What’s New in Active Directory in Windows Server 2012

In Windows Server 2012, we can now restore a deleted object via the recycle bin enabled in Active Directory using graphical UI (User Interface). You can choose to locate an object’s parent container pending to restoring it or restore it to an entirely different container. This is done easily now using Active Directory Administrative Center.

You can also perform dynamic access control fully in graphical UI. Access to a resource can be further classified using other properties like user claims, device claims and resource properties on top of NTFS permission. You can also manage multiple password policies within a single domain via graphical UI (Fine-grained password policy). There is a consistent command-line experience through Windows PowerShell which enables automation of every deployment task in Active Directory.

All Active Directory features work equally well in physical, virtual or mixed environments on Windows Server 2012 machines. Domain controller cloning is now supported in Windows Server 2012.

When you type “dcpromo” to promote a standalone server to a domain controller, a message will pop up notifying you about Server Manager. When you open up Server Manager, you need to install pre-requisite for DC promotion in order to see a command to promote the machine to a domain controller, namely the Active Directory Domain Service. Domain controllers can be deployed remotely on multiple machines from a single Windows Server 2012 centrally.

During the promotion process, you could note a couple of improvements in Windows Server 2012. First of all, there is a pre-requisite check/validation process that will take place prior to the actual DC promotion process. Secondly, the ADprep.exe is integrated into the dcpromo process now. Just like its predecessors, the default Active Directory database file and the SysVOL folder are at the same default location and you can customize it during the DC promotion process or later using the ntdsutil command.

Undoubtedly Server Manager in Windows Server 2012 has been improved tremendously to support not only local, but multi-machine management. You can install a role or feature on a remote machine as well as on a VHDX. This can be done simultaneously.

