Question about adding Windows 2012 R2 Domain Controller, into a native Windows 2008 R2 single forest domain

Similar Messages

• Questions About Adding First 2012 R2 domain controller to an existing 2008 Domain

  Our current domain controllers are all running Server 2008 and are VMs in our local office.  We plan to add a new domain controller and also create a new AD site.  This new domain controller will be the only domain controller in the new remote
  site.  It will also be a VM on a new 2012 R2 Hyper-V server at the new remote site.
  There is currently only one site (the default first site).
  The steps planned are to create a new site to represent the remote location in AD configured with the subnets that apply to the remote site.  (Computers in our local office should continue to use the domain controllers in our office and remote PCs should
  start using the new domain controller.)
  Then build the new domain controller VM, join to the domain as a member server and then promote it to domain controller of the new site.
  Are any steps missing?
  Do we need to do anything special with time sync settings on Hyper-V or will both the Hyper-V host and the domain controller guest just automatically sync time with the PDC domain controller across a WAN connection at the main site?
  Is there a way to prepare the domain/schema for the new 2012 R2 domain controller in advance so that the new domain controller can be installed later without needing Schema Admin or Enterprise admin permissions during the installation?

  > Where can I find what is correct for 2012 R2 domain controllers running
  > on Hyper-V 2012 R2 hosts?
  There's no "one fits all" advice on this topic, but I agree with Ahmed:
  Within a domain, the DCs provide a hierarchical time source, and since
  clients are required to be in sync with DCs, this is a "must be".
  If your HV hosts are member of the domain they are hosting, things can
  easily go crazy if you do not disable host time sync.
  Greetings/Grüße,
  Martin
  Mal ein
  gutes Buch über GPOs lesen?
  Good or bad GPOs? - my blog…
  And if IT bothers me -
  coke bottle design refreshment (-:

• Question About Adding Ram from other laptop to T-series Thinkpad

  Hi,
  I have a question about adding additional RAM. Right now I have a 4gb ram stick in the t510. I have an acer laptop which I do not need and there is a 4GB ram stick onboard (maybe two 2gb ram sticks) there in that older laptop. Would it be possible to add one stick of 2gb ram (or 4gb i need to check if it is 2 or 1) from the acer to the lenovo thinkpad making the total ram in the thinkpad over 4gb????
  Thanks in advance

  Hi Richk,
  Yes, I am using a 64-bit operating system. I am running on windows 7. And as for reported incompatibilities....technically taking a RAM from another laptop and placing it in the laptop should be the same as purchasing a RAM card from ebay or something and putting into the laptop right?

• How to test domain controller on upgraded Win Server 2008 R2

  The windows team recently upgraded the development environment for the domain controller from 2003 to Windows 2008 R2 and I am to test the Idm functionality on this upgraded version. Our current configuration is that the DC and Idm gateway runs on different machines. To test this new DC, i want to install the idm gateway on that server and run some onboarding and termination test cases just to make sure if the AD connection is working on the upgraded DC. But i am getting ’Input/output error’ when i try to install the service and from the documentation it says 'The most common cause of this is that you do not have rights to work with this service.'. The server admin tried installing the gateway with his id as well and it failed. He tested installing in on the 2003 version of DC and it worked, so its not a matter of permission (i think..)...
  Does anyone have any better idea on how to test an upgrade of a DC from version 2003 to 2008 R2? Any help in this matter is appreciated. We are running Idm 8.1 on a Windows platform and an upgrade to OW 8.1.1. Patch 2 is also in the works..
  Thanks in advance.

  I may have found a workaround. Can you try to change the "compatibility mode" in 2008 R2 to "Windows XP SP3" and see if it will install?
  Admittedly I have not done this myself so I'm not entirely sure where or how it's done, but I have confirmation it resolves the issue from others who have faced it.

