Active Directory 2003 to 2012 R2 Migration – Part 3 – Deploying, Prepping and Promoting 2012 R2 DC

Well it’s been a while since I last had some free time to continue this set of blogs,  (Server 2003 has just as of this week gone end of life so now more than ever it’s time to get away from 2003 if you’re still running it!)

This is the part where you can start to get hands on with Server 2012 R2. I’m not going to talk you through the build and installation process, I think you can manage that on your own. Instead once you’ve got your newly deployed 2012 R2 server, start by getting it joined to the domain.

Once it’s on the domain, we can now look at prepping active directory so it will be ready when we promote this standalone server to a domain controller.

*Note* We are using the adtasks account as mentioned in part 1 – introduction. NOT the builtin administrative account for this.

*IMPORTANT* – Always ensure you have tried and tested backups of AD BEFORE proceeding! 

Open up an administrative command prompt and browse to the 2012 R2 DVD.

The directory we need is \support\adprep, so browse to that directory.

Now run the command adprep /forestprep (this will go through and update the schema)

As mentioned in the introduction blog, I was going to take you through required permissions, as can be seen in the screen shot above you need to be a member of the EA and Schema admins group before continuing. Make sure the account you are using is a member of these and then log off/log on and re-run the command

It will now run through updating the schema from 30 to 69

It shows as completing successfully, so lets switch back to the 2003 domain controller and verify the schema version is now updated

Now the forest has been updated, it’s time to run /domainprep

Finally, /gpprep

*Note* – From Server 2012 and later, adprep is an automated background task when you install ADDS. It is not required to be run manually.

We are now in a good state ready to promote the windows 2012 R2 server as a domain controller, so lets run DCPROMO

As you can see from the informative alert, DCPROMO from the command line has been retired in server 2012, so lets navigate to server manager and select “add role and features”, and follow the first few screens before the roles selection window.

Select “Active Directory Domain Services”

Select “Add Features” to the next box which pops up

Follow the wizard through until you reach the install window. Click install and let the installation complete

Once complete, you will notice the following pop up in the server manager window. This next step takes us through promoting this server to a domain controller.

Select the relevant configuration options, along with the account with relevant permissions.

On the next window, ignore the error (relating to a read only domain controller) and select the required options (DNS / GC).

Enter the DSRM password and select next

On the DNS options page again ignore the DNS, we are not delegating DNS.

From the additional options window we can select any DC (if we have multiple DC’s or you can chose to pick one to replicate from.

Select Next, and then make any changes to location of the NTDS/SYSVOL folders IF required

Review the options and then select next

A pre-reqs check will now run, as long as it passes you will be able to continue with the installation

Once complete, restart the server, or let it reboot as part of its installation process

Once the server has rebooted, we should now have a deployed 2012 R2 domain controller in our environment.

This brings to a close Part 3, we will pick the rest up in Part 4….