Migrate Active Directory from Windows Server 2008 R2 to Windows Server 2012 R2 – Part 1

In this post I will document the steps I took to migrate a customer Active Direct from Windows 2008 R2 to Windows 2012 R2.


  1. Complete a full backup of your existing server.
  2. Check the Schema version of AD DS by running regedit, navigating to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Parameters and noting the current Schema version.
  3. Verify that your AD is working properly.
  4. Prepare a new Windows Server 2012 R2 that will host the AD DS services.

Step 1: Preparing your existing forest via the adprep command

  1. Insert the Windows Server 2012 DVD into the DVD drive of the Windows Server 2008 R2 Domain Controller.
  2. Open command prompt and execute the command cd d:\support\adprepWindows-Server-2012-R2-support-adprep-folder
  3. Type adprep /forestprep and press enter. Type C and then press Enteradprep-forestprepadprep-forestprep-success
  4. Execute the following command: adprep /domainprep adprep-domainprep
  5. Check the Schema version of AD DS by running regedit, navigating to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Parameters and noting the current value of the key. Schema version should be 69regedit-schema-version
  6. Demote and decommission secondary domain controller
  • Click Start, Run…
  • Type dcpromo and click OK
  • Click Next > on the Welcome page
  • If the domain controller has the global catalog service, make sure your primary DC also has the service enabled and click OK.  This can be done by opening up Active Directory Sites and Services and viewing the services for each domain controller.
  • Make sure the Delete this domain because this server is the last domain controller in the domain is UNCHECKED, and click Next >
  • Type in a new password to be used for the Local Administrator account the machine will contain after it is demoted.
  • Click Next on the Summary page
  • Check the Reboot on completion box to restart the server after the service has been removed
  • Log back into the DC upon reboot and open up Server Manager
  • Remove Roles from Server
  • Disjoin the machine from the domain

Step 2: Promoting the Windows Server 2012 Server domain controller

  1. At this point, you should have one Server 2008 R2 Domain Controller and a blank Server 2012 R2 machine joined to the domain ready for the Active Directory services.
  2. Start Server Manager on your new Server 2012 R2 machine.
  3. Select Manage in the top right and select Add Roles and Features
  4. Click Next on the Before you begin screen
  5. Click Next > on the Select installation type screen
  6. Ensure your new server is selected and click Next >
  7. Check the box next to Active Directory Domain Services
  8. Click the Add Features button
  9. Click Next >
  10. Click Next >
  11. Check the box that says Restart the destination server automatically if required

  12. Click the Install button
  13. Once the install is done, click the Close button
  14. Next, head back to the Server Manager screen and select the warning icon with the flag; then select Promote this server to a domain controller.
  15. On the Deployment Configuration page, make sure Add a domain controller to an existing domain is checked and hit Next >
  16. Check Domain Name System (DNS) server, Check Global Catalog (GC), and uncheck Read only domain controller (RODC).  Enter a strong password to be used to access Directory Services Restore Mode and click Next >
  17. Click Next > on the DNS Options page
  18. Click Next > on the Additional Options page, or if you would like, you can manually select a domain controller to replicate data from and then hit Next >.
  19. Click Next > on the Paths page
  20. Click Next > on the Review Options page
  21. Click Install on the Prerequisites Check page

Step 3: Verify the new Windows Server 2012 Domain Controller

  1. Open Active Directory Users and Computers, expand <Your Domain> and click the Domain Controller OU to verify your server is listed.Active-Directory-Users-and-Computers-Domain-Controllers
  2. Open DNS Manager, right-click on <Your Domain>, select Properties and then click Name Servers Tab. Verify that your server is listed in Name Servers: listsDNS-Properties-Name-Servers
  3. Open Active Directory Sites and Services; verify that your server is listed in Servers under Default-First-Site-Name.Active-Directory-Sites-and-Services-Default-First-Site-Name


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.