Deploy Windows Server 2012 R2 domain controller in 2008 domain

Similar Messages

• Running two instances of Windows Server 2012 Essentials R2 on the same domain

  We have Windows Server 2012 Essentials R2 running as a domain controller -- and have installed another licensed copy of the same thing on the same domain.  We want to use the 2nd server for running an LOB application and provide backup for the
  AD services. 
  The 2nd server is a member of the domain. Can I do this and have the 2nd server provide AD failover services like they do with 2012 Standard? 

  Two things to consider. In the XP and 2003 era, the OS was not written in a security-first fashion. While XP did have LUA, almost nobody used them. Then came Vista and UAC, and those prompts were a major pain point because nobody wrote for security. Fast
  forward 6 years and standard accounts are a normal best practice. Almost nobody in business recommends running daily tasks as administrator.
  I mention all this to illustrate that, similar to admin accounts, what you used to get away with no longer applies. Running LOB apps on a DC is just bad. Many times, the app just doesn't work. But even if you could get it to work, it is a terrible idea.
  If the stories of Home Depot, Target, and most recently Sony don't already give it away, I'll spell it out. We no longer live in an age where you can take shortcuts and expect to be safe. Large organizations make national news when they screw up. But small
  businesses are targeted just as often and are at just as much risk. From "leaking" their client info to having their data held for ransom, the small business is abused regularly, but never makes national news because they are, by definition, small.
  If you can take simple easy steps to help minimize that risk, such as keeping a domain controller free of other software and locked down, then it is almost unethical to do Otherwise in the modern computing era. The world ha changed. It is our responsibility
  as I.T professionals to change with it. That's why we get to call ourselves "professionals" in relation to I.T.
  So, what bad things? Risking the customer's very livelihood. I consider that pretty darn bad.

• Deploying Windows Server 2012 and Exchange Server 2013

  Hi All,
  Our Clinet is planning to implement Exchange Server 2013 as an email solution. There is no Active Directory Domain exists in the environment. So, we have planned to configure a Windows Server 2012 R2 Standard as a Domain Controller and Exchange
  Server 2013 Standard would be installed on another Windows Server 2012 R2 Standard.
  The setup would be for 250 users. Please guide me about the Cost of OS + Exchnage and CAL for 250 Users.
  Warm Regards,
  Prosenjit Sen
  Thanks & Regards, Prosenjit Sen.

  Another option would be to consider signing up for Office 365 instead of setting up the hardware and software for such a small number of users.  It will take a long time for the cost of the hardware, maintenance, and support to be less costly than Office
  365, if it would ever be less expensive.  There is a lot of maintenance required for Exchange, so unless your client already has someone experienced in configuring and maintaining Exchange, there is a lot of expense in bringing someone up to speed to
  perform those functions capably.
  Just a suggestion.  I do not work for Microsoft and I have no financial incentive to propose an Office 365 environment.  I just know that if I were running my own business, I would have to be convinced that my business required its own internal
  mail system when there are so many fully functional and capable mail systems available via subscription.
  . : | : . : | : . tim

• Testing windows server 2012 R2 Essentials with a "diferent" Domain name.

  Hi, i've been testing the essentials version server and i've found some tips to change the Domain name at the setup install moment of the server.
  but, when i try to use a Domain name like this: Mylocaldomain.com.mx
  it allows me to use the .com name but doesn't allow me to use the .mx suffix.
  do you know if there is a way to workaround this detail? or it won't be permitted at all. ?
  thanks in advance!

  Hi,
  Based on my experience, an internal corporate namespace that used for internal purpose does not need to end in a valid top-level domain. That is to say you can use .ux as the top-level domain if you only use the domain on internal.
  In your configuration, com is the second-level domain and
  mx is the top-level domain. In general, com is a kind of the core group of generic top-level domains
  which indicates that this name has been registered to a business organization for commercial use. Maybe it is due to you cannot use
  com as the second-level domain and you can use another second-level domain instead of
  com to see if the issue persists.
  Best regards,
  Susie

• Adding second domain controller in Windows server 2012 R2

  Hello, our primary domain controller is currently on a machine that has Windows Server 2008 R2 Standard. We are planning to setup a second domain controller as a failover to our primary domain controller. My question is, can we have a secondary domain
  controller on a Windows Server 2012 R2 even if our primary domain controller is on a machine that has Windows Server 2008 R2?

