How to: Install secondary domain controller as server core
You have a domain with one or more domain controllers (with desktop experience) already installed.
Now you need to install a new domain controller and want to have less effort for updates and better security.
Your choice should be a server core installation.
Let's see what you have to do to make a server core a domain controller.
This guide can be used for the following server systems:
Server 2012R2 Core
Server 2016 Core
Server 2019 Core
Used domain name for this guide is: doudislab.local
Promote Server Core to a domain controller
By default, server core starts in command line (cmd).
To be able to make the necessary configurations and promote the server to a domain controller, you need to start powershell.
Next let's see, which steps are needed to configure and promote this server to a domain controller in an existing domain.
Install needed server feature/role
Before a server can be promoted to a domain controller, the Active Directory Domain Services Role need to be installed.
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
After the installation of the feature/role, there are new commands available in the module ADDSDeployment.
They can be checked with the following command:
Get-Command -Module ADDSDeployment
Promote server to a domain controller
Next we will promote the server to a domain controller in an existing domain.
To do that, we need to type following PowerShell command.
Install-ADDSDomainController -InstallDns -Credential (Get-Credential <DomainName\Administrator>) -DomainName <DomainName> -SafeModeAdministratorPassword (ConvertTo-SecureString -AsPlainText "<Administrator Password>" -Force)
You will be prompted to enter again the password for the domain administrator.
Accept with [Y] Yes to continue.
The needed installations will be done and the server will reboot afterwards.
After the server has rebooted, log in with the domain administrator credentials and start the configuration page with "sconfig" to see the actual domain of the server.
And in the ADUC (Active Directory Users and Computers) on an other domain controller with UI, you will find the the new domain controller in the OU (Organizational Unit) named "Domain Controllers".
That's it! We made a server core into a domain controller in an existing domain.