« previous next »
Pages: [1]

Author Topic: Join Zentyal to Windows 2012 as additional DC (Workaround)  (Read 8287 times)

maximilianobeltritti

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +5/-0
    • View Profile
Join Zentyal to Windows 2012 as additional DC (Workaround)
« on: November 14, 2013, 12:17:47 am »
The following post came from the need to join Zentyal to a Windows 2012 server Domain Controller for an specific client that wanted to migrate their servers to Zentyal for licensing costs. Because Samba does not support this type of DC yet, we use the Threecore laboratories to test a workaround for this issue, we hope this will be useful for all we decide to post it here:

The workaround we found was to lower the functional level and the forest level from Windows 2012 to windows 2008 so that our Zentyal can join the domain, this approach is also very useful, as we mentioned above, to migrate from Windows 2012 DC to Zentyal, we've tested in laboratories internal and works perfect: 

Step 1

Open a PowerShell Active Directory console

Step 2

Run:
get-ADForest

We can see the domain name with the different configurations. For Example:

ApplicationPartitions : {DC=ForestDnsZones,DC=zentyal,DC=it,DC=com,
                        DC=DomainDnsZones,DC=zentyal,DC=it,DC=com}
CrossForestReferences : {}
DomainNamingMaster    : win2k12.zentyal.it.com
Domains               : {zentyal.it.com}
ForestMode            : Windows2012Forest
GlobalCatalogs        : {win2k12.zentyal.it.com}
Name                  : zentyal.it.com
PartitionsContainer   : CN=Partitions,CN=Configuration,DC=zentyal,DC=it,DC=com
RootDomain            : zentyal.it.com
SchemaMaster          : win2k12.zentyal.it.com
Sites                 : {Default-First-Site-Name}
SPNSuffixes           : {}
UPNSuffixes           : {}

Step 3

Run:

Set-ADForestMode -Identity "your.domain.com" -
ForestMode Windows2008Forest

Apply Yes

Step 4

Run:
Set-ADDomainMode -Identity "your.domain.com" -
DomainMode Windows2008Domain


Example for both commands:

PS C:\Users\Administrator.WIN2K12> Set-ADForestMode -Identity "zentyal.it.com" -
ForestMode Windows2008Forest

Confirm
Are you sure you want to perform this action?
Performing operation "Set" on Target
"CN=Partitions,CN=Configuration,DC=zentyal,DC=it,DC=com".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  (S) Suspend  [?] Help
(default is "Y"):y


PS C:\Users\Administrator.WIN2K12> Set-ADDomainMode -Identity "zentyal.it.com" -
DomainMode Windows2008Domain

Confirm
Are you sure you want to perform this action?
Performing operation "Set" on Target "DC=zentyal,DC=it,DC=com".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  (S) Suspend  [?] Help
(default is "Y"):y


That is all, now you have a windows 2012 server running with an 2008 functional level and forest level, so we can join Zentyal to the domain as an additional DC, cheers!
« Last Edit: November 14, 2013, 12:08:27 pm by maximilianobeltritti »
Logged

robb

  • Guest
Re: Functional Level 2012 a 2008
« Reply #1 on: November 14, 2013, 10:45:04 am »
Can you make a translation in English for this?
Logged

maximilianobeltritti

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +5/-0
    • View Profile
Re: Join Zentyal to Windows 2012 as additional DC (Workaround)
« Reply #2 on: November 14, 2013, 12:09:01 pm »
Done! Sorry is my first post.
Logged

robb

  • Guest
Re: Join Zentyal to Windows 2012 as additional DC (Workaround)
« Reply #3 on: November 14, 2013, 12:15:16 pm »
No problem and thnx a lot for the translation. I will move it back to tips and tricks since I think it's where it belongs.
Feel free to have a Spanish version in the Spanish section for reference for non English speakers.

