1. Preparing for domain-controller deployment
The steps for preparing to deploy Windows Server 2012 domain
controllers using Server Manager differ depending on whether you are
deploying the first domain controller in a new forest, deploying
additional domain controllers in the new forest, or deploying domain
controllers in an existing forest whose domain controllers are running
an earlier version of Windows Server.
Preparing for deploying the first domain controller in a new
forest
To deploy the first Windows Server 2012 domain controller in a
new forest, you should either log on locally to the server or
connect to it using Remote Desktop. No other preparation is needed
for this scenario.
Preparing for deploying additional domain controllers in the
new forest
After you create a new forest by deploying your first Windows
Server 2012 domain controller, you can use Server Manager to deploy
additional domain controllers in an existing domain, create new
child domains, or create new tree domains. These tasks can be
performed remotely by using Server Manager on any Windows Server
2012 domain controller or member server, or on a Windows 8 client
computer that has the Remote Server Administration Tools (RSAT)
installed.
The recommended steps for preparing to use Server Manager to
deploy additional domain controllers are as follows:
-
Make sure you have the appropriate credentials for the
task you are going to perform. For example, if you are going to
add additional domain controllers to an existing domain, make
sure you have Domain Admin credentials for that domain. If you
are going to create a new child domain, make sure you have
Enterprise Admin credentials.
-
Add the remote servers you’ll be promoting to domain
controllers to the server pool so that you can manage them
remotely using Server Manager.
-
Create a new server group for the remote servers you’ll be
promoting to domain controllers, and add the servers to the
server group. Doing this makes it easier to promote multiple
remote servers to domain controllers simultaneously.
Preparing for deploying domain controllers in an existing
forest
Adding Windows Server 2012 domain controllers to an existing
forest or domain running an earlier version of Windows Server first
requires that the existing Active Directory schema be extended. In
previous versions of Windows Server, Adprep.exe was used for
extending the schema.Adprep is a command-line tool that was
available in the \support\adprep folder of Windows Server 2008 R2
installation media or in the \sources\adprep folder of Windows
Server 2008 installation media. The Adprep command uses parameters
such as /forestprep and
/domainprep to prepare an existing forest for
the introduction of a domain controller running a newer version of
Windows Server.
Beginning with Windows Server 2012, however, Adprep is now run
automatically as needed when you deploy a new Windows Server 2012
domain controller in an existing forest or domain running an earlier
version of Windows Server. This change simplifies the task of adding
Windows Server 2012 domain controllers to an existing forest or
domain running an earlier version of Windows Server because you no
longer need to manually run Adprep before introducing the new domain
controllers into your forest.
Adprep is also available as a standalone command-line tool in
the \support\adprep folder of Windows Server 2012 installation
media. The standalone version of Adprep is required for certain
scenarios, such as performing an in-place upgrade of your first
Windows Server 2012 domain controller, where you must run Adprep
manually to prepare your forest and its domains before you begin
upgrading your existing domain controllers to Windows Server
2012.
Note
Adprep syntax
To display the syntax and usage examples for Adprep, type
<drive>\support\adprep\adprep at a command prompt
where drive is the letter for the drive where
your Windows Server 2012 installation media can be found.
The Windows Server 2012 version of Adprep can be used to
extend the schema of an existing forest whose domain controllers are
running any of the following versions of Windows Server:
-
Windows Server 2008 R2
-
Windows Server 2008
-
Windows Server 2003 R2
-
Windows Server 2003
However, the following considerations apply when running the
Windows Server 2012 version of Adprep:
-
You must have the credentials of a member of the
Enterprise Admins group to run the Adprep
/forestprep command.
-
Adprep can be run only on any server (domain controller,
member server or standalone server) that is running a 64-bit
version of Windows Server 2008 or later. You cannot run Adprep
on a server running Windows Server 2003 or a 32-bit version of
Windows Server 2008.
-
The server you run Adprep on must have network
connectivity to the schema master of the existing forest.
-
The server you run Adprep on must have network
connectivity to the infrastructure master of the existing domain
where you want to add a new Windows Server 2012 domain
controller.
Note
REAL WORLD Verifying
Adprep
The Dsquery.exe command-line tool can be used to verify
whether Adprep has extended your forest’s schema.For example,
let’s say your existing forest has domain controllers running
Windows Server 2008 R2. To determine the current schema level of
your forest, open a command prompt on one of your domain
controllers and run the following command:
dsquery * cn=schema,cn=configuration,dc=fabrikam,dc=com -scope base
-attr objectVersion
The output from this command looks like this:
objectVersion
47
Now take a server running Windows Server 2012, join it to a
domain in your forest, and use Server Manager to promote the
server to a domain controller. After you finish introducing the
new domain controller into your forest, re-run the preceding
dsquery command on the domain controller you
previously ran it on. The output from the command looks like
this:
objectVersion
56
The version number 56 indicates that
the schema of your forest has been extended to include domain
controllers running Windows Server 2012.
Quick check
Quick check answer
