Migrating Active Directory Domain Controller from Windows Server 2008 R2 to Windows Server 2012


Windows Server 2012 is the Microsoft latest Windows Server Operating System which is more powerful than previous versions of Windows Server. For examples, Hyper-V replication, DHCP failover, Dynamic Access Control, Improvements in Active Directory Recycle Bin, Virtual Domain Controller etc. So it’s better to migrate Windows Server 2008 R2 to Windows Server 2012 Domain Controller because of the new cool features of Windows Server 2012. There are two options for migrating Windows Server 2008 R2 to Windows Server 2012 Domain Controller.

  1. Directly Upgrading to Windows Server 2012 on same physical machine, which is not recommended?
  2. Migrating specific domain controller functionality to the new Windows Server 2012 Active Directory Domain environment using new hardware, which is the best option for migrating Active Directory Domain Controller from Windows Server 2008 R2 to Windows Server 2012 Domain Controller.
The prerequisites for migrating to Windows Server 2012 in a new hardware are as follows:
  1. Windows Server 2008 R2 AD DS Domain and Forest functional level must be minimum Windows Server 2003 or higher recommended.
  2. Check the Schema version of AD DS.
  3. Forest and Domains must be prepared Using adprep. In Windows Server 2008 R2 Domain Controller, run adprep /forestprep and adprep /domainprep from the Windows Server 2012 installation DVD \support\adprep folder.
Step 1: Run adprep command to prepare the existing forest:
1.  Insert the Windows Server 2012 DVD into the DVD drive of the Windows Server 2008 R2 AD DS.
2.  Open command prompt, and type the following commands and press enter.




3.  
Check the Schema version of AD DS.
       Before Adprep


After Adprep

 Step 2: Promote a Windows Server 2012 Server to a domain controller, including DNS and Global Catalog:
1.  First Joining this server, KTM-DC01-2K12, as a member server in the existing Window Server 2008 R2 Domain before promoting to Domain Controller.
2. On the server KTM-DC01-2K12, in Server Manager, click Manage, and from the drop-down list box, click Add Roles and Features.


3. On the Before you begin page, click Next.

4. On the Select installation type page, confirm that Role-based or feature-based installation is selected, and then click Next.

5. On the Select destination server page, ensure that Select a server from the server pool is selected, and that KTM-DC02-2K12  is highlighted, and then click Next.

6. On the Select server roles page, click Active Directory Domain Services.

7.  On the Add features that are required for Active Directory Domain Services? Page, click Add Feaures.

8.  On the Select server roles page, click Next.

9. On the Select features page, click Next.

10. On the Active Directory Domain Services page, click Next.

11. On the Confirm installation selections page, click Install. (This may take a few minutes to complete.)



12. When the Active Directory Domain Services (AD DS) binaries have installed, click the blue Promote this server to a domain controller link.

13. In the Deployment Configuration window, click Add a domain controller to an existing domain. Specify the domain information for this operation Domain: msserverpro.com and then click Next.

14. In the Domain Controller Options windows, ensure that both the Domain Name System (DNS) server and Global Catalog (GC) check boxes are selected. Confirm that Site Name: is set to Default-First-Site-Name. Under Type the Directory Services Restore Mode (DSRM) password, type P@ssw0rd in both text boxes and then click Next.

15. On the DNS Options page, click Next.

16.  On the Additional Options page, select KTM-DC01-2K8.msserverpro.com in the Replicate from drop-down box.

17. On the Paths windows, click Next.

18. On the Review Options windows, click Next.

19. On the Prerequisites Check windows, confirm that there are no issues, and then click Install.

20. Installation Process begins.. and server will automatically reboot after Installation Finished.


Step 3: Verify the Domain Controller:
1. Open Active Directory Users and Computers, expand mserverpro.com and click Domain Controller OU .Verify KTM-DC01-2K12 Server is listed.


2. Open DNS Manager, right-click on msserverpro.com and select Properties and then click Name Servers Tab. Verify that KTM-DC01-2K12.msserverpro.com is listed in Name Servers: lists.

3. Open Active Directory Sites and Services; verify that KTM-DC01-2K12 is listed in Servers under Default-First-Site-Name.



Step 4: Transfer FSMO roles to the Windows Server 2012 Domain Controller:
1. Log on KTM-DC01-2K12 new domain controller, Open the Command Prompt and type   netdom query fsmo.
2. Verify the FSMO Roles on Windows Server 2008 R2 Server(KTM-DC01-2K8)  before we transfers FSMO roles to new Windows Server 2012 Server( KTM-DC01-2K12).

3. In the command prompt, type ntdsutil and press enter.
4. Type roles and press Enter. The prompt will display “fsmo maintenance:”
5.  Type connections and press Enter. The prompt will display “server connections:”
6.  In the “server connections: “, type connect to server KTM-DC01-2K12.msserverpro.com and press enter ( where KTM-DC01-2K12 is the name of the target Windows Server 2012)
7.  Type quit and press enter. The prompt will display “fsmo maintenance:”
8.  In the “fsmo maintenance:” type “?” for help
9. In the “fsmo maintenance: “ , type transfer schema master and Press enter and Click Yes On Role Transfer Confirmation Dialog box to confirm the Operations Master change.


10. Do the same process for: transfer naming master, transfer PDC, transfer RID master and transfer infrastructure master.








11. Type quit and press enter; the type quit and press enter again to exit the ntdsutil.

12. Verify the FSMO Roles on new Windows Server 2012 Domain Controller, KTM-DC01-2K12.


Step 5: Remove the legacy domain controller:
1. On KTM-DC01-2K8, Click Start, Click Run, type dcpromo and then click OK.


2.  On the Welcome to the Active Directory Installation Wizard page, Click Next.

3. On the Delete the Domain page, leave Delete the domain because this server is the last domain controller in the domain.


4. On the Administrator Password Page, type P@ssw0rd in both password textboxes and click Next.

5. On the Summary page, click Next. Wait for the process to complete and then click Finish.


6. On the Completing the Active Directory Domain Services Installation Wizard, click Finish.

7. On the Active Directory Domain Services Installation Wizard page, click Restart Now to Restart the server.

8. After restart the server, KTM-DC01-2K8 computer account will automatically move from Domain Controller OU to Computers OU because now KTM-DC01-2K8 is only the member server.

9. Lastly disjoin Windows Server 2008 R2 (KTM-DC01-2K8) from the domain to a workgroup and remove any unnecessary record from Active Directory Sites and Services.




Comentarios

Entradas populares de este blog

Guía de herramientas básicas para estudiantes: 31 apps y webs imprescindibles para ayudarte con los estudios

Comando FOR para archivos BAT

How to Setup and Configure Your Own GitLab Server on Ubuntu 20.04