Next, the second domain controller, AD02, must be built and joined to the domain. This domain controller must also be configured to provide global catalog services. The second domain controller provides redundancy for user account data and helps distribute the load for authentication and global catalog queries.

Tasks

  1. Prepare the Second Domain Controller
  2. Join the Fabrikam Domain
  3. Install the DNS Service on the Second Domain Controller
  4. Deploy the Second Domain Controller
  5. Verification Step
  6. Configure the Second Domain Controller as a Global Catalog Server

Prepare the Second Domain Controller

Perform a default installation of Windows Server 2003 R2 on AD02. This requires that you first install Windows Server 2003 with SP2, and then install Windows Server 2003 R2.

Procedure W03-DWCM.3: To install Windows Server 2003 R2 on AD02

  1. Perform a default installation of Windows Server 2003, Standard Edition (with Service Pack 2 integrated), by using the CD boot method. Install the Support Tools from the Windows Server 2003 CD. Use appropriate naming conventions for your environment.

  2. After Setup for Windows Server 2003 with SP2 is complete, log on to the computer as an administrator. Insert Disc 2 into your CD-ROM drive. Setup for Disc 2 should start automatically. If it does not start automatically, browse to Disk 2 (or the shared folder that contains the Setup files) and, in the \Cmpnents\R2 folder, run Setup2.exe. Follow the instructions to upgrade to R2.

Prepare AD02 by enabling Remote Desktop, installing Microsoft .NET Framework 2.0 with SP1, installing the Windows Server 2003 Support Tools, and installing the latest updates from Microsoft.

Procedure W03-DWCM.4: To prepare AD02

  1. Enable Remote Desktop by using Control Panel.

  2. Install the Microsoft .NET Framework 2.0 with SP1.

  3. Install Support Tools from the Support Tools directory on the Windows Server 2003 CD.

  4. Apply any released updates to Windows Server 2003 by using Windows Update.

Join the Fabrikam Domain

After you have finished building and preparing your domain controller, AD02, add the server to the Fabrikam domain and log on as a domain administrator.

Procedure W03-DWCM.5: To add AD02 to the Fabrikam domain and log on as the domain administrator

  1. Configure the local network interface to use the IP Addresses of AD01 and AD02 as Preferred and Alternative DNS server.

  2. Join the server to the fabrikam domain.

  3. Log on to the domain as Administrator@Fabrikam.com.

Note:
Joining a new domain will require you to restart the server.

Install the DNS Service on the Second Domain Controller

Install the DNS service on AD02 by using the Networking Services option of the Add/Remove Windows Components utility.

Note:
Unless you installed DNS components when installing the server, you will be prompted for the location of the files. Insert your installation CD or enter a location on your local disk or your network.

For more information about installing DNS, refer to KB Article 814591: How To Install and Configure DNS Server in Windows Server 2003.

Deploy the Second Domain Controller

During this process you will use DCPromo to configure AD02 to use AD01 as its primary DNS server, and then deploy AD02 to be an additional domain controller for the existing domain (Fabrikam.com). You will be required to restart the server after running DCPromo.

Note:
If your domain controllers have more than one hard disk drive, the recommended configuration is to keep the database and the log file on different hard disk drives.

After the server restarts, log on using an account that is a member of the Domain Administrators group.

Verification Step

To validate that your domain controller is working as specified, run DCDiag at a command prompt. DCDiag was installed as part of the Windows Server 2003 Support Tools. The most important test you will see is connectivity. This test will tell you if your domain controller is properly registered in DNS. If your tests are successful, you have a healthy domain controller.

Configure the Second Domain Controller as a Global Catalog Server

The first domain controller in the forest (AD01) is automatically configured as a global catalog server. For additional resilience, configure AD02 to be a global catalog server too. by using the Active Directory Sites and Services Microsoft Management Console (MMC) snap-in.

Procedure W03-DWCM.6: To configure AD02 as a global catalog server

  1. Open the Active Directory Sites and Services Microsoft Management Console (MMC) snap-in.

  2. Navigate to AD02 server and select Global Catalog in its properties for NTDS settings.