This is very good. What I do not understand is the DNS part. Is it not best practice, recommended by MS, to configure the primary DNS of the second DC to be the IP of the first DC, and the first DC primary DNS to be the second DC IP?
i've read that the best practice for the dns prefferred and alternate is that the preferred should always be a different ip to the host ip, so in this case, thats the ip of the main active directory and keep the lookpack ip in the alternative dns server
Your videos are great ! A little proposal for you, and it is you name the servers a little different, for the sense of explanation. To make it easy you picture the topology, such as DC 1 and DC 2 ext.
Great video with all details. I found others, but with missing steps. I have a question: I have SCRIPTS in the DC1, but on the new DC2, I didn't see the folder C:\Windows\SYSVOL\domain\scripts or C:\Windows\SYSVOL\domain\Policies. Should I copy both folders to to DC2? Thanks.
Check if the Sysvol shared folder is present on both domain controllers? Run net share command in command prompt on both domain controllers. Also check replication summary on both DC's.
Thanks for the guide, actually my server DC problem always restarted, i install additional secondary server as your guide & its work, Please advice for DHCP server ? do we need install again DHCP to secondary server like as usual install role because i planning shutdown main server DC take it to service shop
Nice explanation, and i have one question pls, my ADC work when my DC still turn on but when DC down, my ADC can not work instead of, i mean ADC down too
No, it is not normal. If your DC is down your ADC must be in working condition. Otherwise what is the point of deploying ADC? Check the replication between both DC's.
Thanks for the video. I have a question: After promoting second server to the Domain controller, I wonder if all parts of DNS on new DC (Forward Lookup Zone, Reverse Lookup Zone and conditional Forwarder and etc.) are synced and replicated between both server1 and server2 (like the active directory and GPO)?
I have gotten to checking the NTDS settings but I cannot check the primary domain controllers topology replication from the BDC because 'the RPC server is unavailable' . I checked the VM's firewall and it allows inbound RPC connection from any source. I do have 1 DNS on both my machines with the same name but not sure if that would be the issue, do you have any ideas on what is wrong with my PDC/BDC setup?
First make sure that both DC's can resolve the FQDN to IP of each other. For that open command prompt on ADC and type ping FQDN_of_your_DC and press enter key. Check whether it resolve the IP or not? Do the same for DC as well.
Yes, you can do that. We have two option 1) We can join the ADC server to the domain and start the ADC promotion process and 2) you can directly start the ADC promotion process. I would suggest to go with method 1 but in this video I want to show the other method. Its up to individual which method he/she preferred.
Only the domain controllers from the same domain can replicate all objects. We can not replicate objects between two domains but we can create trust between those domains if we need them in one or another.
I am using Domain controller with AD Connect tool in that case same method I have follow for a additional domain controller or need to do something elate. Please help me
What are the best DNS settings ? DC01: 172.30.1.250 DC02: 172.30.1.252 My settings are now like this DC01: Primary : 172.30.1.252 Secondary: 127.0.0.1 DC02: Primary: 172.30.1.250 Secondary : 127.0.0.1 I want to have redundancy beteen my domain controllers
If DC01: 172.30.1.250 and DC02: 172.30.1.252. then DC01: Primary 172.30.1.250 or 127.0.0.1 and secondary 172.30.1.252 DC02: Primary 172.30.1.252 or 127.0.0.1 and secondary 172.30.1.250
Can you give an idea, how should I proceed, I wanted to replicate 2 existing active directory server to a new active directory server which I already created
No, the ISO file is same but I have two clean installed VM. It is not a clone copy of the existing VM. If you want to use the clone image then you need to run sysprep on the other VM to generate new sid for the other VM.
I am going to setup one ADC in my network so i want to know that how domain client system will come to when primary DC is down and they have to connect ADC for authentication ?
Hi, waiting for your reply, as i got stuck after configuration of ADC. After shutdown primary domain controller, domain users are unable to communicate with ADC.
You can manually install DNS role first, but if DNS role is not installed the Active Directory Domain Controller Promotion wizard will install it automatically.
New one. Each Domain Controller has its own DSRM password. This password will store on local computer. In case if active directory services fail to start, you can use the password store on local server to login.
Hi, very well explained. I added additional domain controller but users unable to login in secondary DC when primary DC goes offline. Error getting- username or password is incorrect. Plz guide.
