Windows Server 2012 provides advancements to every area of IT services, and that certainly includes Active Directory. Whether you’re looking to take advantage of Dynamic Access Control, begin virtualizing your Active Directory infrastructure, or start using one of the other amazing features that Windows Server 2012 Active Directory offers, it all begins with getting a Windows Server 2012 added as a domain controller.
Similar to previous versions of Windows Server, you start the process of making a server into a domain controller by adding the Active Directory Domain Services roles to your computer. However, in Windows Server 2012, you do not run dcpromo to promote your server to a domain controller. In Windows Server 2012, dcpromo has been deprecated.
So what replaces dcpromo in Windows Server 2012? There are now two ways to promote your server to a DC. The first option is to use PowerShell. This provides the ability to script the process, save the script, or batch the process out to multiple servers. The second option is a task made available in Server Manager that can be run to begin the promotion wizard.
If you are going to be creating the first domain in a new forest, log on as the local Administrator. If you’re adding a new domain in an existing forest, be a member of the Enterprise Admins group for the forest you’re going to join. To add a new domain controller to an existing domain, be a member of the Domain Admins group.
Once you’re logged into the server with the correct account, you’ll next add the Active Directory Domain Services feature to your server. You can install the Active Directory Services feature on to Windows Server 2012 by both PowerShell and Server Manager.
The fastest method of installing features in Windows Server 2012 is with PowerShell; let’s take a look at the steps needed to accomplish this.
Add-WindowsFeature -name ad-domain-services -IncludeManagementTools
It doesn’t get any easier than that, but in case you want to do it the hard way, I’ll show you how to add the Active Directory feature to your Windows Server 2012 using Server Manager, too.
The nice part about using the Server Manager method is that it takes you directly into running the Active Directory Domain Services Configuration Wizard, which is the utility which replaced the deprecated dcpromo.
Now that you’ve installed the features, you will need to promote the server into a domain controller.
After installing the Active Directory Domain Services feature on your server, you can promote the server to a domain controller. If you have just finished the feature installation, the AD DS Configuration Wizard begins automatically.
However, if the feature installation has already been closed, you can start the Active Directory Domain Services Configuration Window by clicking the Tasks icon along the top of Server Manager.
A reboot is required and it happens automatically by default.
You can also automate this process with PowerShell.
There are three PowerShell cmdlets, which coincide with the three deployment options:
|Install-ADDSDomainController||Creates a new domain controller in an existing domain|
|Install-ADDSDomain||Creates a new domain in an existing forest|
|Install-ADDSForest||Creates a new forest|
To use Install-ADDSDomainController, only three things are required:
There are many more optional parameters that can be used, which specify everything from where to find the installation media, to whether or not to reboot when it’s completed.
The simplest example of this is:
To use Install-ADDSDomain, you must also specify the parent domain name. Just as when using PowerShell to add a domain controller, you may either supply the Directory Services Restore Mode password in the cmdlet, or provide it when prompted.
This is an example of how to create a new domain in a forest with PowerShell:
Install-ADDSDomain -NewDomainName mychildn ` -ParentDomainName mydomain.local; ` -InstallDNS ` -CreateDNSDelegation ` -DomainMode Win8 ` -ReplicationSourceDC dc0.mydomain.local
Note: The ` character is used to continue the command on the next line
To use Install-ADDSForest, all that needs to be provided is the forest name. A prompt will allow the Directory Services Restore Mode password to be entered, and DNS is installed by default during a forest installation.
An example of this would be:
Or you could be more specific:
Install-ADDSForest –DomainName mydomain.loca ` -CreateDNSDelegation ` -DomainMode Win8 ` -ForestMode Win8
Though Windows Server 2012 removes the dcpromo that system engineers have been using since 2000, they have not removed the functionality. If a GUI is preferred by an active directory engineer, they may still have much of the look and feel provided through Server Manager. If a script or a command line interface is preferred, new cmdlets in PowerShell provide all of the flexibility of the GUI, with the added benefit or scalability and reusability.