Partager via


Promotion Operation

Applies To: Windows Server 2008, Windows Server 2008 R2

The following options are available for the Promotion operation during an unattended installation of Active Directory Domain Services (AD DS) in Windows Server 2008 and Windows Server 2008 R2. Options that were new in Windows Server 2008 appear in bold text.

Parameter Possible values Default value Description

/AllowDomainReinstall

Yes | No

No

Specifies whether an existing domain is re-created.

/AllowDomainControllerReinstall

Yes | No

No

Specifies whether to continue installing this domain controller despite the fact that an active domain controller account with the same name is detected. Specify Yes only if you are sure that the account is no longer in use.

/ApplicationPartitionsToReplicate

"partition_DN_1 partition_DN_2 ...partition_DN_n"

 

Specifies application partitions to be replicated in the format of "partition1" "partition2". If * is specified, all application partitions will be replicated.

Use space-separated (or comma-and-space-separated) distinguished names, with the entire string enclosed in quotation marks.

/AutoconfigDNS

This parameter has been renamed to /InstallDNS.

Yes | No

Computed automatically based on the environment.

Specifies whether Domain Name System (DNS) is configured for a new domain if Dcpromo detects that the DNS dynamic update protocol is not available or if Dcpromo detects an insufficient number of DNS servers for an existing domain.

/ChildName

child_domain_name

 

Specifies the single-label DNS name of the child domain.

/ConfirmGc

Yes | No

Specifies whether the domain controller is a global catalog server.

/CreateDNSDelegation

Yes | No

Computed automatically based on the environment.

Indicates whether to create a DNS delegation that refers to this new DNS server. Valid for Active Directory–integrated DNS only.

/CriticalReplicationOnly

Yes | No

No

Specifies whether the promotion operation performs only critical replication before reboot and then continues, skipping the noncritical (and potentially lengthy) portion of replication. The noncritical replication happens after the role installation finishes and the computer restarts.

/DatabasePath

path_to_database_files

%systemroot%\NTDS

Specifies the fully qualified, non–Universal Naming Convention (UNC) path to a directory on a fixed disk of the local computer that contains the domain database, for example, C:\Windows\NTDS.

/DelegatedAdmin

User or group

 

Specifies the name of the user or group who will install and administer the read-only domain controller (RODC). If no value is specified, only members of the Domain Admins group or Enterprise Admins group can install and administer the RODC.

/DNSDelegationPassword

Password | *

 

Specifies the password for the user name (the account credentials) that is used to create or remove the DNS delegation. Specify * to prompt the user to enter credentials.

/DNSDelegationUserName

user_name

 

Specifies the user name to be used when the DNS delegation is created or removed. If you do not specify a value, the account credentials that you specify for the AD DS installation or removal are used for the DNS delegation.

/DNSOnNetwork

Yes | No

Yes

Specifies whether the DNS Server service is available on the network. This parameter is used only when the network adapter for this computer is not configured with the name of a DNS server for name resolution. Specifying No indicates that the DNS server will be installed on this computer for name resolution. Otherwise, the network adapter must be configured with a DNS server name first.

/DomainLevel

0 | 2 | 3 | 4

Based on the current forest functional level.

Specifies the domain functional level when a new domain is created in an existing forest, as follows:

0 = Windows 2000 native

2 = Windows Server 2003

3 = Windows Server 2008

4 = Windows Server 2008 R2

/DomainNetBiosName

domain_NetBIOS_name

Left-most label of the DNS name.

Assigns a NetBIOS name to the new domain.

/ForestLevel

0 | 2 | 3 | 4

0 (for Windows Server 2008)

2 (for Windows Server 2008 R2)

Specifies the forest functional level when a new domain is created in a new forest, as follows:

0 = Windows 2000

2 = Windows Server 2003

3 = Windows Server 2008

4 = Windows Server 2008 R2

ForestLevel replaces SetForestVersion in Windows Server 2003.

Do not use this switch when you are installing a domain controller in an existing forest.

/InstallDNS

This switch replaces /AutoConfigDNS.

Yes | No

Computed automatically based on the environment.

Specifies whether DNS is configured for a new domain if Dcpromo detects that the DNS dynamic update protocol is not available or if Dcpromo detects an insufficient number of DNS servers for an existing domain.

/LogPath

Path_to_log_files

%systemroot%\ NTDS

Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer that contains the domain log files, for example, C:\Windows\NTDS.

