPath 'C:\Windows\SYSVOL' -NoRebootOnCompletion:$true -Force:$true |
The installation will go through several steps:
A restart is required when the installation is complete:
If you’re looking to install the first domain controller in a new Active Directory forest instead of adding an additional domain controller in an existing domain, see my blog article titled “Use PowerShell to Create a New Active Directory Forest on Windows 2012 Server Core Installation (no-GUI)“.
µ
Hello,
Can you tell me how do I can configure both DNS of each DC in Powershell, I know how to do it because when I tried to do it with GUI, and I had an error, when I searched I got this and I cold resolved the problem: http://technet.microsoft.com/en-us/library/cc735720(v=ws.10).aspx. But I want to know if there is a way to do it on Powershell.
Thank you
Hi Mike,
Im completely oblivious to powershell. These step by step information was really useful for my training.
Thank you
Chamil
Hi Mike,
Thank for the tutorial. Its really useful, if anyone comes into trouble with the credentials
just add on the last line the command below. It will ask credential for DC01 domain
-Credential (Get-Credential)
I was having credentials issue until i added the -Credential(Get-Credential). Thanks for this and also i ran this on Windows Server 2019 Core
Can we also defined the Domain Controller from which Additional Domain Controller will take the updates.
This is very use full for me. I got great resolution in my studies.
Hi Sir, I have followed these steps to add our Windows Server 2016 CORE (Name:COREDC) and joined it to our existing domain (Name: ABB.com). However whenever I am running below mentioned PS command, it is asking for SafeModeRecoveryPassword and confrming it… then it is failing showing these below statements:
I have run this command on the Windows Server 2016 CORE PowerShell prompt:
Install-ADDSDomainController -CreateDnsDelegation:$false -DatabasePath ‘C:\Windows\NTDS’ -DomainName ‘ABB.com’ -InstallDns:$true -LogPath ‘C:\Windows\NTDS’ -NoGlobalCatalog:$false -SiteName ‘Default-First-Site-Name’ -SysvolPath ‘C:\Windows\SYSVOL’ -NoRebootOnCompletion:$true -Force:$true
PowerShell asked me to type a SafeModeRecoveryPassword and confirmed it… Then below ERROR message arrived:
——————————————————–
Install-ADDSDomainController : Verification of user credential permission failed. You must supply a user account name.
At line:1 char:1
+ Install-ADDSDomainController -InstallDns:$true -CreateDnsDelegation:$ …
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+CategoryInfo : NotSpecified: (:) [Install-ADDSDomainController], TestFailedException
+FullyQualifiedErrorId : Test.VefifyUserCredentialPermission.DCPromo.General.24,Microsoft.DirectoryServices.Deploloyment.PowerShell.Commands.InstallADDSDomainControllerCommand
——————————————————–
Could you please guide me urgently what went wrong and what I should do to rectify this error and then join CORE Server into existing ABB.com domain as the 2nd DC?
I will wait for your kind urgent help on this because I am struggling a lot.
Please help.
Thank you,
Regards,
Anirban kar
Is the server already a member of the domain you’re trying to add it to? Add it to the domain first if not, otherwise try specifying -Credential (Get-Credential) with a user account that has access to add the server as an domain controller in the domain.
Thank you Sir. However, could you please just help me with the Sytax, means where to write the User account credential after the switch…. Should I type the full command like this:
nstall-ADDSDomainController -CreateDnsDelegation:$false -DatabasePath ‘C:\Windows\NTDS’ -DomainName ‘ABB.com’ -InstallDns:$true -LogPath ‘C:\Windows\NTDS’ -NoGlobalCatalog:$false -SiteName ‘Default-First-Site-Name’ -SysvolPath ‘C:\Windows\SYSVOL’ -Credential Get-Credential -NoRebootOnCompletion:$true -Force:$true
And where to Type the Domain administrator’s userid & password in this syntax?
I am asking because if I directly type the above syntax, it is telling that Credential not found, although Windows Server 2016 CORE server is already a member of ABB.com domain.
Kindly suggest.
Thank you,
Regards,
Anirban kar
This is very useful – Thank you