Yes, we already do it! The nsdc container is actually a “remote” account provider. In the future I’d like to provide an additional DC to an existing AD domain. Here we talk about “replacing” (i guess there are limitations on what can be replaced) but should be similar to “add”: