#1. Enable WinFeature & Management tools
First of all you install the AD Domain services windows feature and include the management tools, on all domain controllers.
# Run PowerShell Ise as administrator
Install-windowsfeature -name AD-Domain-Services –IncludeManagementTools
#2 Install AD DS Forest
next is to install the forest and first domain controller. Remember to add Db, Sysvol and Logpath on a separate datadisk.
Install-ADDSForest -DomainName karmazure.com -DatabasePath “D:\Windows\NTDS” -SysvolPath “D:\Windows\SYSVOL” -LogPath “D:\Windows\Logs”
#3 Install additional Domain Controllers
Domain join the additional VM’s planned for DC role, and enable the AD Domain Services features from #1. Then you are ready to run this in PS:
Install-ADDSDomainController -DomainName karmazure.com -DatabasePath “D:\Windows\NTDS” -SysvolPath “d:\Windows\SYSVOL” -LogPath “D:\Windows\Logs”
#4 Transfer FSMO roles
Since this is a single forest domain, I will transfer the Infrastructure master role to the second DC., this because the Infrastructure master got nothing to do in a single domain.
First load AD PS lib,
To shorten the command line syntax you can use role numbers in place of the role names. The following list details the role number for each of the five FSMO roles.
PDC Emulator – 0
RID Master – 1
Infrastructure Master – 2
Schema Master – 3
Domain Naming Master – 4
Move-ADDirectoryServerOperationMasterRole -Identity “KARMAD02” –OperationMasterRole 2
You can also use this to transfer roles later for version upgrade or force when a DC is broken/down. To identify the DC’s holding the roles run this two cmdlets in PS:
Get-ADForest karmazure.com | Format-Table SchemaMaster,DomainNamingMaster
Get-ADDomain karmazure.com | format-table PDCEmulator,RIDMaster,InfrastructureMaster
More info here: http://technet.microsoft.com/en-us/library/hh472160.aspx