AD is the core of your network. It has ties to everything! As such, it makes sense that you would want this to be as redundant as possible. In Windows Server 2016, creating a secondary DC is so easy that you really have no reason not to do it. Can you imagine rebuilding your directory following a single server hardware failure where you have 100 user accounts and computers that are all part of the domain that just failed? How about with 1,000 or even 10,000 users? That could take weeks to clean up, and you'll probably never get it back exactly the way it was before. Additionally, while you are stuck in the middle of this downtime, you will have all kinds of trouble inside your network since your user and computer accounts are relying on AD, which would then be offline. Here are the steps to take a second server in your network and join it to the existing domain that is running on the primary DC to create our redundant, secondary DC. The larger your network gets, the more domain controller servers you are going to have.
Two Server 2016 machines are needed for this. The first we will assume is running Active Directory and DNS already, like the one we set up in our previous recipe. The second server is online, plugged into the same network, and has been named DC2
.
To create a redundant secondary DC, perform the following steps:
Creating redundancy for Active Directory is critical to the success of your network. Hardware fails, we all know it. A good practice for any company is to run two DCs so that everyone continues to work in the event of a server failure. An even better practice is to take this a step further and create more DCs, some of them in different sites perhaps, and maybe even make use of some Read-Only Domain Controllers (RODC) in your smaller, less secure sites. See the following link for some additional information on using an RODC in your environment: http://technet.microsoft.com/en-us/library/cc754719(v=ws.10).aspx.
18.226.34.205