Create an additional domain controller

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To create an additional domain controller

  1. Click Start, click Run, and then type dcpromo /adv to open the Active Directory Installation Wizard with the option to create an additional domain controller from restored backup files.

  2. On the Operating System Compatibility page, read the information and then click Next.

    If this is the first time you have installed Active Directory on a server running Windows Server 2003, click Compatibility Help for more information.

  3. On the Domain Controller Type page, click Additional domain controller for an existing domain, and then click Next.

  4. On the Copying Domain Information page, do one of the following:

    • Click Over the network, and then click Next.

    • Click From these restored backup files, and type the location of the restored backup files, or click Browse to locate the restored files, and then click Next.

  5. On the Network Credentials page, type the user name, password, and user domain of the user account you want to use for this operation, and then click Next.

    The user account must be a member of the Domain Admins group for the target domain.

  6. On the Database and Log Folders page, type the location in which you want to install the database and log folders, or click Browse to choose a location, and then click Next.

  7. On the Shared System Volume page, type the location in which you want to install the Sysvol folder, or click Browse to choose a location, and then click Next.

  8. On the Directory Services Restore Mode Administrator Password page, type and confirm the password that you want to assign to the Administrator account for this server, and then click Next.

    Use this password when starting the computer in Directory Services Restore Mode.

  9. Review the Summary page, and then click Next to begin the installation.

  10. Restart the computer.

Notes

  • To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.

  • The /adv switch is only necessary when you want to create a domain controller from restored backup files. It is not required when creating an additional domain controller over the network.

  • In step 3, when choosing the option to copy domain information over the network, all directory data for the domain in which this domain controller will be a member will be copied over your network connection. You will have the option to cancel non-critical replication, if necessary.

  • In step 3, when choosing the option to copy domain information from restored backup files, you will need to first back up the System State data of a domain controller running Windows Server 2003 from the domain in which this member server will become an additional domain controller. Then, the System State backup must be restored locally on the server on which you are installing Active Directory. To do this using Backup, choose the option Restore files to: Alternate location. For more information about restoring backups, see Related Topics.

  • If a domain controller that was backed up contained an application directory partition, the application directory partition will not be restored on the new domain controller. For information about how to manually create an application directory partition on a new domain controller, see Related Topics.

  • If the domain controller from which you restored the System State data was a global catalog, you will have the option to make this new domain controller a global catalog.

  • You can also use a smart card to verify administrative credentials. For more information about smart cards, see Related Topics.

  • You cannot install Active Directory on a computer running Windows Server 2003, Web Edition, but you can join the computer to an Active Directory domain as a member server. For more information about Windows Server 2003, Web Edition, see Related Topics.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Checklist: Creating an additional domain controller in an existing domain
Using the Active Directory Installation Wizard
Domain controllers
Using Smart Cards
Create or delete an application directory partition
Restore System State data
Authoritative, primary, and normal restores
Overview of Windows Server 2003, Web Edition