  I think I found the answer to my question.
  http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx
  "In Windows Server 2012, Adprep.exe is integrated into the AD DS installation process and runs automatically as needed. For example, when you install the first domain controller that runs Windows Server 2012 into an existing domain and forest, then adprep
  /forestprep and adprep /domainprep automatically run and report the results of the operations.
  Some organizations may prefer to run Adprep.exe separately in advance of an AD DS installation. For this reason, Adprep.exe is also included in the \Support\Adprep folder of the operating system disk.
  In Windows Server 2012, there is only one 64-bit version of Adprep.exe. It can be run remotely from any server that runs a 64-bit version of Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012. The computer where you run it can be either
  domain-joined or in a workgroup.
  The version of Adprep.exe in Windows Server 2012 includes new syntax and parameter options in order to run it remotely. For more information, see
  Adprep."
  For more information about the objects and containers that are created when the schema is extended to support Windows Server 2012, see
  Windows Server 2012: Changes to Adprep.exe.

• Activation windows server 2012 r2

  Hi. I have windows server 2012 r2 standart it is a domain controller. I have a product key. How can i activate the server??? Please Put the step by step instructions.

  Run these commands :
  Slmgr.vbs –ipk your product key
  Slmgr.vns –ato
  Arnav Sharma | http://arnavsharma.net/ Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

• Number of Windows Server 2012 R2 Essentials Servers

  I am looking at migrating a small real estate agency to Window Server 2012 R2 from Windows Server 2003 x86.  Looking to combine 12 servers ( Essentially PCs running Windows Server 2003) less than 20 users, to 2/3 dual core or quad core servers. I am
  looking at Essentials due to cost, but have some questions.
  1) Can you have more than one Windows Server 2012 R2 Essentials server in the environment? Since the server install defaults to being a domain controller.
  2) If you can have more than one Windows Server 2012 R2 Essentials, can you have more than one domain controller?
  2) Can you migrate/upgrade a Windows Server 2012 R2 Essentials server to Windows Server 2012 R2 Standard or Data Center?
  Thanks for you time.
  DJ

  I confirm your Suggestion that Windows Server 2012 R2 Essentials must be the domain controller at the root of the forest and domain, and must hold all the FSMO roles.
  You can have more than one Server(Standard, datacenter) with the Windows Server Essentials Experience role installed in your network.
  you can migrate from essentials Edition to Standard as Long you purchase the Standard license but is not possible to purchase th eupgrade license fro essentials to Standard. you need the full license.
  thanks
  diramoh 

• Upgrade windows server 2008 x86 to windows server 2012

  Hello i am using windows server 2008 x86 as my primary domain controller,
  I want to install windows server 2012 R2 and make it additional Domain Controller and transfer the roles to make it primary Domain Controller.
  How do i upgrade the Schema as i am using windows server 2008 x86. and how do i transfer the roles.

  Hello,
  After successful installation of the Windows 2012R2 OS, go to the server manager and Install the Active Directory Server Role: In server manager go to manage-> add roles and features wizard -> skip welcome -> Select Role-based or Feature based installation
  -> Select your local server -> Select Active Directory Domain Services (including management tools) -> go throughout the wizard and press finish. Note, that schema upgrade would take care by itself.
  After the Role installation you have to promote the server as an additional DC to an existing domain: On the flag on top of the server manager's console, there should be 1 notification. Press the flag and select the "Promote this server to a domain controller"
  link. Choose the option to add a domain controller to an existing domain and go through the wizard.
  After successful completion (including restart) open command prompt as admin and type ntdsutil.exe -> ntdsutil prompt opens -> type Roles -> type connections -> type connect to server <your new Win12 server name> -> type quit to go to
  FMSO maintenance prompt -> type transfer infrastructure master (confirm transfer) -> type transfer naming master (confirm transfer) -> type transfer PDC (confirm transfer) -> type transfer RID master (confirm transfer) -> type
  transfer schema master (confirm transfer).
  To verify transfer: type select operation target -> type list roles for connected server
  Exit ntdsutil.exe (ctrl+C) and confirm configuration status by checking the event viewer and by running dcdiag.exe in command prompt.
  Lefteris Karafilis 
  MCSE, MCTS, SEC+ 
  LinkedIn: http://www.linkedin.com/in/lkarafilis 
  Mail: [email protected] 
  Blog: http://www.karafilis.net 

