Windows – Secondary domain controller methods


Hi I am aware of several 'modes' that domain controllers can be setup as. Right now we only have a primary domain controller and I would like to setup a secondary. We also will need to have a tertiary or perhaps a read only domain controller in our data center. Any suggestions, or suggested reading on how to setup a secondary DC? Our primary is on Server 2008, the new DC will be installed on Server 2008 R2.

Best Answer

Modes of domain controller went away with the advent of Windows 2000 11 years ago. They're all uniform domain controllers, with the exception of Read Only Domain Controllers which are used in special cases. The primary/secondary paradigm died a long, long time ago.

The domain database itself is what's called a 'multi-master database' in that any node hosting the database can perform updates on their local copy, and the replication methodology ensures consistency. In the WinNT days, only one node could update its database, the Primary Domain Controller, and backups just kept a full copy just in case they needed to be promoted to Primary.

Adding domain controllers is simple. You just add them. No need to consider their primary/secondary/tertiary status.

The one case where you do need to consider things is when you're adding a new domain controller at a higher OS version that what you already have running. So if all of your current DC's are at Server 2008 and you're adding a new one at Server 2008 R2, you will have to run a few adprep routines to update the directory schema and a few other details before you can install the DC itself. That's it.

Related Topic