2.3 Additional domain controller in domain
You can use the Install-ADDSDomainController cmdlet to install
an additional domain controller in an existing domain. For example,
the following command installs and promotes a new domain controller
and DNS server in the corp.adatum.com domain using domain
administrator credentials:
Install-ADDSDomainController -InstallDns -Credential `
(Get-Credential CORP\Administrator) -DomainName corp.adatum.com
You will be prompted to provide and confirm the Directory
Services Restore Mode (DSRM) password during the installation
process.
If you want to use local administrator credentials instead of
domain administrator credentials for this process, omit the
–Credential parameter as follows:
Install-ADDSDomainController -InstallDns -DomainName corp.adatum.com
If you want to be prompted to supply the credentials needed to
install and promote the domain controller, use the following command
instead:
Install-ADDSDomainController -InstallDns -Credential `
(Get-Credential) -DomainName corp.adatum.com
You can use the Invoke-Command cmdlet to install several
additional domain controllers at once like this:
Invoke-Command -ComputerName SEA-SRV-2, SEA-SRV-3 -ScriptBlock `
{Install-ADDSDomainController -InstallDns -DomainName corp.adatum.com}
Note
Multiple line commands
The backtick character is an escape character in Windows
PowerShell that is appended to a line to indicate that the command
continues on the next line.
2.4 First domain controller in a child or tree domain
You can use the Install-ADDSDomain cmdlet to install a new
child or tree domain in an existing forest by deploying the first
domain controller for the new domain. For example, to install and
promote a server to become the first domain controller of a child
domain hq in the parent domain
corp.adatum.com, use this command:
Install-ADDSDomain -Credential (Get-Credential CORP\Administrator) `
-NewDomainName hq -ParentDomainName corp.adatum.com -DomainType ChildDomain `
-InstallDNS -CreateDNSDelegation
For more information on the syntax for this command, use the
Get-Help cmdlet.
2.5 Read-only domain controllers
You can use the Add-ADDSReadOnlyDomainControllerAccount cmdlet
to create an RODC account that can be used to install an RODC in
your forest. After the RODC account has been created, you can use
the Install-ADDSDomainController cmdlet with the
–ReadOnlyReplica parameter to deploy a new RODC
in an existing domain. For more information on these cmdlets, use
the Get-Help cmdlet.
