Using DCPromo to Promote AD Domain Controllers

The DCPROMO console utility is used on Windows Server to install the ADDS (Active Directory Domain Services) role, promoting a member server to the AD domain controller or demoting it.

dcpromo /unattend[:filename] /adv /uninstallBinaries /CreateDCAccount /UseExistingAccount:Attach [:{Promotion | CreateDcAccount | UseExistingAccount | Demotion}] /?:Promotion, /?:CreateDCAccount, /?:UseExistingAccount, and /?:Demotion

Dcpromo Command Line Arguments:

You can use the dcpromo tool for unattended installation of the first DC on the non-domain joined Windows Server. Create a new text file c:\dcpromo_unattend.txt with the following text.

[DCInstall] 
ReplicaOrNewDomain=Domain 
NewDomain=Forest 
NewDomainDNSName=theitbros.com 
ForestLevel=3 
DomainNetbiosName= theitbros 
DomainLevel=3 
InstallDNS=Yes 
ConfirmGc=Yes 
CreateDNSDelegation=No 
DatabasePath="C:\Windows\NTDS" 
LogPath="C:\Windows\NTDS" 
SYSVOLPath="C:\Windows\SYSVOL" 
SafeModeAdminPassword=Pa##w0rd11s 
RebootOnCompletion=Yes

Open the elevated command prompt and run the following command to promote current server to the first domain controller in a new domain forest theitbros.com.

dcpromo.exe /unattend:C:\dcpromo_unattend.txt

After the script finishes, you will get a fully functional domain controller with the ADDS role installed.

With the dcpromo /forceremoval command, you can demote the domain controller to the member server. If one of the FSMO roles is found on the domain controller, you will be asked to transfer it to another DC first. If this server is a Global catalog, a warning will also appeared.

Dcpromo was used to promote member servers to the domain controllers in Windows Server 2000, 2003, 2008, 2008 R2, however, starting with Windows Server 2012 and newer, the Dcpromo command has been deprecated.

When you try to run the dcpromo command on Windows Server 2012 R2, a warning will appear:

The Active Directory Services installation Wizard is relocated in Server Manager.

Thus, in Windows Server 2012 R2, 2016 and 2019, you can promote the Windows Server to the domain controller using the Server Manager or ADDSDeployment PowerShell module (which actually runs in the wizard “Promote this server to a domain controller” during installing the ADDS role when you specify the settings for the new DC.

To install the new DC using the ADDSDeployment module, you can use the following PowerShell script:

Install-WindowsFeature AD-Domain-Services -IncludeManagementTools

Import-Module ADDSDeployment 
Install-ADDSDomainController ` 
-NoGlobalCatalog:$false ` 
-CreateDnsDelegation:$false ` 
-CriticalReplicationOnly:$false ` 
-DatabasePath “C:\Windows\NTDS” ` 
-DomainName “theitbros.com” ` 
-InstallDns:$true ` 
-LogPath “C:\Windows\NTDS” ` 
-NoRebootOnCompletion:$false ` 
-SiteName “Default-First-Site-Name” ` 
-SysvolPath “C:\Windows\SYSVOL” ` 
-Force:$true

However, the dcpromo /unattend command can be used in different scripts to automatically configure a new DC on Windows Server Core (it contains no GUI).

• Author
• Recent Posts

Cyril Kardashevsky

I enjoy technology and developing websites. Since 2012 I'm running a few of my own websites, and share useful content on gadgets, PC administration and website promotion.

Latest posts by Cyril Kardashevsky (see all)

• How to Install and Configure SNMP Service on Windows 10? - December 25, 2020
• How to Migrate User Profiles with User State Migration Tool (USMT) on Windows 10? - December 24, 2020
• PowerShell: Convert String to Int - December 18, 2020