How to install a backup domain controller on a new AD setup w2k3 server?

I just upgraded a workgroup to domain, windows 2003 server.  Now I have AD. I want to make another server on the domain a backup domain controller.  How do I do this?  How do I back the both up in the event of corruption?  
195ecentralaveAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AnthonyP9618Commented:
Beginning in Windows 2000, there was no need for a BDC in Directory Services.  Instead, you would stand up multiple domain controllers that would help spread your server load across multiple servers.  To accomplish this, you simply need to build a new Windows 2003 Server install DNS, DHCP (if you're using it) and run dcpromo.  The steps are pretty much the smae you encountered when building the forst DC for the domain.

Once that's complete, you have some options.  

I would recommend spreading the FSMO roles around, e.g, don't leave all 5 FSMO roles on the same machine.  If you're not sure what FSMO roles are or how to accomplish this, read http://support.microsoft.com/kb/324801

Hope that helps get you in the right direction.
0
Brian PiercePhotographerCommented:
Two domain controllers are a good idea and if set up properly will balance load and provide redundance for each other. The process is quite simple.

Install Windows 2003 on the new machine

Join the new Win2003 machine to the domain

Use DC Promo to add a new domain controller in the existing forest and existing domain

Make sure that the new domain controller is also a Global Catlog Server (as gloal catalog is required for logons to be authenticated). This is just a matter of ticking the checkbox. see http://support.microsoft.com/kb/313994

Make sure that Both domain controllers are set to use Active Directory Integrated DNS..

If you are using DHCP then enable it on both Domain Controllers but take care to set each one with scopes so that they do not overlap (otherwise you could end up with duplicate IPs on the Network)

Set each Domain controller to use itself as its own Preferred DNS server and the other domain controller as the Alternate DNS Server.

Set all clients to use one Domain Controller as their Preferred DNS server and the other domain controller as the Alternate DNS Server. You can either do this with a static entry or with DHCP

If you do all this theni f one DC fails the other can continue to service clients.

I would recommend leaving the FSNO roles where they are, there really is not much point in moving them around on a two DC setup unless the 1st machine fails, in which case the roles can be seized, see http://www.petri.co.il/seizing_fsmo_roles.htm
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.