I was creating a new Domain the other day for testing purposes and thought I would document the process as I went along to put a short tutorial up over here.
This is how to create a Primary Domain Controller (Windows Server 2003) as well as a Secondary DC to act as a backup. I will not be covering FSMO roles or changing of FSMO roles in this tutorial however. The how-to assumes that you have two freshly installed Windows 2003 Servers.
1. Create your first DC. On your first freshly installed Windows 2003 Server machine, go to Start->Run, then type “dcpromo” then hit enter. Alternatively you can go to the “Manage your server” wizard and add a new Role of “Domain Controller (Active Directory)”. After running dcpromo, click Next till you get to the “Domain Controller Type” page. Here we will select “Domain controller for new domain”.
2. Next we select “Domain in a new forest”.
3. You can now enter your full DNS name for the new domain. I used “shogan.local”. Don’t use your web domain here as this is an “internal domain name”. Use something like “yourcompanyname.local”.
4. For the netbios name, leave as default. It should just be a shortened version of your domain specified in step 3. I believe this to help with compatibility when NT, 95, 98 machines are looking at a Windows 2000 or higher domain.
5. Next you can specify the location of your database and log folders. I usually leave mine in their default location.
6. Same for the Shared System Volume folder. I leave mine as default (C:\WINDOWS\SYSVOL).
7. Next the wizard will check to see if you have DNS installed on this machine. If not, select the second option “Install and Configure the DNS server on this computer”. This is the easiest option and the installation will set DNS up for you.
8. The next screen deals with compatibility. I selected the second option here (Windows 2000 and 2003) as I won’t have any other servers below Windows 2000 or 2003 on this particular domain.
9. Enter your Directory Services restore mode password on the next screen and keep this safe.
10. Continue the wizard and the installation will begin.
11. Once the Active Directory Installation wizard is complete, click Finish, then restart the server.
12. Once it has restarted, you should get a screen stating “This Server is now a Domain Controller”. Click Finish and you are done with the first DC!
13. Next, I go to the second server with a fresh install of Windows 2003 Server.
14. Set your IP addresses up. Now that you have a DNS server on the other DC, you can point this Server’s Preferred DNS address to the IP of the Primary DC we just set up. In this case my Primary DC has an IP of 192.168.1.1 and the second DC we are about to set up gets an IP of 192.168.1.2.
15. Run dcpromo on the new server.
16. This time we are going to choose “Additional Domain Controller for an existing domain” in the Active Directory installation wizard.
17. The next screen asks you for your “network credentials”. Enter your new domain administrator username and password (Set up from the first DC). This should be “Administrator” and whatever password you specified during the install. Enter your domain name specified in step 3 above. For example I used “shogan.local”.
18. Enter the domain name again (shogan.local) in my case on the next screen.
19. Complete the rest of the installation wizard as we did in the steps for the first DC. This just involves specifying log folders etc… I usually leave the rest of the options at their defaults. Once you are done, set up should ask you to restart the server.
20. Restart once complete and login with your domain admin account. You should now have a fully functional secondary DC. Any changes you make in Active directory on either server should now replicate across to the other DC.
Here are the images related to each step of the installation process. Click any thumbnail to bring up the larger version.
Feel free to post any questions or comments in the comments section below.