/NewDomain

Forest | Tree | Child

Forest

Specifies the type of new domain:

  • The root domain of a new forest

  • The root domain of a new tree in an existing forest

  • A child domain in an existing forest

The type of new domain must be specified when AD DS is installed on a Server Core installation.

/NewDomainDNSName

DNS_domain_name

 

Specifies a fully qualified domain name (FQDN) for the new domain.

/ParentDomainDNSName

DNS_domain_name

 

Specifies the FQDN of an existing parent domain when a child domain is installed.

/Password

Password | *

 

Specifies the password that corresponds to the user name (account credentials) that is used to promote the domain controller. Specify * to prompt the user to enter credentials.

/PasswordReplicationAllowed

Security_Principal | NONE

 

Specifies the names of computer and user accounts whose passwords can be replicated to this RODC. Specify "None" if you want to keep the value empty. By default, no user credentials will be cached on this RODC. To specify more than one security principal, add the entry multiple times.

/PasswordReplicationDenied

Security_Principal | None

 

Specifies the names of user, group, and computer accounts whose passwords are not to be replicated to this RODC. Specify None if you do not want to deny the replication of credentials of any users or computers. To specify more than one security principal, add the entry multiple times.

/RebootOnCompletion

Yes | No

Yes

Specifies whether to restart the computer upon completion, regardless of success.

/RebootOnSuccess

Yes | No| NoAndNoPromptEither

This command is deprecated but still supported. You should use /RebootOnCompletion instead.

Yes

Specifies whether to restart the computer upon successful completion of an operation.

/ReplicaDomainDNSName

DNS_domain_name

 

Specifies the FQDN of the domain in which you want to promote an additional domain controller.

/ReplicaOrNewDomain

Replica | ReadOnlyReplica | Domain

Replica

Specifies whether to install the domain controller as:

  • An additional domain controller in an existing domain

  • An RODC in an existing domain

  • The first domain controller in a new domain

/ReplicationSourceDC

DNS_name_of_source

 

Indicates the FQDN of the partner domain controller from which Active Directory data is replicated to create the new domain controller.

/ReplicationSourcePath

path_to_installation_media

 

Indicates the location of the installation media that will be used to install a new domain controller.

/SafeModeAdminPassword

password | NONE

 

The password for the administrator account to use when you start the computer in Safe Mode or a variant of Safe Mode, such as Directory Service Restore Mode (DSRM). You cannot specify a blank password.

/SiteName

site_name

See the note below this table.

The name of an existing site where you can place the new domain controller.

/SkipAutoConfigDNS

No value is required.

 

This switch is for expert users who want to skip automatic configuration of client settings, forwarders, and root hints. The switch is in effect only if the DNS Server service is already installed on the server, in which case you will receive an informational message confirming that the automatic configuration of DNS was skipped. Otherwise, this switch is ignored. If you specify this switch, ensure that zones are created and properly configured before you install AD DS or the domain controller will not operate correctly. This switch does not skip automatic creation of the DNS delegation in the parent DNS zone. To control DNS delegation creation, use the /CreateDNSDelegation switch.

/Syskey

NONE | system key

 

Specifies the system key for the media from which you replicate the data.

/SysVolPath

path_to_SYSVOL_folder

%systemroot%\ sysvol

Specifies the fully qualified, non-UNC path to a directory on a fixed disk of the local computer, for example, C:\Windows\SYSVOL.

/TransferIMRoleIfNeeded

Yes | No

No

Specifies whether to transfer the infrastructure master role to this domain controller, in case it is currently hosted on a global catalog server and you do not plan to make this domain controller a global catalog server. Choose Yes to transfer the infrastructure master role to this domain controller in case this is needed. If you choose Yes, be sure to specify /ConfirmGC:No.

/UserDomain

domain_name

 

Specifies the domain name for the user name (account credentials) that is used for promoting a domain controller.

/UserName

Domain\user_name

 

Specifies the user name (account credentials) that is used for promoting a domain controller. We recommend that you specify the account credentials in the domain\user_name format.

Note

The default value for the /SiteName parameter depends on the type of installation. For a new forest, the default is Default-First-Site-Name. For all other writable domain controller installations, the default is the site that is associated with the subnet that includes the IP address of this server. If no such site exists, the default is the site of the replication source domain controller. For an RODC installation, you must specify the site name where the RODC will be installed.