+1 Karma for the effort. :)
Logged

Gilberto Ferreira

  • Zen Hero
  • *****
  • Posts: 516
  • Karma: +12/-1
    • View Profile
Re: Join Zentyal to Windows 2012 as additional DC (Workaround)
« Reply #4 on: January 06, 2014, 06:26:01 pm »
Quote from: maximilianobeltritti on November 14, 2013, 12:17:47 am
The following post came from the need to join Zentyal to a Windows 2012 server Domain Controller for an specific client that wanted to migrate their servers to Zentyal for licensing costs. Because Samba does not support this type of DC yet, we use the Threecore laboratories to test a workaround for this issue, we hope this will be useful for all we decide to post it here:

The workaround we found was to lower the functional level and the forest level from Windows 2012 to windows 2008 so that our Zentyal can join the domain, this approach is also very useful, as we mentioned above, to migrate from Windows 2012 DC to Zentyal, we've tested in laboratories internal and works perfect: 

Step 1

Open a PowerShell Active Directory console

Step 2

Run:
get-ADForest

We can see the domain name with the different configurations. For Example:

ApplicationPartitions : {DC=ForestDnsZones,DC=zentyal,DC=it,DC=com,
                        DC=DomainDnsZones,DC=zentyal,DC=it,DC=com}
CrossForestReferences : {}
DomainNamingMaster    : win2k12.zentyal.it.com
Domains               : {zentyal.it.com}
ForestMode            : Windows2012Forest
GlobalCatalogs        : {win2k12.zentyal.it.com}
Name                  : zentyal.it.com
PartitionsContainer   : CN=Partitions,CN=Configuration,DC=zentyal,DC=it,DC=com
RootDomain            : zentyal.it.com
SchemaMaster          : win2k12.zentyal.it.com
Sites                 : {Default-First-Site-Name}
SPNSuffixes           : {}
UPNSuffixes           : {}

Step 3

Run:

Set-ADForestMode -Identity "your.domain.com" -
ForestMode Windows2008Forest

Apply Yes

Step 4

Run:
Set-ADDomainMode -Identity "your.domain.com" -
DomainMode Windows2008Domain


Example for both commands:

PS C:\Users\Administrator.WIN2K12> Set-ADForestMode -Identity "zentyal.it.com" -
ForestMode Windows2008Forest

Confirm
Are you sure you want to perform this action?
Performing operation "Set" on Target
"CN=Partitions,CN=Configuration,DC=zentyal,DC=it,DC=com".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  (S) Suspend  [?] Help
(default is "Y"):y


PS C:\Users\Administrator.WIN2K12> Set-ADDomainMode -Identity "zentyal.it.com" -
DomainMode Windows2008Domain

Confirm
Are you sure you want to perform this action?
Performing operation "Set" on Target "DC=zentyal,DC=it,DC=com".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  (S) Suspend  [?] Help
(default is "Y"):y


That is all, now you have a windows 2012 server running with an 2008 functional level and forest level, so we can join Zentyal to the domain as an additional DC, cheers!

Hello

I wonder if there's some risk for some application running on Windows Server...
I meant, some legacy application previously installed on Server, don't not work properly after lower functional level..

Did you know something about that??

Thanks...
Logged

nikmik

  • Zen Apprentice
  • *
  • Posts: 12
  • Karma: +0/-0
    • View Profile
Re: Join Zentyal to Windows 2012 as additional DC (Workaround)
« Reply #5 on: January 13, 2014, 10:59:20 am »
I don't think you will have any problem with software. "Functional levels determine the available Active Directory Domain Services (AD DS) domain or forest capabilities. They also determine which Windows Server operating systems you can run on domain controllers in the domain or forest. However, functional levels do not affect which operating systems you can run on workstations and member servers that are joined to the domain or forest. "

You can see this for more information:
http://technet.microsoft.com/library/understanding-active-directory-functional-levels%28v=WS.10%29.aspx
Logged
Pages: [1]
« previous next »