• WScript exec method on windows server 2012

  Hi.
  A few years ago I coded an app that runs continuously on a reporting server that we have.
  It's job is basically access our ERP's software database and send emails originated from selected actions performed on the information system and provide some end of the day emails with a compilation of daily information.
  The sending email part of the app runs perfectly on my newly deployed Windows Server 2012. However, so the app can keep alive when we dont have internet connection, i rigged it with some code issuing a ping command to check if the outside world is reachable.
  And this is where everything goes south! The only message i get when the ping command is issued through the script is "Unable to contact IP driver. General Failure." This is a bummer since if use a command prompt window, the server pings perfectly.
  Previously the app ran fine on a windows server 2008 R2, so i'm guessing this is some kind of auth/security problem. However, i dont know how to fix it, hence this post.
  Does any of you can help? Feel free to ask any question you may think it would help to solve the problem.
  Thanks in advance.

  It would be helpful if you provided information about how you 'coded' this solution.  Is this running as a scheduled task?  If so, remember that the account it runs under is most likely different from the account you are running interactively. 
  Check permissions.
  2012 by default does not allow ping.  You need to enable the ICMP rule in the firewall.
  . : | : . : | : . tim

• Windows server 2008 R2 to Windows server 2012 R@ Upgrade

  We have Team Foundation server 2010 server configured in our environment.
  operating system: windows server 2008 R2 Datacenter
  Server installed: Team foundation server 2010 with share point services 3.0.
  we need to upgrade this server with windows server 2012 R2 and Team foundation server 2010 as it is.
  need to upgrade as below:
  operation system windows server 2012 R2 Datacenter
  Server Installed : Team foundation server 210 with sharepoint services 3.0 as it is.
  I have tried to direct upgrade by running a setup of windows server 2012 R2 but it shows error message if : "
  When you upgrade Windows Server 2008 to Windows Server 2012, you receive the following error message:
  Windows won’t install unless each of these things is taken care of. Close Windows Setup, take care of each one, and then restart Windows Setup to continue.
  Windows needs to be restarted so necessary changes to system files can be made before continuing.
  Make these changes:
  Turn off these Windows features.
  Windows SharePoint Services 3.0 – Please read Microsoft Knowledge Base article: 962216
  I have installed sharepoint 3.0 with sp3. but still I am geeing same error.
  we need to upgrade operating system,n in place.
  Kindly request you for the quick response.

  Hi,
  To understand more clearly regarding upgrading issue here providing you link for more information.
  Upgrade Options for Windows Server 2012 R2
  http://technet.microsoft.com/en-us/library/dn303416.aspx
  Install and Deploy Windows Server 2012 R2 and Windows Server 2012
  http://technet.microsoft.com/en-us/library/hh831620.aspx
  Hope it helps!
  Regards.

• Windows Server 2012 R2 Session Host Server Temp Profile issue.

  HI,
  I successfully Deployed Windows server 2012 r2 Terminal services with High Availability.
  After Rebooting Session Host Server i am facing Temp Profile issue. After i Deleted registry and rebooting server and tried to login again but same popup message you have login with temp profile.
  Any suggestions or any hints would be GREATLY appreciated
  /HR

  how did you delete the profile?
  also are you using UPD disks?
  What errors are shown in the event log if any?
  Regards,
  Denis Cooper
  MCITP EA - MCT
  Help keep the forums tidy, if this has helped please mark it as an answer
  My Blog
  LinkedIn:

• AD RMS cluster with windows server 2008 R2 and Windows Server 2012 R2

  please i'm trying to add ADRMS server with windows server 2012 R2 with our ADRMS 2008 R2 cluster. and it fails with the following error:
  "The Client DLL version doesn't match with the one of the servers"
  so i want to know is it supported to add  RMS 2012 R2 server to RMS 2008 R2 Cluster
  Thanks

  They can't coexist, but usually what happens is you add the 2012 server, it migrates your cluster database and then your 2008r2 servers can no longer connect.
  What is this value:
  DRMS_Config database
  dbo.DRMS_ClusterPolicies
  AdrmsFileVersion

