Microsoft has released KnowledgeBase Article 2830511, detailing a bug in the Installation Wizard of Windows Server 2012 Essentials, that prevents you from installing the server as a Domain Controller for an Active Directory domain with a public top-level domain (TLD), like .com, .corp, .org, .edu, .int and the country-specific top-level domains.
About Windows Server 2012 Essentials
Windows Server 2012 Essentials is the latest version of Windows Small Business Server Essentials. It is a flexible, affordable, and easy- to-use server solution designed and priced for small businesses with up to 25 users and 50 devices that helps them reduce costs and be more productive. Windows Server 2012 Essentials is an ideal first server, and it can also be used as the primary server in a multi-server environment for small businesses.
By removing the ‘Small Business Server’ moniker, Microsoft clearly communicates how Windows Server Essentials is positioned in the market relative to the other Windows Server editions. It does not come with Exchange Server, but it does come with client backup and remote web access.
As Microsoft aims Windows Server 2012 Essentials as the successor to Windows Small Business Server 2011, After installing Windows Server 2012, which is more or less identical to installing the Standard or Datacenter edition of Windows Server 2012, Microsoft assists system administrators, apparently installing their first server, with a wizard to configure the server; the Set Up Windows Server 2012 Essentials wizard.
The first screen of this wizard makes you verify the date and time settings. This is specifically useful when your time zone is not Pacific Time (-08h00 GMT). From an Active Directory point of view, though, it doesn’t matter since Active Directory, internally, runs at Greenwich Main Time (GMT). The second screen lets you choose between a Clean install and a Server migration.
The third screen is where the Active Directory magic happens:
The link What should I know before I personalize my server? explains that the Company name is used to associate your server with your company and the customize your company reports. You can type up to 254 characters for your company name.
The Internal domain name groups your server and client computers together to share a common database of user names, passwords, and other common information. Your users see this name when they log on to their computers, but is used internally only and is not the same as an Internet domain name. Your internal domain name must meet the following criteria:
- Can be up to 15 characters long
- Can contain letters, numbers and dashes (-)
- Must not start with a dash
- Must not contain any spaces
- Most not contain only numbers
This screen only offers to set up your Windows Server 2012 Essentials as a Domain Controller for a .local domain name, where the NetBIOS name of the domain is equal to the second level domain name. The wizard does not offer to configure Windows Server 2012 Essentials as a Domain Controller for an Active Directory domain with a public top-level domain (TLD), like .com, .corp, .org, .edu, .int and the country-specific top-level domains. (ccTLDs)
Microsoft KnowledgeBase article 2830511 explains the absence of a sensible choice for the domain name as by design to simplify the user experience.
Now, I can agree to some extent, that preventing a situation where an inexperienced admin may create a single-label domain name, is a good goal. However, other means exist to prevent these associated problems. Since Windows Server 2008, for instance, when you try to create a single-label domain name, you are presented with the following error:
The DNS name “<single label DNS domain name> proposed for this Active Directory domain consists of a single label, which is not recommended. DNS domain name should be unique and fully qualified, consisting of one or more labels separated by a period (“.”), followed by a top level domain.
If you click No, you can assign a fully qualified DNS name like the example. If you implement a single-label DNS domain name, you must configure all member computers and domain controllers as described in article 300684 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=92467) so they can register records and resolve queries until the domain is retired.
Do you really want to assign a single-label DNS domain name to this Active Directory domain?
Also, targeting Windows Server 2012 Essentials as the cost-efficient server solution, brings back the point of not forcing business into register a public domain name (at up to $10 per year).
The part I can’t agree with is the absence of the ability to create a domain name with a public top-level domain (TLD), since Microsoft has repeatedly made this a best practice approach.
Many Microsoft products and services assume your internal domain name ends with a public top-level domain (TLD). Lync Server and Exchange Server, for instance, are easier installed, configured and integrated when using the public DNS domain name. Also, Single Sign-On with Office 365 is problematic when you use a DNS domain name ending with a non-public top-level domain (TLD).
Configuring Essentials with a public TLD
Now, while the Set Up Windows Server 2012 Essentials wizard does not give you the option to configure the Active Directory domain name with a public top-level domain (TLD), it is possible to configure Windows Server 2012 Essentials with a public top-level domain (TLD) through the answer file method.
To this purpose you’ll need to place a plain text file named cfg.ini in the root of removable media (floppies not allowed, sorry) and make sure the media is available to Windows Server 2012 Essentials at the moment you set it up.
The fields NetBiosName and DNSName can be used to configure your Windows Server 2012 Essentials with the Active Directory domain names you’d like to use. More information on creating the contents of cfg.ini can be found here.
Windows Server 2012 Essentials configures Active Directory with the Windows Server 2012 Domain Functional Level (DFL) and Windows Server 2012 Forest Functional Level (FFL). There is no way in cfg.ini to configure it otherwise. You will need to configure a Domain Controller on Windows Server 2012 Standard first and use the Server migration option in the Set Up Windows Server 2012 Essentials wizard. Afterwards, you can remove the Windows Server 2012 Standard Domain Controller from the network.
Related KnowledgeBase articles
2830511 Unable to install with domain suffixes .net, .corp, .com, .org etc
300684 Information about configuring Active Directory domains by using single-label names
254680 DNS Namespace Planning
909264 Naming conventions in Active Directory for computers, domains, sites, and OUs
2002634 Warnings installing Active Directory Domain Services on Windows Server 2008 and Windows Server 2008 R2 in domains with single-label DNS names