Is the replication is completed successfully? Make sure you provide the ADC (which is also DNS)'s IP address to client. so they can contact to second DC. I mean use both DC and ADC's IP address as preferred and alternate DNS Servers Address.
@@MSFTWebCast yes checked, both ip are there. I tried to login directly on the server with one user ID. Still same issue, getting error- user id or password is incorrect, try again later, plz advice.
@@bablududdi225 Then I dont think that the client computers are not able to contact the additional domain controller. Do one thing "Create a test user and try to login with the new test user." And let me know how it goes.
1) Adding a Domain controller to an existing domain will create Additional Domain Controller. 2) Adding a New domain in an Existing Forest can create new child domain with parent domains namespace or New tree domain with different domain namespace. 3) Add a New domain will create a new domain in brand new forest.
Hi, waiting for your reply, as i got stuck after configuration of ADC. After shutdown primary domain controller, domain users are unable to communicate with ADC.
@@MSFTWebCast yes replication is completed but how to prepare clients to use additional domain controller as in clients primary domain controller IP address is mentioned in preferred DNS. Do we need to configure forward lookup zone and reverse lookup zone for additional domain controller or what we need to so client can detect additional domain controller.
@@jigneshkhambhati3772 You just need to specify the additional domain controllers IP address as a secondary DNS servers address. There is no need to create forward or reverse lookup zone on ADC as dns zones are already replicated from primary domain controller.
@@MSFTWebCast hi i have tested it and it's working fine. Client is able to communicate with Additional Domain controller smoothly. But while trying to open Group Policy in Additional Domain controller, i am getting error that none of the domain controller are available. So what i need to resolve this because i am unable to change Group Policy in Additional Domain controller.
i follow your video with details, but at 6:28 i cannot find any DNS rules on my second DC? Then when i tried to replicate AD sites & service failed with error "The RPC Server not available, this condition may caused by dns lookup problem" anyone can give the solution?
What you see in DNS manager on second ADC? Try to install DNS server on ADC?. The error is related to DNS since the DC is not able to resolve FQDN to IP which is required for replication.
Best playlist I have got after wasting so much time on utube for better content....thanku❤
Thanks!
U r videos are very helpful to build ADC..
Thank you so much as always. Great tutorial and easy to follow as I'm watching the video and doing my lab.
This is very good. What I do not understand is the DNS part. Is it not best practice, recommended by MS, to configure the primary DNS of the second DC to be the IP of the first DC, and the first DC primary DNS to be the second DC IP?
I found the dialect amusing. Nice informative video.
Thank you so much from Europ!!🥰😍💞💞💞💞💞
This was a GREAT Video! Informative and direct - Thank You!
Glad it was helpful!
i've read that the best practice for the dns prefferred and alternate is that the preferred should always be a different ip to the host ip, so in this case, thats the ip of the main active directory and keep the lookpack ip in the alternative dns server
Thank you very much. I can create a second domain controller into my enterprise Windows 2019 Domain infrastructure
Your videos are great ! A little proposal for you, and it is you name the servers a little different, for the sense of explanation. To make it easy you picture the topology, such as DC 1 and DC 2 ext.
Thanks for the tips! I will keep in mind.
Thanks for the great video
Excellent guide, thanks a lot!
Glad it helped!
Grate information thank you
Amazing . Thank you. Keep up the good work.
Thank you great video
Excellent presentation.
Excellent video - Thank you
excellent video. Thanks
Your videos are great ! how to configure, if we required 3 node kind of cluster.. please guide us..
THANSK ALOT I LOVE YOU SO MUCH
Thank you.
This was a great help. Thank you so much
Glad it helped!
Great job, thank you very much!
Great video with all details. I found others, but with missing steps.
I have a question: I have SCRIPTS in the DC1, but on the new DC2, I didn't see the folder C:\Windows\SYSVOL\domain\scripts or C:\Windows\SYSVOL\domain\Policies.
Should I copy both folders to to DC2?
Thanks.
Check if the Sysvol shared folder is present on both domain controllers? Run net share command in command prompt on both domain controllers. Also check replication summary on both DC's.
Very helpful
Thank You.
Great tutorial!! Is it necessary to specify in any way which DC will be primary and which will be secondary?
Thanks very much.
which step must u used, if u installed already a dns server + domain controller ?
Amazing video, thank you!!!