• Installing a Windows 2012 Domain Controller into a 2000/2003 domain with Exchange 2003

  Hello,
      I have a client that we are planning to migrate to 2012 over time.  They currently have a Windows 200 DC and 2 member servers running Windows 2003, one of which is running Exchange 2003.
      We first are going to introduce a 2012 server into the domain and my plan was to DCPromo the 2003 server that isn't running Exchange and raise domain level to 2003 and then demote the 2000 server.  I was then going to install the
  2012 server into the domain and make it a backup Domain Controller for the time being and leave the newly promoted Windows 2003 server as the primary Domain Controller with all the roles and global catalog.  My question is will Exchange 2003 still function
  normally in this scenario?
     I've been doing research and read some things about Exchange 2003 not working with 2012 Domain Controllers, but I was thinking if the 2003 is still the primary, it might work.  We will eventually migrate to 2003, they just don't want to
  do it all at once, due to costs and other issues.
  Thanks.

  I didn't ask if it was supported, I just wanted to know if Exchange 2003 would continue
  to function if the Windows 2003 DC still held all the FSMO roles and Global Catalog.
  A not supported situation means that it is a situation where Microsoft made no testing or do not guarantee that you can operate with no problems. Following a not supported scenario could be done but is on your own risk.
  If it won't, can the 2012 server be a member server in the 2003 AD?  The 2000
  DC it is replacing, just shares files on the network in addition to being the lone AD server
  Yes, it can be a member server.
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Domain Controller, DHCP, DNS Migration from 2008 r2 to 2012 Essentials

  I would like to migrate Domain Controller, DHCP, and DNS functions to a new 2012 Essentials server in a 2008 r2 domain.  I would like  the 2008 r2 server to remain as applications server.  Is it possible to do this?  I've seen in TechNet
  a reference to this type of migration, but am concerned about the reference that after 21 days the 2008 will shut down.  Is it that the server will shut down or the Domain Controller function on the 2008 will shut down? I will need the 2008 setup as is
  for our application server, so I want to be sure that the migration will not interfer with that.

  As long as your existing server is not also an SBS or other Essentials server, it'll be fine. The shutdown after 21 days occurs when multiple SBS or Essentials servers are on the same domain.

• Bug found in Deploy a domain controller and member using Windows Azure Virtual Machines. With fix

  I have been working with the script found at
  http://gallery.technet.microsoft.com/scriptcenter/Deploy-a-domain-controller-2ab7d658 as a base for my azure deployments. I ran into a situation where if a VNetwork already had a DNS entry it wouldn't allow you to add another DNS entry. It would give
  an error similar to  
  Property 'DnsServersRef' cannot be found on this object. Make sure that it exists.
  This happened at line 447 of the original script.
  Line 447 looks like:
  $dnsServersRefElement = $foundVirtualNetworkSite.DnsServersRef
  I fixed the error by adding .node after $foundVirtualNetworkSite. Like this:
  $dnsServersRefElement = $foundVirtualNetworkSite.Node.DnsServersRef
  I hope that this gets fixed in the original script or that my post helps someone in the future.

  Please post comments and fixes to Gallery scripts by posting in the Gallery Q&A section for the referenced script.  THe owner of the script will be monitoring that but not this forum. Also other using the script will be alerted to your discovery.
  Here is the Q&Apage link:
  http://gallery.technet.microsoft.com/scriptcenter/Deploy-a-domain-controller-2ab7d658/view/Discussions#content
  ¯\_(ツ)_/¯

• Question about adding an index to a column and finding it back

  Hi, How do I see in phpMyAdmin that an index is added to a column.(I'm talking about adding an index by clicking on the lightning bolt!) I know how to add an index and see a warning that it's added (only after I add it).
  But where do I find it or a sign that it is added later on?!
  Thanks!

