Solved

How to add a secondary domain controller to SBS 2011

Posted on 2013-11-09
7
5,991 Views
Last Modified: 2013-11-10
Hello All,

Can someone please give us a step by step guide to properly add a secondary domain controller to and an existing SBS 2011 domain? It also needs to be secondary DNS and DHCP as well. We have demoted the old secondary 2003 standard already.

Thanks
0
Comment
Question by:CompTroub
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 167 total points
ID: 39636219
Nothing special with SBS here. Follow the appropriate documentation for adding a replica domain controller for whatever version of OS you are trying to use. Sorry I can't be more specific, but you didn't provide the version...and realistically copying and pasting TechNet documentation is rather a waste of everyone's time anyways.

The process, generally speaking is very straightforward.

Now, with that said, DHCP is another matter altogether. Unlike DNS, DHCP being a broadcast technology doesn't really provide a way to provide full failover natively the way you can with DNS. You'd either have to create a full cluster (not with SBS though, so two separate clustered DHCP servers) or split the scope to prevent the two machines from trying to hand out the same address.

Setting up shared DHCP isn't trivial and there is no good "Step by Step." If you really need that level of detail, I'd recommend hiring a consultant and studying what they are doing.
0
 

Author Comment

by:CompTroub
ID: 39636276
server2008 r2 it is. thanks.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 166 total points
ID: 39636343
Simply add the new computer to the domain and promote it to being an additional DC for the existing domain.

Add the DNS role - DNS will then replicate automatically from the existing server

Add the DHCP role to the new DC


You don't need a consultant to set up DHCP, simply aplit the DHCP scope across the 2 DCs
eg: set the DHCP on one to be 192.168.1.10 - 192.168.1.100
       set the DHCP on the other 192.168.1.101 - 192.168.1.200

Set the mask and gateway on both scopes

ALSO - in the DHCP on both machines go to the DCHP Options and add the IPs of both servers as DNS servers -
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:CompTroub
ID: 39636370
Thanks just confirming steps making sure not missing anything.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39636458
SBS will shut down the DHCP if it sees another DHCP server on the domain. So simply splitting scopes will not work with SBS.
0
 
LVL 18

Assisted Solution

by:Sarang Tinguria
Sarang Tinguria earned 167 total points
ID: 39636643
And do not move FSMO roles out of SBS else it will start shutting down by itself

Also read below URL for further info
http://blogs.technet.com/b/sbs/archive/2007/10/04/debunking-the-myth-about-additional-domain-controllers-replica-dcs-in-an-sbs-domain.aspx
0
 
LVL 70

Expert Comment

by:KCTS
ID: 39636670
There is a simple fix that will stop SBS disabling its own DHCP if it detects another DHCP server
see http://msmvps.com/blogs/bradley/archive/2007/11/10/to-disable-rogue-dhcp-detection-on-the-sbs.aspx
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question