Install Active Directory on the Additional Domain Controllers

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

The process for installing Active Directory on additional domain controllers is identical whether you upgraded to a regional domain controller in an existing domain or upgraded to a single domain forest. After upgrading the operating system on a Windows NT 4.0 additional domain controller to Windows Server 2003, the computer is in an intermediate state, meaning that the computer is no longer a Windows NT 4.0–based domain controller, nor is it a Windows Server 2003–based member server or domain controller.

The Active Directory Installation Wizard allows you to create an additional domain controller or a member server in the new domain. If you will be installing Active Directory by replicating the directory data over the network or from another media source, select the Member Server option in the Active Directory Installation Wizard. Selecting Member Server will configure the computer to be a Windows Server 2003–based member server, allowing you to install Active Directory at a later time.

To install Active Directory on a Windows Server 2003–based member server

  • At the command Line, type Dcpromo.

    – or –

    Open Administrative Tools, and then click Configure Your Server Wizard. Select Domain Controller (Active Directory) to configure your domain controller. After the Configure Your Server Wizard finishes, the Active Directory Installation Wizard begins.

You can also install Active Directory by using the install from media feature, new in Windows Server 2003. Install from media allows you to pre-populate Active Directory with System State data backed up from an existing Windows Server 2003–based domain controller. This backup can be present on local CD, DVD, or hard disk partition. Installing from media drastically reduces the time required to install directory data by reducing the amount of data that is replicated over the network. Installing from media is most beneficial in environments with very large domains or for installing new domain controllers that are connected by a slow network link.

To install Active Directory on a Windows Server 2003–based member server from media

  • Type dcpromo /adv in the Run dialog box.

    The wizard prompts you to choose a network share or a backup as the installation source. If you are installing from backup files, you must identify the location of the files. If the domain controller from which you restored the System State data was a global catalog server, you will have the option make this new domain controller a global catalog server. The wizard will then proceed with the installation.

For more information about installing and removing Active Directory, see the Active Directory Collection of the Windows Server 2003 Technical Reference (or see the Active Directory Collection on the Web at https://www.microsoft.com/reskit).

Table 8.13 lists information for installing Active Directory on additional domain controllers, as well as sample data for installing Active Directory on additional domain controllers in a regional domain in the existing Trey Research forest or in the Fabrikam single domain forest. Trey Research will install Active Directory immediately after upgrading the operating system. Fabrikam will use the dcpromo /adv command to install Active Directory on a member server by copying directory data over the network from a domain controller.

Table 8.13   Installing Active Directory on Additional Domain Controllers

Wizard Page or Dialog Box Action Example

Additional Domain Controller or Member Server

Select whether you want the computer to become a member server or an additional domain controller for the domain.

Upgrading to a regional domain in an existing forest:

Trey Research will select Additional domain controller to install Active Directory immediately.

Upgrading to a single domain forest:

Fabrikam will select Member Server. They will install Active Directory at a later time using the dcpromo /adv command.

Domain Controller Type

Select Additional domain controller for an existing domain.

Upgrading to a regional domain in an existing forest:

Trey Research will not see this wizard page.

Upgrading to a single domain forest:

When Fabrikam initiates the Active Directory Installation Wizard by using the dcpromo /adv command, this is the first wizard page that appears.

Copying Domain Information

Select either:

  • Over the network from a domain controller

  • From these restored backup files

Upgrading to a regional domain in an existing forest:

Trey Research will not see this wizard page because they chose to install Active Directory immediately following the operating system upgrade.

Upgrading to a single domain forest:

Fabrikam will copy domain information from the first domain controller that is deployed, SEA-FAB-DC01,which is in the same location as the new one. Therefore, they selected Over the network from a domain controller to copy the information in the shortest time.

Network Credentials

Type the user name and password of an account with sufficient privileges to install Active Directory on this computer, and the fully qualified domain name of the domain in which the computer will become an additional domain controller.

 

Additional Domain Controller

Type the full DNS name of the forest root domain.

Upgrading to a regional domain in an existing forest:

Trey Research will not see this wizard page. It appears only if you are installing Active Directory over the network from a domain controller.

Upgrading to a single domain forest:

Fabricorp.fabrikam.com

Database and Log Folders

Type the folder locations specified by your design.

Database folder: C:\Windows\NTDS

Log folder: D:\Logs

Shared System Volume

Confirm or type the location specified by your design.

C:\Windows\SYSVOL

Directory Service Restore Mode Administration Password

In the Password and Confirm password boxes, type any strong password.

 

Verify that all information on the Summary page is accurate, and then click Finish. After the Active Directory Installation Wizard finishes, you will be prompted to restart the computer. The installation will not be complete until the computer restarts.

Note

  • All additional domain controllers added to a single domain forest should be configured as Global Catalog servers. For more information about global catalog server placement, see "Designing the Site Topology" in this book.

After you install Windows Server 2003 Active Directory, enable Remote Desktop for Administration, formerly known as Terminal Services in Remote Administration mode, to enable administrators to log on remotely if necessary. To enable Remote Desktop for Administration, in Control Panel, double-click System, select the Remote tab, and then select Allow users to connect remotely to this computer.