Deploying Additional Domain Controllers in a New Regional Domain

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Figure 7.6 shows the process for deploying additional domain controllers in a new regional domain.

Figure 7.6   Deploying Additional Domain Controllers in a New Regional Domain

Deploy Additional Domain Controllers in New Domain

Install Windows Server 2003

Install Windows Server 2003 on additional computers by completing the same steps as for installing Windows Server 2003 on the first domain controller. Note that you do not need to configure temporary DNS client settings on additional domain controllers; instead, enter the IP addresses of the DNS servers that are connected through the minimum number of network segments, as documented in the Domain Controller Configuration worksheet. For more information about installing Windows Server 2003, see "Install Windows Server 2003" earlier in this chapter.

Install Active Directory

Install Active Directory on the computer that you want to make an additional regional domain controller by running the Active Directory Installation Wizard. You must complete the Active Directory installation and verify that installation is correct on the first domain controller before beginning installation of Active Directory on the second and subsequent domain controllers in the domain. For more information about verifying the Active Directory installation on the first regional domain controller, see "Verify the Active Directory Installation" earlier in this chapter.

The procedure for installing Active Directory on additional domain controllers in a domain differs slightly from the procedure for installing Active Directory on the first domain controller. For additional domain controllers in an existing domain, you have the option of using the install from media feature, which is new in Windows Server 2003. Install from media allows you to pre-populate Active Directory with System State data backed up from an existing domain controller. This backup can be present on local CD, DVD, or hard disk partition. Installing from media drastically reduces the time required to install directory information by reducing the amount of data that is replicated over the network. Installing from media is most beneficial in large domains or for installing new domain controllers that are connected by a slow network link. To use the install from media feature, you first create a backup of System State from the existing domain controller, then restore it to the new domain controller by using the Restore to: Alternate location option.

To install Active Directory on additional regional domain controllers

  1. Log on to the Windows Server 2003–based member server.

  2. If you want to copy domain information from restored backup files, at the command line, type:

    dcpromo /adv

    – or –

    If you want to copy domain information over the network, either type dcpromo (without the /adv switch) or open Administrative Tools, click Configure Your Server Wizard, andselect Domain Controller (Active Directory).

  3. Use Table 7.4 to complete the Active Directory Installation Wizard for subsequent domain controllers in the regional domain. Table 7.4 includes information entered by Trey Research as they deploy their second regional domain controller, SEA-WEST-DC02.

    Table 7.4   Installing Active Directory on Additional Domain Controllers in a New Regional Domain

    Wizard Page or Dialog Box Action Example

    Domain Controller Type

    Select Additional domain controller in an existing domain

    		  

    Copying Domain Information

    (This dialog box appears only when you started dcpromo with the /adv switch or used the Configure Your Server Wizard.)

    Select either:

    • Over the network from a domain controller

    • From these restored backup files

    Trey Research is copying from the first WEST domain controller, SEA-WEST-DC01,which is in the same location, so they selected Over the network to copy the information in the shortest time.

    Global Catalog

    (This dialog box appears only when From these restored backup files was selected, if the domain controller you backed up was a global catalog server.)

    Specify whether to configure this domain controller as a global catalog server.

    		  

    Network Credentials

    In the User name box, type a user account that has sufficient rights to add a domain controller, typically a member of Domain Admins.

    In the Password box, type the password of the user account.

    		  

    Additional Domain Controller

    (This dialog box appears only when Over the network was selected.)

    Confirm or type the full DNS name of the forest root domain.

    west.trccorp.treyresearch.net

    Database and Log Folders

    Type the folder locations specified by your design.

    Database folder: C:\WINNT\NTDS

    Log folder: D:\Logs

    Shared System Volume

    Confirm or type the location specified by your design.

    C:\WINNT\SYSVOL

    Directory Service Restore Mode Administration Password

    In the Password and Confirm password boxes, type any strong password.

    		  

For more information about installing and removing Active Directory, see the Active Directory Collection of the Windows Server 2003 Technical Reference (or see the Active Directory Collection on the Web at https://www.microsoft.com/reskit).

Install DNS Server Service

After Active Directory installation has finished and the computer has restarted, install DNS on the additional Windows Server 2003–based domain controller that is added to the domain.

To install DNS on additional domain controllers using the Windows Components Wizard

  1. Click Start, point to Settings, and click Control Panel.

  2. Double-click Add or Remove Programs, and then click Add/Remove Windows Components.

  3. In Components, select the Networking Services check box, and then click Details.

  4. In Subcomponents of Networking Services, select the Domain Name System (DNS) checkbox, click OK, and then click Next.

  5. If prompted, in Copy files from, type the full path to the distribution files and then click OK. The required files will be copied to your hard disk.

Verify the Active Directory Installation

Use the same steps as shown in the procedure for the first domain controller, but instead of verifying that DomainDnsZones and ForestDnsZones were created, use the repadmin /showreps command to verify that the ForestDnsZones and DomainDnsZones application partitions are replicated successfully. Use the DNS snap-in to verify that DNS server recursive name resolution is configured according to the method used by your organization.

For more information about verifying the Active Directory installation, see "Verify the Active Directory Installation" earlier in this chapter.