  You also may find better exposure for this question on the Dreamweaver Applications Development forum -
  http://forums.adobe.com/community/dreamweaver/dreamweaver_development

• Questions about adding files in LR3

  I've been a happy LR user for years. I used the LR3 beta and liked it (especially the 2nd version) and generally I'm very happy with the release version of LR3. But I have some questions about the import process.
  In LR2 I could edit off my Compact Flash cards (I know that's not smart, but sometimes on deadline fast is better than not smart) by adding the photos my library without moving them. That option is grayed out in LR3. Is there a way to turn it on or is this is a "new feature." If it's a permanent thing, maybe for 3.1 or the next incremental upgrade Adobe could make this possible with a popup (like we get when adding captions to multiple files) warning that editing photos on a CF (or SD) card is a bad idea. But let us make the decision.
  jack

  It's a deliberate change - time to adjust the workflow!
  John

• Another question about adding music to iPhone

  Apologies for yet another question regarding adding music to an iPhone but I am completely stuck.
  I bought a new laptop in January (it runs windows 8). I've authorised it and synced my phone to it before. I've used it to add music before.
  Lately I've just been buying music directly from itunes on my phone but I wanted to add some music from my older collection that is on an external harddrive.
  I've gone through the process of syncing the phone again, which has wiped whatever was on there. I made sure I'd ticked on the "manually manage music" box. 
  It's put all my purchased music back but it still will not let me drag and drop music from my external harddrive. When I hover over with the file it has "link" but it won't actually send the music to the phone.
  Is there a way for me to do this without putting music on to my itunes library? I don't like itunes and I definitely don't want to add the music to my laptop as it defeats the purpose of having an external harddrive! Sorry for such a long-winded explanation.

  Just to add... I've now tried adding music to the library (getting desperate here) and it's not letting me do that either. Just says 'link'.
  This is the most frustrating thing ever. Why are the simplest of tasks made so difficult? It seems like it only works if you buy the music from the iTunes store.

• X-Raid question about adding more drives

  Hi Guys.
  I am running an X Server (10.3.8 dual 2GHZ PPC G5)with an X-Raid attached. Right now it is only half full with a RAID5 volume that is my main file server.
  My question is can i add three 500GB drives into the empty slots of my X-Raid and congiure them as another RAID5 volume without killing my current drives setup on the X-Raid?
  Thanks for any help.

  You can do it hot. The 3 drives you insert will not affect the exiting RAID set in any way whatsoever. The Xserve RAID supports up to 3 RAID sets per RAID controller (each controller handles one "half" of the array -- so 7 drives). What you're doing is very common.
  The only thing I say is that you need to be sure you replace the 3 unused "blanks" and don't accidentally eject one of the drives that's already part of a RAID set. This should be pretty obvious as the "live" drives have blue and green lights, and the blanks have none, but other than that, it's a cakewalk.

• Integrating a Domain controller into a small office setup

  So this is where I am:
  I am trying to integrate a windows 2012 server which I can use as my domain controller in our office and run active directory from it, then eventually group policy, wsus, microsoft deployments and windows deployment toolkits etc.
  However because our current Mitel 3300 phone system sets the phone DHCP I don't want to mess the current network arrangement up.
  This is the internal structure:
  Our internet router's IP address 172.16.21.1
  Mitel 3300 Box IP address 192.168.10.10
  Default gateway 192.168.0.1
  So our IP phones sit on the subnet of 192.168.10.xxx and our PC's grab IP's such as 192.168.0.xxx up to 192.168.0.254.
  What should I set my DHCP settings on the Domain controller to see the PC's on the current network, and or the DNS settings as I am fairly new to this.
  If I havent explained anything properly please let me know and I will provide more info, thanks.
  Jan

  are all devices on the same backbone with two different subnets on it?
  Are phone and computer both DHCP clients i.e. no have static addresses?
  In server 2012 r2 DHCP you have the ability to rules  so the phones can get ip addresses from the phone system and the computers can get ip addresses for the Domain controller.
  Are you sure the phone system is DHCP for both and not your firewall? with two network adapters? or phone system one and firewall another dhcp?
  typically if you phone system is giving out DHCP it would need two ip addresses and interfaces to be able to host both subnets.

