That's possible. You could follow-up with this one.
https://support.microsoft.com/en-us/topic/kb5008380-authentication-updates-cve-2021-42287-9dafac11-e0d0-4cb8-959a-143bd0201041
as far as adding the new domain controller I don't see this as an issue.
--please don't forget to upvote
and Accept as answer
if the reply is helpful--