Create a new domain controller

Here's a step-by-step guide to creating a new domain controller:

Prerequisites:

• You have a Windows Server operating system installed (e.g., Windows Server 2019, Windows Server 2016, etc.).
• You have a domain name and a DNS server set up.
• You have a valid Active Directory license.

Step 1: Promote a Server to a Domain Controller

1. Open the Server Manager console on the server you want to promote to a domain controller.
2. Click on "Add roles and features" in the top-right corner of the console.
3. Select "Role-based or feature-based installation" and click "Next".
4. Select "Active Directory Domain Services" and click "Next".
5. Click "Install" to install the Active Directory Domain Services role.
6. Once the installation is complete, click "Promote this server to a domain controller" in the Server Manager console.
7. Enter the domain name and credentials for the domain administrator account.
8. Choose the domain functional level (e.g., Windows Server 2019, Windows Server 2016, etc.).
9. Choose the forest functional level (e.g., Windows Server 2019, Windows Server 2016, etc.).
10. Click "Next" and then "Install" to promote the server to a domain controller.

Step 2: Configure the Domain Controller

1. Once the promotion is complete, you'll be prompted to configure the domain controller.
2. Enter the domain controller's name and credentials for the domain administrator account.
3. Choose the domain controller's IP address and DNS server settings.
4. Choose the domain controller's time zone and locale settings.
5. Click "Next" and then "Install" to complete the configuration.

Step 3: Verify the Domain Controller

1. Open the Active Directory Users and Computers console on a domain-joined computer.
2. Verify that the new domain controller is listed in the console.
3. Verify that the domain controller is replicating with the existing domain controllers.
4. Verify that users and computers can authenticate to the domain using the new domain controller.

Additional Tips:

• Make sure to configure the domain controller's firewall settings to allow incoming traffic on the necessary ports (e.g., 88, 135, 445, etc.).
• Make sure to configure the domain controller's DNS settings to point to the existing DNS server.
• Make sure to configure the domain controller's time settings to synchronize with the existing domain controllers.
• Consider configuring the domain controller's security settings to meet your organization's security requirements (e.g., configuring firewall rules, configuring access controls, etc.).