It’s recommended to have two domain controllers so that one can be used as a backup.
To add a secondary Windows Domain Controller, you should first open server manager and choose “Add roles and features.”
Then you should choose “Role based or feature-based installation.”
Under Server Selection, you should choose which server you want to install the role on.
Then under Server Roles you should choose “Active Directory Domain Servers.” Click “Add Features” in the popup that will ask if you want to add required Active Directory features.
Then click next and choose “Restart the destination server automatically if required.” Then wait for the installation to complete.
Since the role is now installed, you can make the server into a Domain Controller. In Server Manager you will see a message that asks you to promote the server to a domain controller. Click on the message, which will open a Deployment Configuration page.
Choose “Add a domain controller to an existing domain”. Type in your admin credentials and click next.
Check Domain Name System (DNS) server and Global Catalog (GC) on the next page. Choose a password for Directory Services Restore and click next.
In Additional Options choose where you want your new Domain Controller to replicate from.
Then choose install and reboot the server to verify the installation. You can run dcdiag /v in command line to verify the installation.
Article from: https://activedirectorypr...2-domain-controller/
Having one Domain Controller is not recommended because it creates a single point of failure. If the only Domain Controller goes down in the organization, big outages will occur resulting in a loss of operations. To avoid this single point of failure you need to have a secondary Domain Controller. A second DC will load balance the services and minimize the risk of critical services going down. In this article, I will walk through the steps to add a second Domain Controller in a Windows Server 2012 R2 domain.
For steps on adding the first domain controller, see this article Adding Windows 2012 R2 Domain Controller to a new forest.
1. The first step is to go into Server Manager and Select “Add Roles and Features”.
2. Click “Next on the “Before you begin” screen.
3. On Installation Type, select “Role based or feature-based installation” and click “Next”.
4. On Server Selection, select the server you want to install the role on, it should default to the local server. Click “Next”.
5. On Server Roles, select “Active Directory Domain Servers”. You will get a pop up to add features that are required for Active Directory Domain Services, click “Add Features” and then click “Next”.
6. On the features page click “Next”.
7. On the AD DS page click “Next”.
8. On the confirmation page click “Next”. You can have the server reboot automatically if needed by selecting the box “Restart the destination server automatically if required”.
At this point, Active Directory Domain Services should be installing. This will take a few minutes.
You will need to look under the progress bar to know when it is complete. It will say in small letters “installation succeeded”.
9. Now that the role is installed, we can promote the server to a Domain Controller. Back in Server Manager you will see a yellow triangle at the top right that needs to be clicked. In the message details click “Promote this server to a domain controller”.
10. On the deployment configuration page, select “Add a domain controller to an existing domain”. Enter the existing domain name, or select it from the domain field. You will get prompted for administrative credentials. Click “Next”.
11. On the Domain Controller Options page, Domain Name System (DNS) server and Global Catalog (GC) should be checked. The Default First Site name should be selected for the site name unless you have created a new one. I would recommend leaving it at the default. Enter in a password for the Directory Services Restore mode and click “Next”.
NOTE: Directory Services Restore MODE (DSRM) allows an administrator to repair or recover an Active Directory Database.
12. DNS Options
You will most likely receive the error below that says “A delegation for this DNS server cannot be created….” This is common. The wizard is trying to contact the nameservers for the domain I entered winadpro.com and is unable to create a delegation for the sub-domain ad.winadpro.com. This message can be ignored if you don’t need computers from outside of the network to be able to resolve names within your domain. More info on this error https://technet.microsoft...cc754463(WS.10).aspx
13. On the Additional Options page, select where you want this server to replicate from. In my environment, I want it to be able to replicate from any domain controller. The replication depends on how you installed the first DC and where it is located. If the DC’s are all in the same site, then replicate from any will work. If you have multiple sites, then you would have a different replication strategy. For my organization, we have 4 domain controllers all in the same site, so I have set them up to replicate from any.
14. On the paths page enter the desired folder settings and click “Next”. I would leave these to the default settings.
15. Review options and click “Next”.
16. The prerequisites check will now run and validate the settings. You should get a green check that all checks passed successfully. Click “Install”.
17. Reboot and verify.
Once the Active Directory Domain Services install and configuration is complete you will need to reboot. If you want to verify your install and health of the Domain Controller run dcdiag /v from the command line. You can also go into Administrative Tools, Active Directory Sites and Services and verify the new Domain Controller is listed under your site.
In conclusion, it is highly recommended to have multiple DCs in your organization. The benefit to this is it will load balance the services and minimize the risk of a complete network outage. Feel free to leave your comments or questions in the comment section.