Adding a Domain Controller to an existing domain

How to Create an additional domain controller in win server 2003 | Windows Reference

So to you windows folks, adding a DC to an existing domain is probably cake but to me it is new. So I found the link listed above. I was just wondering if there are any other best practices, post adding a DC.

A little background:

We have 2 DCs now and we plan to add a 3rd on the subnet on which our host reside. The other admin states that this will improve login speed as well as a few other things.

Find more posts tagged with

SAVE $250 on Your Microsoft Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Microsoft Boot Camps

Comments

Devilsbane

Exteremely easy. Just run dcpromo and select the correct options. You could do it with 1 eye closed and 1 hand tied behind your back.

Edit: And the other admin is right. Adding the new DC will likely increase login speed. Assuming that the reason for slow login is because the server is busy. The other advantage is the extra redundancy.

One think I noticed when I managed a lab, the slow logins were almost always tied to a large profile. We used roaming profiles, so it would always happen that some moron would save a 1GB image (This was a computer forensics classroom) on their desktop. Then the next day they would try to login, and 20 minutes later it was still hanging. Adding an additional DC wouldn't help in this situation.

Bl8ckr0uter

Cool. I think part of our slowness issue is due to some GPOs (we have templates for 2k and we are using XP. They actually blew up our windows 7 test box).

Bl8ckr0uter

Well my CITO said it was ok for me to do it. I might do a test run this weekend and do the real thing at work sometime next month. I'm pretty excited. MAN I'm such an MS noob

Devilsbane

phoeneous wrote: »

How'd it go?

knwminus wrote: »

I might do a test run this weekend and do the real thing at work sometime next month.

hmmmm... Lets do the math here.

[Deleted User]

Devilsbane wrote: »

hmmmm... Lets do the math here.

phoeneous is from the future. He is just waiting on knwminus' future self to report back.

kriscamaro68

knwminus wrote: »

How to Create an additional domain controller in win server 2003 | Windows Reference

So to you windows folks, adding a DC to an existing domain is probably cake but to me it is new. So I found the link listed above. I was just wondering if there are any other best practices, post adding a DC.

A little background:

We have 2 DCs now and we plan to add a 3rd on the subnet on which our host reside. The other admin states that this will improve login speed as well as a few other things.

From my understanding if all the dc's are global catalog servers then this would help speed things up as they will all have the login/client info on each server so that it doesn't have to hop from server to server to make it to the dc that is a global catalog server. I would just make sure that all of them are global catalog servers which I have heard is best practice. Someone correct me if I am wrong so I know.

Devilsbane

kriscamaro68 wrote: »

I would just make sure that all of them are global catalog servers which I have heard is best practice. Someone correct me if I am wrong so I know.

If I remember right, you do not want all of your DC's to be GC's. I think it depends on the enviornment set up, but I thought it was 1 GC per site was fairly standard. Unless there was a slow WAN link to that site, in which case don't give it any. Now someone correct me if I am wrong. Because I likely am.

Bl8ckr0uter

phoeneous wrote: »

How'd it go?

Sorry. I haven't done it yet. Something else came up and I haven't been able to get to it. When I do it I will post about it.

QHalo

Pretty sure that the number of GC's is tied to how complex your forest is (multi-domain, Exchange server) and how limited you are in network bandwidth due to the amount of replication that would need to occur between DC's.

kriscamaro68

QHalo wrote: »

Pretty sure that the number of GC's is tied to how complex your forest is (multi-domain, Exchange server) and how limited you are in network bandwidth due to the amount of replication that would need to occur between DC's.

I am thinking in a smaller setup. Like he said there is only 2 dc's right now. I would guess they are all also in the same location. If this was a multi-site setup then I don't think a gc for every dc would be a good setup. Either way I would like some clarification myself.