How can a portion of the Server Operating System that has been around over a decade be a feature that I care about in Server 2012? Active Directory has been the heartbeat of Windows Server almost 14 years. That being said, it is still a crucial part of the majority of most businesses infrastructure. In Server 2012 they have added some new features that allow for greater ease of use, deployment, and administration.
One of the biggest changes is the way that Active Directory Domain Service (AD DS) can now more safely handle Virtual Domain Controllers. The way this is possible is due to the use of a VM Generation ID. In the past, Active Directory would reference, including virtual machines, based on AD DS’s Update Sequence Number (USN). Also the Database instance on a Domain Controller is given an InvocationID.
Those two pieces create a unique identifier for the transaction occurring in a Forest. If there is ever a situation where rollback to a necessary snapshot or a restore that falls outside of the unique identifier of a Domain Controller realm of understanding, i.e. the reference point of the USN and Invocation ID are not able to be found, it can cause problems. The VM Generation ID is used to recognize when the above stated problems occurs, it is monitored and tracked by a Windows Driver that is inside the Virtual Machine. Also Cloning a Domain Controller is much easier and can be done whilst a virtual Domain Controller is running!
The next big change in Server 2012 is the Active Directory Administration Center (AD AC). For years, as admins, everyone is used to the Active Directory Users and Computers interface to manage and control aspects of the AD environment. It is still there and available, however AD AC is worth taking a long hard look. AD AC is usable in pre-2012 environments; it allows you to control domains and domain controllers that are pre-2012. There is a PowerShell history viewer within this console. Here you can track past PowerShell commands and monitor their execution. Included is a graphical recycle bin that you can enable this will help protect against accidental deletion as well of objects, folders, users, and the like.