TomF Posted December 11, 2012 Report post Posted December 11, 2012 My place of business is currently looking at introducing some Windows 8 machines into our environment (mainly Surface RT/Pro) and I'm curious as to some of the details to get this done properly. Our current environment is one domain/forest with ~25 domain controllers (GC's, one located at each site) running Server 2008 R2 and managing all Windows 7 clients (nothing previous). From what I gather, this is the process, and please correct me if I'm wrong: 1. Build and introduce Server 2012 to our environment 2. Promote (I understand there is no longer dcpromo) to domain controller 3. Raise domain/forest function levels to 2012 The questions I have around this are: 1. With the domain/forest function levels raised to 2012, can our current Server 2008 R2 domain controllers manage Windows 8 machines (group policy)? 2. If the Windows 8 devices are mainly located at one location that has the Server 2012 managing them (AD Sites and Services), can the device move to another location where it will pull a new IP and use the domain controller at that site (Server 2008 R2) for authentication and group policies? Or do we need to build/upgrade to have a Server 2012 at each site? Unfortunately I haven't had the time to research the details of a deployment, so any help is much appreciated! Quote Share this post Link to post Share on other sites More sharing options...
Joe Posted April 29, 2013 Report post Posted April 29, 2013 You don't need to raise the domain or forest level to manage the devices. You only need to do this if you want to take advantage of the changes that Server 2012 introduced to Active Directory. Group Policies are technically not part of Active Directory, so they don't require the domain/forest levels to be at a specific version to work. You're definitely going to need to stand up a 2012 server. You can make it a DC if you'd like, but you don't have to. It just needs to be a member server in your domain. On a side note, DCPromo is still there and is only used for silent installs of Active Directory. For manual installs, you use Server Manager. But like I said, you won't need to do this. Once you have your 2012 machine up and running, just create a policy for it your Win8 machines and apply it only to those machines. Make sure you manage the Win8 policy with the 2012 machine and then continue to manage the older operating systems the way you did in the past. Quote Share this post Link to post Share on other sites More sharing options...