Thanks for the guide, actually my server DC problem always restarted, i install additional secondary server as your guide & its work,
Please advice for DHCP server ? do we need install again DHCP to secondary server like as usual install role
because i planning shutdown main server DC take it to service shop
Yes, you can. You can also configure DHCP failover relationship between both DHCP server to high availability.
Nice explanation, and i have one question pls, my ADC work when my DC still turn on but when DC down, my ADC can not work instead of, i mean ADC down too
No, it is not normal. If your DC is down your ADC must be in working condition. Otherwise what is the point of deploying ADC? Check the replication between both DC's.
Thanks!
Thanks for the video. I have a question: After promoting second server to the Domain controller, I wonder if all parts of DNS on new DC (Forward Lookup Zone, Reverse Lookup Zone and conditional Forwarder and etc.) are synced and replicated between both server1 and server2 (like the active directory and GPO)?
Thank a lot Sir. Appreciate for great Knowledge.
What is the functional level of this additional domain controller , whether it get from domain PDC ' s functional level
Yes, it will be same as PDC. In fact there will be no option to raise or select the domain function level.
Very nice. Thank you!
Very good
Would you be using 2 different iso files for this (to get 2 different computers to show up one without workgroup)
great video. i am running virtual box environment too.
Sir, Kindly mark all videos in sequels. So we go by one-by-one
Noted.
THANK YOU! I LOVE INDIA
You obviously never been ... Lucky you!
Thank You. Well Done
Very Helpful
I have gotten to checking the NTDS settings but I cannot check the primary domain controllers topology replication from the BDC because 'the RPC server is unavailable' . I checked the VM's firewall and it allows inbound RPC connection from any source. I do have 1 DNS on both my machines with the same name but not sure if that would be the issue, do you have any ideas on what is wrong with my PDC/BDC setup?
First make sure that both DC's can resolve the FQDN to IP of each other. For that open command prompt on ADC and type ping FQDN_of_your_DC and press enter key. Check whether it resolve the IP or not? Do the same for DC as well.
excellent
Thank you!
FOR ADC, in start of video i saw ADC was in workgroup.....shouldnt we first join ADC PC with main PDC and then install ADDS on ADC????
Yes, you can do that. We have two option 1) We can join the ADC server to the domain and start the ADC promotion process and 2) you can directly start the ADC promotion process. I would suggest to go with method 1 but in this video I want to show the other method. Its up to individual which method he/she preferred.
if want replicate two comapanies two different location two different domains same process right bro ?
Only the domain controllers from the same domain can replicate all objects. We can not replicate objects between two domains but we can create trust between those domains if we need them in one or another.
For me the DC server is not operational coming...what I am supposed to do?
Thank you so much
at 2:19, i can't ping my other domain.. its said "Ping request could not find host (my domain name). Please check the name and try again"
I didnt understand, what is other domain? Make sure you have assign the correct dns servers address on client computer.
Totally Amazing!
Hi dear, very good work very help full for all us, I ask some question,
is it possible there are applications and all drives data are the same?
No. It will be different
have you done it, server replica all drive data are the same, share that video
I am using Domain controller with AD Connect tool in that case same method I have follow for a additional domain controller or need to do something elate. Please help me
Same method. In future if you wish you can install and configure Azure AD Connect tool on your ADC as well.
Hi Sir ,
is DHCP will also replicate to the new DC after promotion ?
No, you can install DHCP role on ADC and configure DHCP failover relationship between them if you want high availability.
very nice ....
Thanks a lot
What are the best DNS settings ?
DC01: 172.30.1.250
DC02: 172.30.1.252
My settings are now like this
DC01: Primary : 172.30.1.252
Secondary: 127.0.0.1
DC02: Primary: 172.30.1.250
Secondary : 127.0.0.1
I want to have redundancy beteen my domain controllers
If
DC01: 172.30.1.250 and DC02: 172.30.1.252.
then
DC01: Primary 172.30.1.250 or 127.0.0.1 and secondary 172.30.1.252
DC02: Primary 172.30.1.252 or 127.0.0.1 and secondary 172.30.1.250
how to install windows server 2019 active directory on vps and how to join local computer on that active directory server ?
Can you give an idea, how should I proceed, I wanted to replicate 2 existing active directory server to a new active directory server which I already created
Did you use two different iso file for two virtual server?