• Windows Domain Controller on Windows Server 2012 R2: Hyper-V roaming profiles not loading due to slow connection

  I have racked my brain and done everything that I know to do for about two weeks now.  I am setting up a new system at our fire department and I am having the worst luck with getting the workstations to login to the domain controller with roaming
  profiles.  It keeps telling me that the roaming profile could not be loaded because of a slow connection.  These are workstations that are connected directly to the switch that the DC is connected to.  I have tried multiple connections regarding
  the layout (DC into the router, router into the switch).  The router is a Cisco RV220W.  I have two VLANS, one for public and one for private domain.  The Private VLAN has DHCP turned off since I am providing it through the DC.  I currently
  have a connection from the Private VLAN going to the unmanaged switch that the workstations and server are plugged into.
  The server is a Dell PowerEdge R420 that has 6 NIC ports (1 dual port and 1 quad port).  I have a virtual switch setup on Hyper-V for an external port (let's say Card 2 Port 3) that is assigned to the WS 2012R2 Domain Controller.  The DC can see
  the internet fine and the workstations can connect to the shared folders on the server.  I can retrieve files by just using the computer name or FQDN.  The DC is also running DNS and DHCP.  The DNS has the _msdcs setup from when I installed
  the active directory role.  I have attempted to assign static IP addresses to the workstations:
  IP:                     10.0.0.80
  Subnet:             255.255.255.0
  IPV4 Gateway:  10.0.0.1
  IPV4 DNS:        10.0.0.12
  I've attempted "append the specific DNS suffix", I've "registered the connection in DNS", I've used "use this connections suffix in DNS registration".
  The server is assigned:
  IP:                     10.0.0.12
  Subnet:             255.255.255.0
  IPV4 Gateway:  10.0.0.1
  IPV4 DNS:         10.0.0.12
  The DNS entries have forwarders that forward to my ISP DNS servers for lookup
  I've enabled and disabled DHCP, I've installed a new VM just to create another DC to make sure that I didn't goof up when I created it.
  I've lost my patience with this project and am sinking fast.  Can someone please offer some advice as to what I've done wrong?  I've created this exact scenario at work many times but, I've never done it with Windows Server 2012.  Is this
  possibly something to do with the Dell PowerEdge server (Generation 12) with the SR-IOV?  I am going to attempt to work on it some more tomorrow when I get over there.  I think there may be an issue with the SR-IOV not being enabled on the machine
  through the Dell Bios.  Would the SR-IOV really cause the workstations to report a slow connection?  When I login at the domain controller the roaming profiles and folder redirection work fine so, I know the GPO settings are correct.  I don't
  have "ignore slow connections" or any of those GPO's set.  I need to get it working the correct way so, I didn't want to fool the server when there is another underlying problem.  Any help that someone can offer, I am more than willing
  to listen.  If you need more information, please ask.
  Thanks,
  Jay

  So, I've managed to research this some more since Thursday and I've come to the conclusion that Hyper-V does a horrible job of supporting Qualcomm NIC cards. That's the only thing I can conclude as far as where the issue is originating. I've read many
  post and walkthroughs but nothing that has helped. The issue wasn't with any settings in the domain controller. The issue was that there really is a slow connection originating at the domain controller that is a VM and has network connectivity through the
  virtual switch from Hyper-V. So, next question is, how do I get the DC to have better connectivity through the NIC that Hyper-V won't give it? If hyper-v would allow passthrough, this would be so much simpler. VM-ware is looking really good at this point.
  Im disappointed in MS right now.

• Windows Server 2012 Standard - HP OfficeJet Pro 8600 Plus printer not working after promoting to Domain Controller / AD Services

