Upgrade Domain Controllers to Windows Server 2. R2 and Windows Server 2. Applies To Windows Server 2. Windows Server 2. R2, Windows Server 2. This topic provides background information about Active Directory Domain Services in Windows Server 2. R2 and Windows Server 2. Windows Server 2. Windows Server 2. R2. Domain controller upgrade steps. The recommended way to upgrade a domain is to promote domain controllers that run newer versions of Windows Server and demote older domain controllers as needed. That method is preferable to upgrading the operating system of an existing domain controller. This list covers general steps to follow before you promote a domain controller that runs a newer version of Windows Server Verify the target server meets system requirements. Verify Application compatibility. Verify security settings. Installing-WSUS-for-Configuration-Manager-2012-R2-Snap2.jpg' alt='Install Wsus On Windows 2008 R2 Domain Controller' title='Install Wsus On Windows 2008 R2 Domain Controller' />For more information, see Deprecated features and behavior changes related to AD DS in Windows Server 2. Secure default settings in Windows Server 2. Windows Server 2. R2. Check connectivity to the target server from the computer where you plan to run the installation. Check for availability of necessary operation master roles To install the first DC that runs Windows Server 2. To install the first DC in a domain where the forest schema is already extended, you only need connectivity to infrastructure master. I open the Windows Update control panel, and it says some settings are managed by your system administrator. Problem is, Im logged in as a domain admin. Tried so. In this article, Ill show you how to install Windows 10 Administrative Templates on Windows Server to support Windows 10 settings like Windows Edge browser. To install or remove a domain in an existing forest, you need connectivity to the domain naming master. Any domain controller installation also requires connectivity to the RID master. If you are installing the first read only domain controller in an existing forest, you need connectivity to the infrastructure master for each application directory partition, also known as a non domain naming context or NDNC. Be sure to supply the necessary credentials to run the AD DS installation. Installation action. Credential requirements. Install a new forest. Local Administrator on the target server. Install a new domain in an existing forest. Enterprise Admins. Install an additional DC in an existing domain. Domain Admins. Run adprep forestprep. Schema Admins, Enterprise Admins, and Domain Admins. Run adprep domainprep. Domain Admins. Run adprep domainprep gpprep. Domain Admins. Run adprep rodcprep. Enterprise Admins. You can delegate permissions to install AD DS. For more information, see Installation Management Tasks. Steps by step instructions to promote new and replica Windows Server 2. Windows Power. Shell cmdlets and Server Manager can be found in the following links Whats new in Windows Server 2. New features listed by server role and technology area are listed in the following table. For more whitepapers, video demonstrations, and presentations about other features in Windows Server 2. Server and Cloud Platform. Automatic Maintenance and changes to restart behavior after updates are applied by Windows Update. Prior to the release of Windows 8, Windows Update managed its own internal schedule to check for updates, and to download and install them. It required that the Windows Update Agent was always running in the background, consuming memory and other system resources. Windows 8 and Windows Server 2. Automatic Maintenance. Automatic Maintenance consolidates many different features that each used to manage its own scheduling and execution logic. This consolidation allows for all these components to use far less system resources, work consistently, respect the new Connected Standby state for new device types, and consume less battery on portable devices. Microsoft Security Essentials Settings Table. Because Windows Update is a part of Automatic Maintenance in Windows 8 and Windows Server 2. To help ensure consistent and predictable restart behavior for all devices and computers in your enterprise, including those that run Windows 8 and Windows Server 2. Microsoft KB article 2. October 2. 01. 3 cumulative rollup 2. WSUS blog post Enabling a more predictable Windows Update experience for Windows 8 and Windows Server 2. KB 2. 88. 56. 94. Whats new in AD DS in Windows Server 2. R2 The following table summarizes new features for AD DS in Windows Server 2. R2, with a link to more detailed information where it is available. For a more detailed explanation of some features, including their requirements, see Whats New in Active Directory in Windows Server 2. R2. Feature. Description. Workplace Join. Allows information workers to join their personal devices with their company to access company resources and services. Web Application Proxy. Provides access to web application using a new Remote Access role service. Active Directory Federation Services. AD FS has simplified deployment and improvements to enable users to access resources from personal devices and help IT departments manage access control. SPN and UPN uniqueness. Domain Controllers running Windows Server 2. R2 block the creation of duplicate service principal names SPNs and user principal names UPNs. Winlogon Automatic Restart Sign On ARSOEnables lock screen applications to be restarted and available on Windows 8. TPM Key Attestation. Enables CAs to cryptographically attest in an issued certificate that the certificate requester private key is actually protected by a Trusted Platform Module TPM. Credentials Protection and Management. New credential protection and domain authentication controls to reduce credential theft. Deprecation of File Replication Service FRSThe Windows Server 2. FRS is used to replicate SYSVOL. That means when you create a new domain on a server that runs Windows Server 2. R2, the domain functional level must be Windows Server 2. You can still add a domain controller that runs Windows Server 2. R2 to an existing domain that has a Windows Server 2. New domain and forest functional levels. There are new functional levels for Windows Server 2. R2. New features are available at Windows Server 2. R2 DFL. LDAP query optimizer changes. Performance improvement in LDAP search efficiency and LDAP search time of complex queries. Event improvements. LDAP search result statistics were added to event ID 1. Active Directory replication throughput improvement. Adjusts the maximum AD Replication throughput from 4. Mbps to around 6. Mbps. Whats new in AD DS in Windows Server 2. The following table summarizes the new features for AD DS in Windows Server 2. For a more detailed explanation of some features, including their requirements, see Whats New in Active Directory Domain Services AD DS. Feature. Description. Active Directory Based Activation AD BA see Volume Activation Overview. Simplifies the task of configuring the distribution and management of volume software licenses. Active Directory Federation Services AD FSAdds role install via Server Manager, simplified trust setup, automatic trust management, SAML protocol support, and more. Active Directory lost page flush events. NTDS ISAM event 5. Active Directory databases. Active Directory Recycle Bin User Interface. Active Directory Administrative Center ADAC adds GUI management of recycle bin feature originally introduced in Windows Server 2. R2. Active Directory Replication and Topology Windows Power. Shell cmdlets. Supports the creation and management of Active Directory sites, site links, connection objects, and more using Windows Power. Shell. Dynamic Access Control. New claims based authorization platform that enhances the legacy access control model. Fine Grained Password Policy User Interface. ADAC adds GUI support for the creating, editing and assignment of PSOs originally added in Windows Server 2.