Active Directory Upgrades for Windows Server 2012

Jul 12

Thursday, July 12, 2012

Before you installed the first Domain Controller of a new Windows Server Operating System (eg. Windows Server 2003 / Windows Server 2008 R2) you had to manually extend the AD Schema with ADPREP before!

You had to run the schema update on the schema master for example with “Enterprise Administrator” right!


With “netdom /query fsmo” it was the easiest way to find the Domain Controller with the SCHEMA MASTER FSMO – role!

Adprep is the utility—included to upgrade AD to support that new OS.

The 3 major options of ADPREP are:


The /forestprep option runs first, extending the AD schema with new object and attribute classes that the new AD version needs.
The /domainprep option creates new well-known objects in AD, applies security changes, and miscellaneous other bits.
Finally, /rodcprep makes forest-wide security changes to allow read-only domain controller (RODC) functionality.

You can still run Adprep manually from the /support/adprep folder of the Server 2012 installation disk, if you need to. But a difference from older Adprep versions is that there's no 32-bit version (Adprep32) of the utility. So, you can run Adprep only from a 64-bit version of Server 2008 or later.

Now when you add the “Active Directory Domain Services” role to a Windows 2012 (member) Server in your domain, the FORESTPREP (1st) then DOMAINPREP (2nd) and DCPROMO are automatically executed!


If one of your administrators gets the idea to put a Server 2012 DC into a domain, before you know it Adprep will have run its course. So much for careful planning!

DCPROMO is disappeared in Server 2012!

