Hello Doria-6500,
Thank you for posting here.
Here are the answer for your references.
Q: How to install secondary domain controller as server core on 2k19?
A: Before we do any change in existing AD domain environment, we had better do:
1.Check if AD environment is healthy.
Check all DCs in this domain is working fine by running Dcdiag /v on every DC.
Check if AD replication works properly by running repadmin /showrepl and repadmin /replsum on every DC.
2.Back up all domain controllers if needed.
I did a test in my lab to install a secondary DC in the existing domain. Here are the steps for your reference.
My AD environment is like this:
Domain name: A.lab
The first domain controller is also a DNS server, its IP address is 192.168.2.50.
1.After installing Server Core, ensure that the server has a valid IP-Address, Subnet Mask, Gateway, and a computer name that matches the naming conventions. The easiest way to do this is to use the sconfig command (machine is in the workgroup).
2.According to the prompted options, type 15, click Enter.
Installing an additional Domain Controller
Windows Server Core starts with cmd by default. In cmd type powershell and hit enter.
3.First we install the Active Directory Services Role.
Type command like follows: Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
4.After installation new commands are available. I will use some of them to promote the server to a Domain Controller of my domain A.lab
Type Command like follows:Get-Command -Module ADDSDeployment
5.Make sure the DNS is set correctly. If your first DC is your DNS server then use its’ IP like so:
Set-DnsClientServerAddress –InterfaceAlias <Ethernet> -ServerAddresses <192.168.2.50>
For example:
Set-DnsClientServerAddress –InterfaceAlias NIC1 -ServerAddresses 192.168.2.50
Tip: we need to replace the content in “<>” based on the information in your AD environment.
6.Next we will promote the server to a domain controller in an existing domain.
Type Command like follows:
Install-ADDSDomainController -InstallDns -Credential (Get-Credential <DomainName\Administrator>) -DomainName <DomainName> -SafeModeAdministratorPassword (ConvertTo-SecureString -AsPlainText "<Administrator Password>" -Force)
Tip: we need to replace the content in “<>” based on the information in your AD environment.
For example:
Install-ADDSDomainController -InstallDns -Credential (Get-Credential A\Administrator) -DomainName A.lab -SafeModeAdministratorPassword (ConvertTo-SecureString -AsPlainText "************" -Force)
7.You will be prompted to enter again the password for the domain administrator.
8.Accept with [Y] Yes to continue.
9.Waiting until the machine restart.
10.After restarting, we can see the information by running sconfig on this server core ( machine VSTEPY89VM is in the domain named a.lab) and you can see in ADUC that this Server Core has joined the domain on the first DC with GUI.
Hope that the operations above are helpful.
Best Regards,
Daisy Zhou