What are the new features in the AD DS in Windows Server 2012

What are the new features in the AD DS in Windows Server 2012

Active Directory design remains same like DC, ADC, RODC, FSMO roles etc.

New features have been added to make it easy for the administrators for managing the Active Directory.

  • DCPROMO has been deprecated
  • More dependent upon Server Manager for installing Active Directory
  • Active Directory Recycle Bin has now a GUI – Click here for more details.
  • Different password policies can now be easily applied within the same domain
  • Virtualized domain controllers can now be safely cloned since Active Directory is now aware to changes in the virtualization environment
  • Active Directory Federation Services (ADFS) have been introduced into the Kerberos token
  • New capabilities have been added in Active Directory Certificate Services(AD CS), as below:
    • All AD CS role services is now supported on any Windows Server 2012 version
    • AD CS has been fully integrated with Server Manager
    • AD CS can now be deployed and managed via PowerShell
    • AD CS now supports automatic certificates renewal for non-domain joined computers
    • International domain names are now supported
  • Active Directory Right Management Services (AD RMS) now supports Remote Deployment.
  • Bit Locker can now be installed before the Operating system is deployed unlike previous OS versions where Bit Locker was provisioned post installation.
    • Administrator can choose if entire volume needs to be encrypted or only used space, unlike previous OS versions that encrypt entire volume including free space.
    • New Network Unlock feature that doesn’t prompt you to enter TPM+PIN in a domain environment  by automatically unlocking the Operating System at system reboot provided system is connected to a trusted wired corporate network.  It is generally useful while installing software patches in unattended fashion to desktops and servers.


  • Active Directory PowerShell History Viewer User Interface- Click here to know about this feature.
  • Fine-Grained Password Policy User interface
  • Active Directory Replication & Topology Cmdlets
  • Dynamic Access Control
  • Active Directory Based Activation (BA): To activate Windows 8 or Windows Server 2012.
  • Group Managed Service Accounts
  • Windows Server 2012 promotions employ an indefinite retries
  • Flexible Authentication Secure Tunneling (FAST)
  • Volume Activation Management Tool (VAMT)- Click here to know about VAMT.