• New Domain Controller does not show in our different site's Domain controller's Sites and Services

  Hi,
  we have two sites in our AD environment. OMA site and NY site. we have three domain controllers in our OMA site and two domain controllers in our NY site. All our DCs are windows server 2008R2 except one in our OMA site that is 2003R2 the domain
  functional level is also 2003R2.
  We decided to raise our functional level to 2008R2. I added a new domain controller in our OMA site and transferred all FESMOS from the DC that was running 2003R2 to this new domain controller.
  the issue now is that our NY site does not make any connection with the new domain controller in OMA site. it does not even show it under sites and services. I have checked the DNS settings and everything. if you try to replicate the connections
  from NY site it gives the following error: "The naming context is in the process of being removed or is not replicated from the specific server."
  can anyone plz tell me why this is happening mt brain is just frozen at this moment and cant figure out why is this happening

  Just noticed this replication issue has been going on for a while now but we never noticed until I added new DC. here is the error log for the NY site DC.
  Log Name:      Directory Service
  Source:        Microsoft-Windows-ActiveDirectory_DomainService
  Date:          1/4/2014 8:11:40 AM
  Event ID:      2042
  Task Category: Replication
  Level:         Error
  Keywords:      Classic
  User:          ANONYMOUS LOGON
  Computer:      NORDC1.vertrue.com
  Description:
  It has been too long since this machine last replicated with the named source machine. The time between replications with this source has exceeded the tombstone lifetime. Replication has been stopped with this source.
   The reason that replication is not allowed to continue is that the two DCs may contain lingering objects.  Objects that have been deleted and garbage collected from an Active Directory Domain Services partition but still exist in the writable partitions
  of other DCs in the same domain, or read-only partitions of global catalog servers in other domains in the forest are known as "lingering objects".  If the local destination DC was allowed to replicate with the source DC, these potential lingering object
  would be recreated in the local Active Directory Domain Services database.
  Time of last successful replication:
  2013-05-16 15:26:38
  Invocation ID of source directory server:
  9236ac56-d046-4632-b072-acbe823c5f6c
  Name of source directory server:
  accde843-11b2-476c-9783-9b29252d0ba5._msdcs.vertrue.com
  Tombstone lifetime (days):
  90
  The replication operation has failed.
  User Action:
    The action plan to recover from this error can be found at
  http://support.microsoft.com/?id=314282.
   If both the source and destination DCs are Windows Server 2003 DCs, then install the support tools included on the installation CD.  To see which objects would be deleted without actually performing the deletion run "repadmin /removelingeringobjects
  <Source DC> <Destination DC DSA GUID> <NC> /ADVISORY_MODE". The eventlogs on the source DC will enumerate all lingering objects.  To remove lingering objects from a source domain controller run "repadmin /removelingeringobjects <Source
  DC> <Destination DC DSA GUID> <NC>".
   If either source or destination DC is a Windows 2000 Server DC, then more information on how to remove lingering objects on the source DC can be found at
  http://support.microsoft.com/?id=314282 or from your Microsoft support personnel.
   If you need Active Directory Domain Services replication to function immediately at all costs and don't have time to remove lingering objects, enable replication by setting the following registry key to a non-zero value:
  Registry Key:
  HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow Replication With Divergent and Corrupt Partner
   Replication errors between DCs sharing a common partition can prevent user and compter acounts, trust relationships, their passwords, security groups, security group memberships and other Active Directory Domain Services configuration data to vary between
  DCs, affecting the ability to log on, find objects of interest and perform other critical operations. These inconsistencies are resolved once replication errors are resolved.  DCs that fail to inbound replicate deleted objects within tombstone lifetime
  number of days will remain inconsistent until lingering objects are manually removed by an administrator from each local DC.  Additionally, replication may continue to be blocked after this registry key is set, depending on whether lingering objects are
  located immediately.
  Alternate User Action:
  Force demote or reinstall the DC(s) that were disconnected.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS Replication" />
      <EventID Qualifiers="49152">2042</EventID>
      <Version>0</Version>
      <Level>2</Level>
      <Task>5</Task>
      <Opcode>0</Opcode>
      <Keywords>0x8080000000000000</Keywords>
      <TimeCreated SystemTime="2014-01-04T13:11:40.963263500Z" />
      <EventRecordID>38018</EventRecordID>
      <Correlation />
      <Execution ProcessID="660" ThreadID="1596" />
      <Channel>Directory Service</Channel>
      <Computer>NORDC1.vertrue.com</Computer>
      <Security UserID="S-1-5-7" />
    </System>
    <EventData>
      <Data>2013-05-16 15:26:38</Data>
      <Data>9236ac56-d046-4632-b072-acbe823c5f6c</Data>
      <Data>accde843-11b2-476c-9783-9b29252d0ba5._msdcs.vertrue.com</Data>
      <Data>90</Data>
      <Data>Allow Replication With Divergent and Corrupt Partner</Data>
      <Data>System\CurrentControlSet\Services\NTDS\Parameters</Data>
    </EventData>
  </Event>

