In the list of “Things that keep an Active Directory administrator up at night”, upgrading your Active Directory schema has always been near the top. This concern has been around since Active Directory was first introduced with Windows 2000 and has continued ever since. Why is upgrading your Active Directory schema so concerning? It all boils down to two words: Can’t Undo. An Active Directory schema extension, which is always part of the upgrade to a new release of the Windows Server OS, is extremely difficult to reverse, and only done in the most dire circumstances.
In the intervening eleven years since this process was introduced, however, the ADPREP process has been proven to be very reliable, and excessive worry about this process unjustified. In , Microsoft has gone a step further and streamlined and integrated the ADPREP forest and domain upgrades and DCPROMO domain controller promotion processes into one Active Directory Domain Service Configuration Wizard that takes care of everything.
Let’s step through the process as I upgrade my Windows Server 2008 R2 home forest to Windows Server 2012. My forest currently has two Windows Server 2008 R2 domain controllers and three sites. I’m going to upgrade using an IT generalist scenario for a small to medium business: I want a Windows Server 2012 domain controller in my Active Directory forest to take advantage of new features (such as new UIs for the Recycle Bin and fine grained password policies), and I don’t want to sweat the small stuff.
To do this, I’ll take a Windows Server 2012 member server and make it a domain controller by following the step-by-step instructions in the Add Roles and Features and AD DS Configuration wizards.
To clearly see the screenshots, be sure to tap the nearly-invisible "fullscreen" in the lower-right of the screenshot below, then the little "i" in the upper left for descriptions of each image. You can easily move back and forth through the screenshots with the left and right arrow keys.
This process of upgrading a forest, domain, and domain controller to Windows Server 2012 in my small forest took 30 minutes from start to finish. Your mileage may vary, of course, as forest and domain upgrade times are dependent on the number of DCs you have and your site topology.
This seamless, integrated process isn’t for everyone; many large environment AD administrators will still want to break up the upgrade process and monitor it closely. For the 80% of Active Directory installations around the world that are cared for by IT generalists, however, this new upgrade and promotion process will make upgrading Active Directory to Windows Server 2012 a much simpler process.
Note: These screenshots are from the Developer Preview version, but the final UI is nearly identical.
Follow Sean on Twitter at @shorinsean.
- What’s New in Windows Server 8 Active Directory
- Exploring Windows Server 8: Dynamic Access Control
- Windows Server 8: A Leap Ahead
- Windows Server 8 Preview