If your only domain controller is the box, I would install the R2 as a "regular" domain controller, not a RODC. That way you have a backup domain controller in case the server dies. Click Action, and then click Connect to. Click Select a well known Naming Context, select Configuration in the list of available naming contexts, and then click OK.
Confirm that the Revision attribute value is 2, and then click OK. Next, take a server running Windows Server , join it to a domain in your forest, and use Server Manager to promote the server to a domain controller.
After you finish introducing the new domain controller into your forest, rerun the preceding dsquery command on the domain controller on which you previously ran it. The output from the command looks like this:. The version number 56 indicates that the schema of your forest has been extended to include domain controllers running Windows Server Finally, take a server running Windows Server R2, join it to a domain in your forest, and use Server Manager to promote the server to a domain controller.
The version number 69 indicates that the schema of your forest has been extended to include domain controllers running Windows Server R2. Quick check. Before you can promote a server to a domain controller, you must first install the AD DS role on the server. When you complete the installation of the role, the final page of the AD DS Configuration Wizard prompts you to promote the server to a domain controller.
If you close the wizard at this point, you can still access the link to promote the server from the Notifications menu of Server Manager, as shown in Figure The steps of this wizard depend on which type of domain controller deployment scenario you are performing. The upcoming sections cover the following scenario types:. After you have added the AD DS role to the server, using the AD DS Configuration Wizard to promote the server to the first domain controller in a new forest involves the following steps:.
On the Deployment Configuration page of the wizard, shown in Figure , select the Add A New Forest option and specify the root domain for your new forest. Then proceed through the wizard and perform the steps that follow. In other words, you can think of the wizard as a UI that simply runs a Windows PowerShell command whose parameters are determined by the selections you make on the different wizard pages.
For example, if you are deploying the first Windows Server R2 domain controller in a new forest whose forest root domain is corp. Being able to view the script behind the wizard provides several benefits. Second, you can copy these scripts, customize them, and use them to automate the deployment of other domain controllers in your environment.
After you deploy the first domain controller in a new domain or forest, you should deploy at least one additional domain controller in the domain for fault tolerance. ADPREP extends the Active Directory schema and updates permissions as necessary to prepare a forest and domain for a domain controller that runs the Windows Server R2 operating system.
Non-system processes like dsamain. Launch the PowerShell ActiveDirectory module and type the following command to get the schema version. These methods allows you to easily identify the Active Directory schema version in use in your environment.
Domain controller upgrade steps Verify the target server meets system requirements. Verify Application compatibility. Verify security settings. Check connectivity to the target server from the computer where you plan to run the installation.
Check for availability of necessary operation master roles:. Active Directory AD is a Microsoft technology used to manage computers and other devices on a network. It is a primary feature of Windows Server, an operating system that runs both local and Internet-based servers. The only impact of raising the domain and forest functional levels is that you will no longer be able to deploy domain controllers from older versions of Windows Server.
This operation runs remotely; it contacts the infrastructure master in each domain to update the permissions. You need to run this command only once in the forest.
However, you can rerun this command any time if it fails to complete successfully because an infrastructure master is not available. You can run this command on any computer in the forest. You must be a member of the Enterprise Admins group to run this command. Specifies that no standard output is returned from an operation.
To prepare an existing Windows or Windows Server Active Directory environment for a Windows Server domain controller, be sure to run the version of Adprep that is included in the Windows Server installation media. You can also perform verification steps before and after you run the adprep command to help ensure that the operations complete successfully. Skip to main content. This browser is no longer supported.
0コメント