1

I would like to join a new windows server 2012 member server to our domain which is at 2003 functional level and domain level. I am being told that an AD Schema update is required to do this.

Can anyone explain what is involved in this schema update and why it is necessary? Can it join the domain without this schema update?

stumct
  • 76
  • 1
  • 6
  • And, the answer to your second question is no - it's telling you that it's necessary, why do you think it's lying? – mfinni Feb 05 '13 at 15:47
  • 2
    My understanding is that you dont need to update the schema if only adding it as a member server. – John Feb 05 '13 at 15:55
  • Who's telling you this? – HopelessN00b Feb 05 '13 at 15:56
  • Who ar what is telling you that a Schema update is required to join a Windows Server 2012 server to the domain (as a member server)? – joeqwerty Feb 05 '13 at 15:57
  • The system admins who run the domain are saying that a schema update is required for a member server. I did attempt to join the domain to test it and it seems to have worked however I do not know if this is going to cause any wider AD issues. – stumct Feb 05 '13 at 16:01
  • 1
    1. Those admins are misinformed. 2. What "wider AD issues" could joining a member server to the domain cause? – joeqwerty Feb 05 '13 at 16:05
  • 3
    @stumct Either your SAs are useless, or they're lying to you. God I'm sick of Windows admins who aren't competent at what they do. – HopelessN00b Feb 05 '13 at 16:34
  • I apologize - I entirely mis-read this (somehow) as adding a 2012 DC, not a member server. – mfinni Feb 05 '13 at 16:36

2 Answers2

5

I don't know where you're getting your information, but I admin a 2003 FL Forest and Domain, and joined a Server 2012 server to it a couple weeks ago without any schema update. I'm in the process of standing up another Server 2012 server onto it at this very moment, as well.

There's no schema update required to add a Server 2012 member server to a 2003 forest and/or domain. It's no different than joining a 2008 or 2008R2 server to a 2003 FL domain, in fact. Build server, join to domain, reboot and done.

Community
  • 1
HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
1

There might have been some misunderstandings / misinterpretations of your initial supporter.

Simply joining a machine never required so far any schema change. The schema defines what can be stored how in AD and has not too much to do with the domain join process. Having said that, depending on the functional level / DC OS level certain new security features like encryption mechanism have been introduced.

If you simply join the 2012 server you don't need the latest schema.

But certain features you may want to use require new schema or adding a 2012 DC or even updating the functional level. Claims based access control would require new schema and a 2012 DC

Patrick Sczepanski
  • 11
  • 1