In My Previous Post ("Promoting a Domain Controller on Windows Server 2012 "http://www.adshotgyan.com/2012/09/promoting-domain-controller-on-windows.html") we saw how to promote a new domain controller.
In this post, we will go through the process of promoting an additional domain controller. Although, there is not much of a difference, but since this is a new operating system (Windows Server 2012), I just want to make sure that we do cover each and every aspect of it
So Let`s Go.....
Using our previous lab, We have the following:-
Domain Controller: DC1
DNS Server: DC1
Domain: Source.com
Now, we have a Windows Server 2012 (DC2) which is currently in a Work Group and we need to promote this server as an additional domain controller
Server Manager.... Add Roles and Features
Select the Active Directory Domain Services Role
And this will add the required features Automatically...
I still remember those days when we use to install some components and then it would pop up with a message stating that it first require some other roles to be installed and then installing those components would have required a disc.. Ahh... Microsoft has made things so easy and on the fly...
And these are the features that are required and will be installed automatically with AD DS Role
Do you want to Reboot the Server Automatically when the Installation is Completed
Once the Installation is done, and you close the wizard, don't expect anything to happen automatically... Neither try to search for dcpromo again.... On the Server Manager Page, You will now notice a Yellow Exclamation Mark (As if Exclamation Marks are of different colors... Its always Yellow)
Click on that Notification Icon with the Exclamation Mark (Yellow Of course)
First, Let`s go to the Task Details
So there is something known as "Post Deployment Configuration"... And the Action is "Promote the Server as a Domain Controller"
Select the Link either from here "Task Details" or directly from the Notification" Window which we clicked earlier
And the Configuration Window now Launches
As said, Select the Link either from the "Task Details" or directly from this Notification" Window.
The DCPROMO has gone... But has left the same old options....
Deployment Options
- Add a domain controller to an existing domain
- Add a new domain to an existing domain
- Add a new forest
We need to choose the option "Add a domain controller to an existing domain"
Enter the domain name (Source.com)
Enter the credentials of the domain administrator (Source.com)
What else do you want to host on this domain controller??
- DNS
- GC
- RODC
Also, Specify the name of the site this domain controller will belong to after its promotion
At last, specify the password for the DSRM Mode
I keep on saying "remember"... coz that helps a lot in co-relating the new server with the old one
In Windows Server 2008, While running DCPROMO, during the installation of DNS, we use to get a small pop-up for Failed to get DNS delegation... That was because, by default when you install AD and DNS, the server tries to create a delegation for the zone above your domain name.. Like you are creating a domain lab.com, now the server will automatically try to connect to the zone (com) to create a delegation for your domain (lab) which it will fail (but of course) as you will be ab administrator of your own domain but do are NOT an administrator for the "com" domain.. Simple
So In Windows Server 2012, the same thing happens again but is displayed in a slightly different way
Now, Instead of the pop-up, you have this line and a small link "show more"
Click on "show more" and you get the same old pop-up which we use to get in Windows Server 2008
See the option "Create DNS Delegation" is Greyed Out
A new option which was not there when we promoted our first domain controller
Install From Media: Also known as IFM, this is basically used when we want to promote another domain controller and the domain controller to be promoted is at a site which do not have sufficient connectivity with the other site which has the other domain controller. We know that during the promotion of an additional domain controller, the additional domain controller replicates all the information of the active directory from an other domain controller which requires bandwidth. In the absence of sufficient bandwidth, the promotion of an additional domain controller may fail
At this time, we can use IFM. In IFM, we first take the backup of active directory from any other domain controller and then on this server to be promoted as a domain controller, we select the option of IFM. Once selected, the server will be installed from the backup that we have taken from the other domain controller instead of replicating the data
Along with, we now have another option which gives us an option to select the domain controller from which we want this server to replicate the information of active directory while promoting it as a domain controller. Usually, in previous version of operating system, the additional domain controller could go to any domain controller to replicate the data during the promotion of additional domain controller
But now we do have an option of specifying to which domain controller this server should go to get the information about active directory while promoting itself as an additional domain controller
Path for NTDS and SYSVOL
Final Configuration Page....
View Script ????
Great... The PowerShell Script... As I said Earlier, Just like Exchange 2007 (In which everything you do has an associated PowerShell Command getting displayed at the end), In Windows Server 2012 also the same thing happens... At the end of this deployment, it showed you the powershell script that will be executed and the same script you can use to promote another server
Another very cool feature... "Prerequisite Check"
Prerequisite Checker is there in Exchange 2007 and now has been incorporated in Windows Server 2012. This small but very efficient tool helps you to determine if there is feature/component which is missing before it actually starts installing Active Directory
All Checks Passed...
And now the configuration of Active Directory Starts... I will not be explaining all the forth coming slides as they are self explanatory.. They are the same which use to be in DCPROMO like Replication Domain Partition, Replication Schema Partition, Configuring DNS, LSA etc....
