Hi. I am new to server software and I'm currently studying a few key text books while operating a small domain. Server 2008 R2 Trial with x1 XP pro and x1 Vista workstations. I apologise in advance if this a silly question, but I'm learning. The best practice analyser for the Active Directory Domain Services suggests I should have one or more controllers in case of failure, which I agree. I would also like to do this for the experience. Every instruction I have read on how to intsall a second controller states I should start DCPROMO.exe. When I do this I only get an option to delete my current controller. There is no option to add. So, I take you can't create two controllers on a single machine? This backup would be on a second machine and I would run DCPROMO.exe there? Is this true for child domains too? Any advice is welcome, thanks.

you cant promote the same installation twice, so yes, if the installation you run dcpromo on is already promoted, you only get the option to demote/remove domain. depending on your hardware, you can virtualize and have multiple installations on one physical hardware. that way you can have multiple installations (and thus promote 2 virtual machines) even with just one physical machine (which helps against corrupted installation of one domain controller but doesnt help against hardware failure) edit: the virtualisation solution in w2k8 r2 is the role hyper-v (requires x64 cpu and hardware virtualisation + data execution prevention, which have to be enabled in the bios)

No, unless you are virtualizing other systems, you can only have 1 domain controller on a system. The recommendation is to have domain controllers on different hardware and geographic locations. Each child domain also needs to have a DC on a separate system (virtualized or physical). -- Mike Burr

To install a second domain contoller, you should have another server and then you use DCPROMO.exe command. Installing two domain controllers on a single physical machine can be made by the use of hyperV. It is also the same thing for child domains too. If you want to install a second DC, I recommend to you to have a look on the FSMO rules and the best practises for assigning FSMO rules. This is a link where you can find the best practises for assigning the FSMO rules: http://windowsdevcenter.com/pub/a/windows/2004/06/15/fsmo.html

Where do you see the “delete my current controller” message? First join a new Windows 2008 server in the existing domain and use the following procedure: http://msdn.microsoft.com/en-us/library/ee797379(CS.10).aspx Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX http://blogs.sivarajan.com/ http://publications.sivarajan.com/ This posting is provided "AS IS" with no warranties, and confers no rights.

Hello, a DC can only run once for a domain. You have to use a second machine to install it as additional DC in the existing domain. For testing it is always a good idea to use Virtual machines instead physical. Virtual PC is one option to use. or any other virtual software vendors. A lot of this software is available as free version.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Hi. Thanks again everyone for your help. I'm following Jonathan Hassell's book among others and I just couldn't see the answer to that. In regard your question Santhosh about where I see the delete option; if I run DCPROMO on my current server it provides only a window with a tick box which offers to delete the domain controller because it's the last in the domain - I guess being the only controller. Thanks for those who suggested Virtual options but on trying Hyper V it turns out my Poweredge's early Xeon 2.8GHz CPUs don't support it. But it was a free server. I've checked out the FSMO rules and will certainly keep that in mind if I do decide to trial a 2nd server. Again, thanks everyone for taking the time to explain- it is great for us beginners.

You're welcome. If you need other help, you are welcome. Best regards.

If you run DCPROMO again from a Domain Controller you will see that option. You need to run DCPROMO from the second server to create a new DC. Here are the high level steps: 1. Install a new server and join it to the existing AD Domain 2. Perform DCPROMO on the new server and select “additional DC for the existing domain” option. http://msdn.microsoft.com/en-us/library/ee797379(CS.10).aspx Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX http://blogs.sivarajan.com/ http://publications.sivarajan.com/ This posting is provided "AS IS" with no warranties, and confers no rights.