No, the ISO file is same but I have two clean installed VM. It is not a clone copy of the existing VM. If you want to use the clone image then you need to run sysprep on the other VM to generate new sid for the other VM.
I am going to setup one ADC in my network so i want to know that how domain client system will come to when primary DC is down and they have to connect ADC for authentication ?
Hi, waiting for your reply, as i got stuck after configuration of ADC. After shutdown primary domain controller, domain users are unable to communicate with ADC.
So you didn't manually install DNS server, Windows did that for you automatically?
You can manually install DNS role first, but if DNS role is not installed the Active Directory Domain Controller Promotion wizard will install it automatically.
At 4:39 which DSRM are you typing? A new one or the one you once gave to the main DC? What if that password cant be retrieved?
New one. Each Domain Controller has its own DSRM password. This password will store on local computer. In case if active directory services fail to start, you can use the password store on local server to login.
Hi, very well explained. I added additional domain controller but users unable to login in secondary DC when primary DC goes offline. Error getting- username or password is incorrect. Plz guide.
Is the replication is completed successfully? Make sure you provide the ADC (which is also DNS)'s IP address to client. so they can contact to second DC. I mean use both DC and ADC's IP address as preferred and alternate DNS Servers Address.
@@MSFTWebCast yes , replication completed successfully
@@bablududdi225 Did you check the DNS server information on client computers? Both Address should be there.
@@MSFTWebCast yes checked, both ip are there. I tried to login directly on the server with one user ID. Still same issue, getting error- user id or password is incorrect, try again later, plz advice.
@@bablududdi225 Then I dont think that the client computers are not able to contact the additional domain controller. Do one thing "Create a test user and try to login with the new test user." And let me know how it goes.
Thank god for CC
I know, you can say your ears are bleeding, Lol, In newer videos I have added hard-coded subtitle, thinking it might help.
Hi what's the difference between adding a dc to a new domain WITH add domain to existing forest?
1) Adding a Domain controller to an existing domain will create Additional Domain Controller. 2) Adding a New domain in an Existing Forest can create new child domain with parent domains namespace or New tree domain with different domain namespace. 3) Add a New domain will create a new domain in brand new forest.
Hi, waiting for your reply, as i got stuck after configuration of ADC. After shutdown primary domain controller, domain users are unable to communicate with ADC.
Are clients configured to use Additional Domain Controller? Did the replication is completed successfully?
@@MSFTWebCast yes replication is completed but how to prepare clients to use additional domain controller as in clients primary domain controller IP address is mentioned in preferred DNS. Do we need to configure forward lookup zone and reverse lookup zone for additional domain controller or what we need to so client can detect additional domain controller.
@@jigneshkhambhati3772 You just need to specify the additional domain controllers IP address as a secondary DNS servers address. There is no need to create forward or reverse lookup zone on ADC as dns zones are already replicated from primary domain controller.
@@MSFTWebCast ok will try by tomorrow and will let you know the results. Thanks for your support 🙏
@@MSFTWebCast hi i have tested it and it's working fine. Client is able to communicate with Additional Domain controller smoothly. But while trying to open Group Policy in Additional Domain controller, i am getting error that none of the domain controller are available. So what i need to resolve this because i am unable to change Group Policy in Additional Domain controller.
Can you setup a new DC on a different subnet? I keep getting RPC errors trying to join the domain.
Yes, but make sure that both can communicate with each other..
@@MSFTWebCast I think that should be pre-requisite and common sense
that means I have to download and install another window system in virtual machine I guess
You can clone your existing VM. And run sysprep with generalize option to generate new SID for the cloned VM.
i follow your video with details, but at 6:28 i cannot find any DNS rules on my second DC? Then when i tried to replicate AD sites & service failed with error "The RPC Server not available, this condition may caused by dns lookup problem" anyone can give the solution?
What you see in DNS manager on second ADC? Try to install DNS server on ADC?. The error is related to DNS since the DC is not able to resolve FQDN to IP which is required for replication.
@@MSFTWebCast There is empty/no record on ADC2... DNS Server roles already install on ADC2 after follow your video..... Any guesses?
🙏🙏🙏
WHAT ABOUT DHCP SERVER ?
You can add DHCP as well. Same method. But if want to add second DHCP the it is recommend to use in DHCP fail-over relationship.
Big India gud
welcome my friend hahaha too much indian guys
ok
אמא קר בחוץ תדליקי דוד
Thanks a lot