2nd Domain Controller

Hi Guys,
I am adding a 2nd DC - once ive installed the OS - shall I add the server to the existing domain then add the roles - then promote as DC? or do I keep it as a workgroup server - then promote as a DC  ? will that add it to the domain?

The IP will be static and DNS set to primary DC.
jag bAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

cwstad2Commented:
you will have to join the domain as a member server then promote
kola12Commented:
Best way are add new serwer to domain. Then promote to DC.
When it's done  change DNS ip first address on second DC to point to yourself. And second DNS ip address to point 1st DC.
jag bAuthor Commented:
thanks - ill add to existing domain first - then promote...the IP setup I was going to have is below - this for dns:
DC2- primary DNS should be DC1?

DC1 - 192.168.1.10
DNS: primary - 192.168.1.10
DNS: secondary - 192.168.1.11

DC2 - 192.168.1.11
DNS: primary - 192.168.1.10
DNS: secondary - 192.168.1.11
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

cwstad2Commented:
Thats correct. also make sure you set the records to static in DNS. If you plan to enable scavening then this will stop the records beind deleted
kola12Commented:
DC1 - 192.168.1.10
 DNS: primary - 192.168.1.10
 DNS: secondary - 192.168.1.11

 DC2 - 192.168.1.11
 DNS: primary - 192.168.1.11
 DNS: secondary - 192.168.1.10

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jag bAuthor Commented:
cwstad - what records?  in the DHCP scope I am going to add the 2nd DC IP... do I create any other records?  I can see Kola12 has used the 2nd DC to point to itself - does it matter what way around as DC1 is primary
cwstad2Commented:
In the DNS you will see all the records of devices which you have on the domain. The records are created so that they can resolve the IP address given by DHCP to name.
kola12Commented:
It is immportant what ip address is on first place in dns. Every DC should point DNS to yourself first.
If you use dhce you shold create reservation for every ip addresses used for servers
jag bAuthor Commented:
cwstad - your basically saying update the DNS records - I don't need to add any others with a 2nd dc?

in regards to the DNS primary and secondary  - DC2 is mainly for redundancy  - ive read that DC2 can use DC1 as primary  DNS?
cwstad2Commented:
open up DNS, click on view then advanced. then find 192.168.1.10 double click the record and uncheck delete this record when it becomes stale.
kola12Commented:
yes, DC2 can use dc1 as primary DNS, but when DC1 has gone DC2 will slow respond for AD and DNS queries. That is main reason for point DNS to yourself on every DC's
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
It does not need to be added to the domain as I have built many DCs where I run DCPROMO from a standalone server.  In order to do this, ensure your DNS is set to your primary DNS and that you can ping your domain.
jag bAuthor Commented:
Kola - makes sense if DC1 is down...respond quicker to DNS queries

I don't get why I have to delete the record for the other DNS as cwstad2 has said?? as both DC's are still working as DNS to itself
MASEE Solution Guide - Technical Dept HeadCommented:
Agree with Mohammed Khawaja.
You can do both ways only difference is you have to type your domain password and domain name.
Rest all the same

But you should point the DNS to itself.

Make sure DNS is active directory integrated and load zones autoamtic
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.