- Active Directory
- Exchange Server
- Microsoft RDS/VDI
- SQL Server
- System Center
- Windows Clients
- Windows Server
Adding an additional Windows 2012 Domain Controller in an existing Windows 2003\2008\R2 domain
I talked about how to add an additional domain controller to an existing 2012 domain, but I know that most of you out there are still running on 2008/R2 or even 2003 servers (at the time of this writing). With that in mind I’ve created this guide to show you how to add a 2012 domain controller into an old environment running legacy OS’s. The procedure is the same, but server 2012 has some goods when it comes to preparing the forest and domains, and I just want you to see what those goods are.
For this guide I have a domain running on Windows server 2008 R2, and the 2012 server is not joined to the domain. You can join it, but is not a prerequisite since is going to add itself to the domain during the promotion. I presume you already configured your IP address scheme and installed the Active Directory Domain Services role, if not follow this guide, then come back here to continue. Before we actually start promoting the server to a domain controller the forest functional needs to be at least at 2003 level, or you will get the following error “Verification of replica failed. The forest functional level is Windows 2000. To install a Windows Server 2012 domain or domain controller, the forest functional level must be Windows Server 2003 or higher.”
Go to one of your Domain Controller, open Active Directory Domains and Trusts, right-click the server name (root level) and choose Raise Forest Functional Level. Select Windows Server 2003 or higher if you want to, and click Raise then OK twice. You might be thinking why I raised the forest first ! Doing this on a 2008 server will also raise the domain functional level to 2003 automatically. If your Domain Controllers are running on server 2003 you will have to raise the domain first, then the forest. Be careful, because raising the domain and forest functional level has some major implications in the environment.
Now try to promote the 2012 server to a domain controller, and it should pass the Deployment Configuration screen without errors. Provide the domain name and the credentials to connect to that domain then click Next.
Type the Directory Service Restore Mode password then continue the wizard. Leave the rest at their default settings, because I want this to also be a DNS and a Global Catalog server for this domain.
Ignore this message and continue the wizard. The DNS delegation will be created automatically during the promotion.
Choose the replication partner, especially if you have sites.
Here you can change the default paths for the AD database and log files. For this example however, I’m going with the defaults.
This is what I wanted you to see. With server 2012 you don’t have to prepare the forest and the domain ahead of time, like you did in 2003\2008\R2. The wizard will automatically prepare both of them; off course, if the account you mentioned in the first screen of the wizard (Deployment Configuration) has enterprise admin rights. I said enterprise, because the wizard needs to modify/prepare the schema.
If the account doesn’t have this rights, well…you will have to do it the old way. Go to one of the existing Domain Controllers, mount the Windows Server 2012 DVD, open a terminal and browse to Z:\support\adprep. Where Z is your DVD drive letter. Here issue the following command:
After the forest is prepared, issue another command to prepare the domain:
If you have or you will predict having Read-only Domain Controller in your infrastructure run the following command:
Now that everything is in order, continue the wizard on the 2012 server. After reviewing your selections, click Next to continue.
The wizard now checks if all the prerequisites are met, and if they are, click the Install button to promote this server to a Domain Controller.
After reboot, the server is a full functional Domain Controller.
You might also like:
- Creating a first Windows Server 2012 Domain Controller
- Cloning Active Directory Domain Controllers with Windows Server 2012
- Deploying and Configuring an Read-Only Domain Controller (RODC)
- Installing an Enterprise Certificate Authority in Windows Server 2012
- In-Place Upgrade from 2003 R2 DC to 2008 R2
- Installing Distributed File System (DFS) on Windows Server 2008 R2
- Installing and configuring a Microsoft Online Certificate Status Protocol (OCSP) Responder
- Backing up Domain Controllers using Windows Server Backup and DPM
- Creating an Active/Pasive SQL Server Failover Cluster
- Delegate Access Control and Management in Hyper-V
- Building an Active Directory (AD) Test Lab using VMware Workstation
- Creating a Group Policy Central Store
- Securing Websites in Microsoft IIS 7/8 with SSL
- Configuring Cluster-Aware Updating in Server 2012
- Restrict users from login to Remote Desktop Web Access
- Request and install SSL Certificates in Microsoft IIS 7/8