  An associate and myself installed the built-in drivers for the HP OfficeJet Pro 8600 Plus multi-function (network) printer on a Windows Server 2012 Standard server installation and everything worked fine whenever I want to print anything directly from the
  Windows Server machine (there's a reason for this, so please understand that ;)  ).
  We were able to print without any problems from the Windows Server 2012 machine, using the drivers from Microsoft.  Mainly, because HP has not listed any specific support for Windows Server 2012, only Windows Server 2008 R2, however, the drivers that
  came with Windows 2012 seem to work very well.
  PROBLEM: I later had to promote the Windows Server 2012 to a Domain Controller, and created the Active Directory configurations, even enabled the Print Services.  After doing all of that, the HP printer will not print anything.  It's like all print
  requests directly from the Windows Server go to Nil.
  Has anyone encountered a problem like this before? The only thing I can think of is that after perhaps something affected printing directly once we promoted the server to being a DC, and added other features / roles.  I even tried installing the
  HP drivers for Windows Server 2008 R2, and the results are still the same...nothing prints.  Trust me, the printer is set as the Default Printer and even when choosing to print, we make sure the HP OfficeJet Pro is selected, and is on, as other Windows
  Client PC's can print to it directly.
  Does anyone have any suggestions we could try?  Thanks in advance.

  While it is quite a while since this was posted - I can concur a similar issue exists.
  We have spent the better part of a day trying to work out why other HP printers work fine but our 8620 prints are not printing and going to Nil.  The print server is hosted on a shared DC.  Comparing to the initial posters details, for some reason
  it seems to be most commonly related to the OfficeJet Pro 8600/8610/8620/8630 series printers.
  I ended up doing a print server migration from the domain controller to stand alone host and all printers now work from a single server rather than a mix.  Domain controller OSes varied from 2008, 2012, 2012 R2 (tested with multiple) and only after
  all of those failed then tried a stand alone server os machine as a last resort which worked fine.  Printing directly from Win 7 / 8 /8.1 clients to the IP always worked.

• Windows Server 2012 Foundation, in a Workgroup - "The server did not finish checking the license compliance. If the server is joined to a domain, make sure that the server can connect to a domain controller"...

  Every few days we see two dialogs with the following messages:
  Dialog 1, title: Check for Licensing Compliance is Incomplete
  The server did not finish checking the license compliance. If the server is joined to a domain, make sure that the server can connect to a domain controller.
  Dialog 2, title: Check for Licensing Compliance is Incomplete
  The server did not finish checking the license compliance. If the server is joined to a domain, make sure that the server can connect to a domain controller. If the license compliance check cannot be completed, the server will automatically shut
  down in 8 day(s) 23 hour(s) 0 minute(s).
  The server is not (and never has been) joined to a domain or had any DC roles installed. In fact its still connected to the default Workgroup.
  The server was configured in our office and never showed this message until it was installed on site. The main difference from what I can see is that when installed on site it was given a static IP address and does not have any DNS settings in the network
  adapter properties. 
  I have scoured a number of forums on this error but in almost every other instance of this error message the servers are connected to a Domain Controller and the solutions generally are linked to dis-joining and rejoining the domain. Unfortunately this is
  not an option for this scenario.
  I initially thought that adding some relevant DNS server IP address may resolve the issue, however, we have the exact same model server configured exactly the same running at a different site that does not experience this problem. This server also has no
  DNS server configured.
  I have seen a post that suggests turning off the servers "Foundation Checking", but I'm unsure how to do this.

  Thanks for your response Vivian.
  I can confirm that this server is not (and never has been) a member of any active directory, it is configured as a Workgroup server. It was initially configured on a network that does have an active directory, but was never joined to it. During that time it
  never displayed these messages.
  The server was moved into production on a different site and network and setup with a static IP address.The site network does have its own active directory but the server was not joined to it. It is whilst on this new network that these messages began.
  Since my original post DNS servers have been added and the Microsoft activation has been verified, however, the messages are still appearing.
  There are only 2 user accounts configured on this server. The local admin account and another local admin user.
  The remote desktop services roles have been installed but not yet configured. I don't think that has any bearing on this scenario though.
  The description of this error in the above "Introduction to Windows Server 2012 Foundation" link states:
  This error occurs when the server cannot finish checking the requirements for the root domain, forest trust configuration, or both. It usually happens when the server cannot connect to a domain controller. If the situation persists, the server will
  shut down 10 days after the first time the compliance check failed. Each time this error message occurs, it will state the actual time remaining before the server will shut down. If you restart the server after it has shut down because of non-compliance, the
  server will shut itself down again in 3 days.
  The above description leads me to the following question - In a Workgroup environment, does the server still try to contact a domain controller to establish a level of trust? If this is the case could it be that the server can no longer see the initial DC
  on its new network and this is what is triggering the messages?
  Am I clutching at straws here?