Dashboard
Level 1
0 / 100 XP

Adding a Second Domain Controller

Deploy a second domain controller to enhance network reliability and redundancy, ensuring seamless authentication and resource access within an Active Directory environment.

Session duration: 60 minutes· Typical launch: ~4 min

Difficulty

Beginner

Lab level

Lab VMs

2

2 Windows

XP Reward

300 XP

On completion

Virtual machines

Lab VMs

Windows

SADC01

Windows

Username / Password

user / password123

administrator / password123

{{ display_name }} / password123

ad\user / password123

Connection type

In-browser RDP / RDP

CPU / RAM

8 vCPU · 32 GiB RAM

Windows

SADC02

Windows

Username / Password

user / password123

administrator / password123

Connection type

In-browser RDP / RDP

CPU / RAM

8 vCPU · 32 GiB RAM

Lab instructions

Follow the steps below to complete the lab.

The goal of this lab is to join the VM tab SADC02 to the Active Directory domain that exists on SADC02, then promote SADC02 to a domain controller.

Before proceeding with the next step, you need to rename the server from its current dynamic name to SADC02. In this step, you will log in to the server and perform the renaming action.

  1. Click the SADC02 server tab.
  2. Log in using the credentials: user and password123.
  3. Rename the server to SADC02.
  4. Restart the server before clicking Check step

Now that you have renamed SADC02, we need to make sure it can resolve the DNS name of ad.serveracademy.com. In order to do that, you need to add the private IP address of SADC01 as a DNS server on SADC02.

Get IP Address of SADC01:

  1. Open CMD
  2. Execute ipconfig
  3. Copy the IPv4 Address

Add IP of SADC01 as DNS server on SADC02

  1. Open Server Manager
  2. Go to the Local Servers tab
  3. Click the blue text next to Ethernet
  4. Right-click Ethernet and select Properties
  5. Select `Internet Protocol Version 4 (TCP/IPv4), and then select Properties
  6. Select the Use the following DNS server addresses: radio box
  7. Enter the private IP of SADC01

You can test this by opening cmd on SADC02 and pinging ad.serveracademy.com

Join SADC02 to the ad.serveracademy.com domain

  1. In server manager from the Local Server tab, select the blue text WORKGROUP
  2. Click the Change... button
  3. Select the Domain radio box, then type the domain ad.serveracademy.com
  4. Click OK.
  5. Enter your domain admin credentials (AD\user and password123)

After preparing the server and ensuring it meets the prerequisites, you will now install the Active Directory Domain Services (AD DS) server role. In this step, you need to initiate the installation of the AD DS role on your server.

  1. Open the Server Manager from the taskbar.
  2. Click on Manage and select Add Roles and Features.
  3. In the Add Roles and Features Wizard, click Next until you reach the Server Roles section.
  4. Check the box for Active Directory Domain Services.
  5. Click Next through the subsequent prompts until you reach the Confirmation page.
  6. Review your selections and click Install to begin the installation process.
  7. Wait for the installation to complete, then click Close.

After installing the Active Directory Domain Services role on SADC02, you need to promote the server to a Domain Controller. In this step, you will initiate the Active Directory Domain Services Configuration Wizard to complete the promotion.

  1. Open the Server Manager on SADC02.
  2. Click on the notification flag in the top right corner and select Promote this server to a domain controller.
  3. In the Active Directory Domain Services Configuration Wizard, choose Add a domain controller to an existing domain and enter the domain name.
  4. Provide the credentials of a user account with permissions to add a Domain Controller.
  5. Select the appropriate options for Domain Controller Options, including the site name and Global Catalog.
  6. Configure the Directory Services Restore Mode (DSRM) password and click Next.
  7. Review the options and click Install to begin the promotion process.