Adding Windows 2012 domain controller

Hello,

?

I have a domain that is currently as follows:
Domain functional level: Windows Server 2003

Forest functional level: Windows 2000

?

There are currently 3 domain controllers.

DC01: Windows 2003 SP2

DC02: Windows 2003 SP2

DC03: Windows 2008 SP2?

?

I am planning on deploying a Windows 2012 R2 server that will be setup as a domain controller. In the near future the Windows 2003 servers will be shut down.

?

Are there any recommendations, steps that I can review in preparation for this move.

?

Thanks in advance.

?

Regards,

RealTimer



Your forest functional level will need to be raised at a minimum. 2012 will not promote to a DC with the level at 2000. It will throw an error indicating as much if you try.

Beyond that, nothing special. While the individual steps have changed a little, the overall concepts of AD are about the same. You run a wizard, it promotes the machine to a DC, and you look for replication errors. The wizard has changed, and it will now run any schema updates (but not functional level upgrades) instead of requiring manual adprep first. But the net effect is still the same. Schema updates are performed. The machine gets an AD database and the local security database is effectively not used for much (as has been the case since AD's inception in 2000 on a DC), and the system will attempt to replicate the data from another DC. Since you still have 2003 servers, that'll be FRS. When you retire them, you can upgrade your replication process to DFS-R which is more robust in a variety of ways, and has been supported since 2003 R2 for DC replication.



Your forest functional level will need to be raised at a minimum. 2012 will not promote to a DC with the level at 2000. It will throw an error indicating as much if you try.

Beyond that, nothing special. While the individual steps have changed a little, the overall concepts of AD are about the same. You run a wizard, it promotes the machine to a DC, and you look for replication errors. The wizard has changed, and it will now run any schema updates (but not functional level upgrades) instead of requiring manual adprep first. But the net effect is still the same. Schema updates are performed. The machine gets an AD database and the local security database is effectively not used for much (as has been the case since AD's inception in 2000 on a DC), and the system will attempt to replicate the data from another DC. Since you still have 2003 servers, that'll be FRS. When you retire them, you can upgrade your replication process to DFS-R which is more robust in a variety of ways, and has been supported since 2003 R2 for DC replication.



Make sure that before you promote this 2012 server as a DC that your logs and replication are clean from errors.

Also make sure that you take a System State backup of your current AD DC's before you do the Schema Update. Once you perform this update it is irreversible, and you will need a system state backup to revert the changes.

Most likely it should be fine but this is something that I always recommend.

Will.



Thank you guys.





Share this

Related Posts

There was an error in this gadget