A Step-by-Step Guide #ws2025 #winserv #AzureArc – Robert Smit MVP Blog

What’s New in Windows Server 2025

Windows Server 2025 is here, bringing a host of exciting new features and improvements designed to enhance security, performance, and flexibility. Here’s a quick overview of what you can expect from this latest release:

Advanced Security Features

In an era where cybersecurity is paramount, Windows Server 2025 introduces several robust security enhancements:

• Active Directory (AD) Enhancements: Improved protocols, encryption, and new cryptographic support to better protect your environment.
• SMB Over QUIC: Secure access to file shares over the internet, along with hardened firewall defaults and protections against various attacks.
• Delegate Managed Service Accounts (dMSA): Automated password management and specific permission delegation to reduce security risks.

Performance Boosts

Windows Server 2025 is designed to deliver high performance for your applications and workloads:

• Accelerated Networking (AccelNet): Simplifies the management of SR-IOV for virtual machines, reducing latency, jitter, and CPU utilization.
• Faster Storage Options: Enhanced storage capabilities to streamline infrastructure management.

Hybrid Cloud Integration

With the growing importance of hybrid cloud environments, Windows Server 2025 offers advanced features to improve operational flexibility:

• Hotpatching Enabled by Azure Arc: Experience fewer reboots and minimal disruption with security updates for Azure Arc-enabled Windows Server 2025.
• Enhanced Hybrid Cloud Capabilities: Seamless integration with hybrid cloud environments to optimize connectivity and flexibility.

Windows Server 2025 builds on the strong foundation of its predecessors, offering a modernized experience tailored to meet the diverse needs of today’s IT environments. Whether you’re managing on-premises infrastructure or leveraging the cloud, this release provides the tools and optimizations to help you succeed.

That Seems all what we want let’s start upgrading machines. I start with my domain controller, currently it is running windows 2022

I copy the ISO local and attachd the iso, so we can start the upgrade. Adding the product key in the installation.

Make sure you select the correct version Core or Desktop

I choose for the Desktop edition and I will keep my files.

As this is a domain controller and the First Windows server 2025 domain controller we need to do an ADprep, it seems like old skool as the list time it was in 2016 i believe.

There is a little warning on the forest prep and domain prep. This needs to be done befor you can do the installation.

On the ISO in the support folder there is the ADPREP folder that should be used to do the forest prep. This and only this ADprep should be used.

As you can see it is now 2016, with powershell or command you can raise this.

(Get-ADForest).ForestMode

(Get-ADDomain).DomainMode

Keep in mind you need to do the forest prep and the domain prep

First step is the forestprep

type C enter

now we can do the domainprep.

now that we did the ADPrep we can Restart setup.

And 30 min later I had the annoying start buton in the middle.

A quick check on the versions.

Fixing the menu

Now we are ready to raise the domain functional level.

And don’t forget also the Forest Functional level in domains and trusts.

Now that the OS is 2025 and the AD is 2025 lets see if we can use the 32k pages in the Active directory. lets check what page size we have currently.

It can be checked with powershell,ldp,adsiedit

Get-ADObject -LDAPFilter “(ObjectClass=nTDSDSA)” -SearchBase “CN=Configuration,DC=mvp,DC=local” -properties msDS-JetDBPageSize | FL distinguishedName,msDs-JetDBPageSize

Get-ADOptionalFeature -filter *

There is a little warning in the Microsoft documentation “Domain controllers that have had a Feature Update, also known as an in-place upgrade, continue to their current 8K page database format and pages. “

Does this mean I can’t use 32K pages ?

$params = @{
Identity = ‘Database 32k pages feature’
Scope = ‘ForestOrConfigurationSet’
Server = “mvpdc02”
Target = “mvp.local”
}

Enable-ADOptionalFeature @params

Indeed on servers that are upgraded you can’t enable the Database 32k pages feature, only on new installed domain controllers. To bad if you just did a forest wide domain renewal program, to use the Database 32k pages feature will probaly not have a wide adoption directly.

The msDS-JetDBPageSize attribute in the attributes list. The value is the page database size capability. A value of 32768 means it’s a 32k page database capable domain controller. A value of 8192 means an 8k page database size. No value means the domain controller is running Windows Server 2022 or earlier.

As I already had an update de level is not 90 but 91.

Beginning with Windows Server 2025, new Active Directory forest and domains are installed with a 32k page database format. By default these new forests and domains use an 8k page simulation mode to support previous versions. An upgraded DC continues to use an 8K database format and pages.

So this means install all new fresh domain controllers server 2025, decomission your old domain controllers, make sure forest and domain level is on 2025 and then you can enable Database 32k pages for Active Directory, So nice option but for many not directly usefull.

is the Database 32k pages feature a bust no, but if you need it then your entire forest needs to be renewed and thats not a 30 min process.

Hope it was helpful thanks for visiting my blog.

Follow Me on Twitter X @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit