Solved

How to add a secondary domain controller to SBS 2011

Posted on 2013-11-09
7
5,532 Views
Last Modified: 2013-11-10
Hello All,

Can someone please give us a step by step guide to properly add a secondary domain controller to and an existing SBS 2011 domain? It also needs to be secondary DNS and DHCP as well. We have demoted the old secondary 2003 standard already.

Thanks
0
Comment
Question by:CompTroub
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 167 total points
ID: 39636219
Nothing special with SBS here. Follow the appropriate documentation for adding a replica domain controller for whatever version of OS you are trying to use. Sorry I can't be more specific, but you didn't provide the version...and realistically copying and pasting TechNet documentation is rather a waste of everyone's time anyways.

The process, generally speaking is very straightforward.

Now, with that said, DHCP is another matter altogether. Unlike DNS, DHCP being a broadcast technology doesn't really provide a way to provide full failover natively the way you can with DNS. You'd either have to create a full cluster (not with SBS though, so two separate clustered DHCP servers) or split the scope to prevent the two machines from trying to hand out the same address.

Setting up shared DHCP isn't trivial and there is no good "Step by Step." If you really need that level of detail, I'd recommend hiring a consultant and studying what they are doing.
0
 

Author Comment

by:CompTroub
ID: 39636276
server2008 r2 it is. thanks.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 166 total points
ID: 39636343
Simply add the new computer to the domain and promote it to being an additional DC for the existing domain.

Add the DNS role - DNS will then replicate automatically from the existing server

Add the DHCP role to the new DC


You don't need a consultant to set up DHCP, simply aplit the DHCP scope across the 2 DCs
eg: set the DHCP on one to be 192.168.1.10 - 192.168.1.100
       set the DHCP on the other 192.168.1.101 - 192.168.1.200

Set the mask and gateway on both scopes

ALSO - in the DHCP on both machines go to the DCHP Options and add the IPs of both servers as DNS servers -
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:CompTroub
ID: 39636370
Thanks just confirming steps making sure not missing anything.
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 39636458
SBS will shut down the DHCP if it sees another DHCP server on the domain. So simply splitting scopes will not work with SBS.
0
 
LVL 18

Assisted Solution

by:Sarang Tinguria
Sarang Tinguria earned 167 total points
ID: 39636643
And do not move FSMO roles out of SBS else it will start shutting down by itself

Also read below URL for further info
http://blogs.technet.com/b/sbs/archive/2007/10/04/debunking-the-myth-about-additional-domain-controllers-replica-dcs-in-an-sbs-domain.aspx
0
 
LVL 70

Expert Comment

by:KCTS
ID: 39636670
There is a simple fix that will stop SBS disabling its own DHCP if it detects another DHCP server
see http://msmvps.com/blogs/bradley/archive/2007/11/10/to-disable-rogue-dhcp-detection-on-the-sbs.aspx
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question