We can use the Install from media (IFM) option to install an Additional Domain Controller in an existing domain is the best option such as a branch office scenario where network is slow, unreliable and costly. IFM will minimize replication traffic during the installation because it uses restored backup files to populate the AD DS database. This will significantly reduce the amount of traffic copied over the WAN link. For this Installation process, we have to follow these steps:
- On the Primary Domain Controller (KTM-DC01-2K12), Create Installation media using Ntdsutil.exe.
- Add the AD DS role to the member server
- Select Install from Media option to configure a member server as a new domain controller.
Step 1: To Create Installation Media Using Ntdsutil, follow these steps:
1. Log on to KTM-DC01-2K12, as msserverpro\administrator, then open the Command Prompt, type Activate instance ntds and press Enter.
2. At the ntdsutil prompt, type ifm and then press Enter.
3. At the ifm prompt, type create sysvol full e:\ifm and then press Enter.
Note: Verify folder named IFM on this drive.
4. Type, quit, quit.
5. Then, copy the entire contents from the IFM folder to removable drive because we are going to install Additional Domain Controller at a remote branch office where network bandwidth is limited.
Steps 2: Add the AD DS role to the member server (POK-DC01-2K12):
1. Open Server Manager, in the toolbar, click Manage, and then click Add Roles and Features.
2. On the Before you begin page, click Next.
3. On the Select installation type page, ensure that Role-based or feature-based installation is selected and then click Next.
4. On Select destination server page, verify that POK-DC01-2K12.msserverpro.com is highlighted, and then click Next.
5. On Select server roles page, click Active Directory Domain Services, in the Add Roles and Features Wizard windows, click Add Features, and then click Next.
6. In the Select features window, click Next.
7. On Active Directory Domain Services page, click Next.
8. On Confirm installation selections page, select Restart the destination server automatically if required. Click Yes at the message box.
9. Click Install and Installation progress start….
10. After the Installation is succeeded, click Close.
Step 3: Create Additional Domain Controller Using IFM Data:
1. Log on to server POK-DC01-2K12 with the Domain administrator account.
Note: Here POK-DC01-2K12 is member server in the domain.
2. Copy the entire contents from the IFM folder on removable drive to the c:\IFM folder on POK-DC01-2K12 Server. Verify that all items have been copied.
3. Open Server Manager, In the Server Manager Toolbar, to the left of the Mange button, click the Yellow Alert button. In the Post-development Configuration Window, click Promote this server to a domain controller.
4. On the Development Configuration page, ensure that Add a domain controller to an existing domain is selected, and confirm that msserverpro.com is entered as Specify the domain information for this operation Domain and Click Next.
5. On the Domain Controller Options page, ensure that both Domain Name System (DNS) server and Global catalog (GC) are selected. For the DSRM password, enter P@ssw0rd in both boxes, and then click Next.
6. On the DNS Options page, click Next.
7. On the Additional Options page, select the check box next to Install from media, in the text box, type C:\Ifm and then click verify. When the path has been verified, click Next.
8. On the Paths page, click Next.
9. On the Review Options page, review the selection and then click Next.
10. On Prerequisites Check page, verify All prerequisite checks are passed successfully and then Click Install and wait while AD DS is configured. While this task is running, read the information messages that display on the screen.
11. On Installation page, wait for the server to restart to complete the AD DS installation.
12. Finally, verify that additional domain controller is successfully installed by using IFM.
Finally, our new Additional Domain Controller has been created from IFM. This will minimize replication traffic during the Installation. This is the best option for a branch office scenario where network bandwidth is limited. I hope this helps.