• Windows 2012 RDS CALs - OLP NL downgrade to Windows 2003 TS CALs

  Hi,
  Hope someone can shed some light on this inquiry
  I plans to purchase the following:
   2x Windows 2014 SQL STD 2 Core License OLP NL
   30 Windows 2012 RDS CALs (User or Device) OLP NL
             Breakdown example
              Site A = 10 
              Site B = 5
              Site C = 15
  Existing servers are Windows 2003 R2 STD running Terminal Services
  Tried setting up a Windows 2003 R2 TS Server and install TS Roles & Licensing Manager
  Questions.
   1. When I tried to add Windows 2003 TS CALs - OLP NL, the activation screen requires to enter the Authorization & License numbers.
   Can I use the Authorization and License number of the newly purchased Windows 2012 RDS CALs on the Windows 2003 TS Server?
   2. Should I get a separate Authorization & License number per site? (In the example above 3x Authorization & License numbers). Or can we use a single Authorization & License number for all sites? Each site is independent from each
  other.
   3. As I understand, SQL 2014 can be downgraded to any prior previous version at the same editions. (as far as SQL 2000, provided he has the installer), If client has an existing SQL 2003 STD activated already, does he need to change the license key?
  Thanks,
  Paul

  Hi Paul,
  Thank you for posting in Windows Server forum.
  Yes, you can use newly purchased server 2012 RDS CAL on server 2003 terminal server. 
  RDS and TS CAL Interoperability Matrix
  For detail regarding the licensee issue I suggest you to contact MS Volume Licensing.
  As per my research, I think you don’t have to change the old license key if client already have the key. And in regards to SQL server you can have a look over beneath article.
  SQL Server 2014 
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• Question about adding an Extra Node to SOFS cluster

  Hi, I have a fully functioning SOFS cluster, with two nodes, it uses SAN FC storage, Not SAS JBODS. its running about 100VM's in production at the moment.
  Both my nodes currently sit on one blade chassis, but for resiliency, I want to add another node from a blade chassis in our secondary onsite smaller DC.
  I've done plenty of cluster node upgrades before on SQL and Hyper-V , but never with a SOFS cluster. 
  I have the third node fully prepaired, it can see the Disks the FC Luns, on the SAN (using powerpath, disk manager) and all the roles are installed.
  so in theory I can just add this node in the cluster manager and it should all be good, my question is has anyone else done this, and is there anything else I should be aware of, and what's the best way to check the new node will function , and be able
  to migrate the File role over without issues. I know I can run a validation when adding the node, I presume this is the best option ?
  cannot find much information on the web about expanding a SOFS cluster.
  any advice or information would be greatfully received !!
  cheers
  Mark

  Hi Mark,
  Sorry for the delay in reply.
  As you said there is no much information which related to add a node to a SOFS cluster.
  The only ones I could find is related to System Center (VMM):
  How to Add a Node to a Scale-Out File Server in VMM
  http://technet.microsoft.com/en-us/library/dn466530.aspx
  However adding a node to SOFS cluster should be simple as you just prepared. You can have a try and see the result. 
  If you have any feedback on our support, please send to [email protected]