We have demonstrated the installation of Active Directory Domain Services (AD DS) in Windows Server 2008 in one of our Core Server screencasts – How to Install a Windows 2008 Server Forest – Adding AD Domain Services Role. The process of installing an additional Domain Controller – a Replica DC, is performed in a similar way. Very often, the new Domain Controller is placed in a remote site connected with a broadband connection to the headquarters. During the promotion of the new DC, the initial replications of all Active Directory could be time and bandwidth consuming.
The Install from Media (IFM) option has been available in Windows Server 2003 – you could create installation media by restoring a system state backup of another domain controller.
One of the many new features in Windows Server 2008 is the improved NTDS utility which provides you with a nice and easy way to create AD DS installation media. Once you see it, you are going to love it. You can still use a system state backup as installation media in Windows Server 2008, but a system state backup of a domain controller that runs Windows Server 2008 typically includes more data than is required to perform an IFM operation. In addition, working with System State Backups and Restores is going to be a topic of a different Screencast.
The new ntdsutil ifm subcommand is also recommended, because you can use it to remove secrets, such as passwords, from the AD DS database, so that you can install a read-only domain controller (RODC). When you remove these secrets, the RODC installation media is more secure if it must be transported to a branch office for an RODC installation.
You must use writable domain controller installation media to install a writable domain controller, while you can use writable domain controller installation media or RODC installation media to install an RODC.
You can use a 32-bit domain controller to generate installation media for a 64-bit domain controller, and vice-versa. The installation media can be stored on a local drive, removable media such as a DVD, or on a network shared folder.
In the following Screencast, we demonstrate the whole scenario of adding an additional Server Core Domain Controller in a remote office using Install from Media (IFM). The video steps include creating a new site and adding subnets in Active Directory Sites and Services, Preparing and checking the Active Directory Installation Media, promoting the new DC at the remote site using IFM and checking the result of the promotion.