Done and About to Reboot
The Server Manager showing the Domain Information
Confirming if the Server is a Domain Controller (AD DS Role Installation)
Active Directory Users and Computers Snap-In showing DC1 as a Domain Controller
In this post, we will go through the process of promoting an additional domain controller. Although, there is not much of a difference, but since this is a new operating system (Windows Server 2012), I just want to make sure that we do cover each and every aspect of it
So Let`s Go.....
Using our previous lab, We have the following:-
Domain Controller: DC1
DNS Server: DC1
Domain: Source.com
Now, we have a Windows Server 2012 (DC2) which is currently in a Work Group and we need to promote this server as an additional domain controller
Server Manager.... Add Roles and Features
Select the Active Directory Domain Services Role
And this will add the required features Automatically...
I still remember those days when we use to install some components and then it would pop up with a message stating that it first require some other roles to be installed and then installing those components would have required a disc.. Ahh... Microsoft has made things so easy and on the fly...
And these are the features that are required and will be installed automatically with AD DS Role
Do you want to Reboot the Server Automatically when the Installation is Completed
Once the Installation is done, and you close the wizard, don't expect anything to happen automatically... Neither try to search for dcpromo again.... On the Server Manager Page, You will now notice a Yellow Exclamation Mark (As if Exclamation Marks are of different colors... Its always Yellow)
Click on that Notification Icon with the Exclamation Mark (Yellow Of course)
First, Let`s go to the Task Details
So there is something known as "Post Deployment Configuration"... And the Action is "Promote the Server as a Domain Controller"
Select the Link either from here "Task Details" or directly from the Notification" Window which we clicked earlier
And the Configuration Window now Launches
As said, Select the Link either from the "Task Details" or directly from this Notification" Window.
The DCPROMO has gone... But has left the same old options....
Deployment Options
- Add a domain controller to an existing domain
- Add a new domain to an existing domain
- Add a new forest
We need to choose the option "Add a domain controller to an existing domain"
Enter the domain name (Source.com)
Enter the credentials of the domain administrator (Source.com)
What else do you want to host on this domain controller??
- DNS
- GC
- RODC
Also, Specify the name of the site this domain controller will belong to after its promotion
At last, specify the password for the DSRM Mode
I keep on saying "remember"... coz that helps a lot in co-relating the new server with the old one
In Windows Server 2008, While running DCPROMO, during the installation of DNS, we use to get a small pop-up for Failed to get DNS delegation... That was because, by default when you install AD and DNS, the server tries to create a delegation for the zone above your domain name.. Like you are creating a domain lab.com, now the server will automatically try to connect to the zone (com) to create a delegation for your domain (lab) which it will fail (but of course) as you will be ab administrator of your own domain but do are NOT an administrator for the "com" domain.. Simple
So In Windows Server 2012, the same thing happens again but is displayed in a slightly different way
Now, Instead of the pop-up, you have this line and a small link "show more"
Click on "show more" and you get the same old pop-up which we use to get in Windows Server 2008
See the option "Create DNS Delegation" is Greyed Out
A new option which was not there when we promoted our first domain controller
Install From Media: Also known as IFM, this is basically used when we want to promote another domain controller and the domain controller to be promoted is at a site which do not have sufficient connectivity with the other site which has the other domain controller. We know that during the promotion of an additional domain controller, the additional domain controller replicates all the information of the active directory from an other domain controller which requires bandwidth. In the absence of sufficient bandwidth, the promotion of an additional domain controller may fail
At this time, we can use IFM. In IFM, we first take the backup of active directory from any other domain controller and then on this server to be promoted as a domain controller, we select the option of IFM. Once selected, the server will be installed from the backup that we have taken from the other domain controller instead of replicating the data
Along with, we now have another option which gives us an option to select the domain controller from which we want this server to replicate the information of active directory while promoting it as a domain controller. Usually, in previous version of operating system, the additional domain controller could go to any domain controller to replicate the data during the promotion of additional domain controller
But now we do have an option of specifying to which domain controller this server should go to get the information about active directory while promoting itself as an additional domain controller
Path for NTDS and SYSVOL
Final Configuration Page....
View Script ????
Great... The PowerShell Script... As I said Earlier, Just like Exchange 2007 (In which everything you do has an associated PowerShell Command getting displayed at the end), In Windows Server 2012 also the same thing happens... At the end of this deployment, it showed you the powershell script that will be executed and the same script you can use to promote another server
Another very cool feature... "Prerequisite Check"
Prerequisite Checker is there in Exchange 2007 and now has been incorporated in Windows Server 2012. This small but very efficient tool helps you to determine if there is feature/component which is missing before it actually starts installing Active Directory
All Checks Passed...
And now the configuration of Active Directory Starts... I will not be explaining all the forth coming slides as they are self explanatory.. They are the same which use to be in DCPROMO like Replication Domain Partition, Replication Schema Partition, Configuring DNS, LSA etc....
Done and About to Reboot
The Server Manager showing the Domain Information
Confirming if the Server is a Domain Controller (AD DS Role Installation)
Active Directory Users and Computers Snap-In showing DC1 as a Domain Controller
And the New
Start Page.....
