Migrate Active Directory from Windows Server 2008 R2 to Windows Server 2012 R2 – Part 1

In this post I will document the steps I took to migrate a customer Active Direct from Windows 2008 R2 to Windows 2012 R2.

Prerequisites

  1. Complete a full backup of your existing server.
  2. Check the Schema version of AD DS by running regedit, navigating to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Parameters and noting the current Schema version.
  3. Verify that your AD is working properly.
  4. Prepare a new Windows Server 2012 R2 that will host the AD DS services.

Step 1: Preparing your existing forest via the adprep command

  1. Insert the Windows Server 2012 DVD into the DVD drive of the Windows Server 2008 R2 Domain Controller.
  2. Open command prompt and execute the command cd d:\support\adprepWindows-Server-2012-R2-support-adprep-folder
  3. Type adprep /forestprep and press enter. Type C and then press Enteradprep-forestprepadprep-forestprep-success
  4. Execute the following command: adprep /domainprep adprep-domainprep
  5. Check the Schema version of AD DS by running regedit, navigating to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Parameters and noting the current value of the key. Schema version should be 69regedit-schema-version
  6. Demote and decommission secondary domain controller
  • Click Start, Run…
  • Type dcpromo and click OK
  • Click Next > on the Welcome page
  • If the domain controller has the global catalog service, make sure your primary DC also has the service enabled and click OK.  This can be done by opening up Active Directory Sites and Services and viewing the services for each domain controller.
  • Make sure the Delete this domain because this server is the last domain controller in the domain is UNCHECKED, and click Next >
    Active-Directory-Domain-Services-Installation-Wizard-Delete-the-domain-because-this-server-is-the-last-domain-controller-in-the-domain
  • Type in a new password to be used for the Local Administrator account the machine will contain after it is demoted.
  • Click Next on the Summary page
  • Check the Reboot on completion box to restart the server after the service has been removed
    Active-Directory-Domain-Services-Installation-Wizard-Reboot-on-completion
  • Log back into the DC upon reboot and open up Server Manager
  • Remove Roles from Server
  • Disjoin the machine from the domain

Step 2: Promoting the Windows Server 2012 Server domain controller

  1. At this point, you should have one Server 2008 R2 Domain Controller and a blank Server 2012 R2 machine joined to the domain ready for the Active Directory services.
  2. Start Server Manager on your new Server 2012 R2 machine.
  3. Select Manage in the top right and select Add Roles and Features
  4. Click Next on the Before you begin screen
    Add-Roles-and-Features-Wizard-Before-you-begin
  5. Click Next > on the Select installation type screen
    Add-Roles-and-Features-Wizard-Select-installation-type
  6. Ensure your new server is selected and click Next >
    Add-Roles-and-Features-Wizard-Select-destination-server
  7. Check the box next to Active Directory Domain Services
    Add-Roles-and-Features-Wizard-Select-server-roles
  8. Click the Add Features button
    Add-Roles-and-Features-Wizard-Add-features-that-are-required-for-Active-Directory-Domain-Services-Dialog
  9. Click Next >
    Add-Roles-and-Features-Wizard-Select-server-roles-Active-Directory-Domain-Services-Checked
  10. Click Next >
    Add-Roles-and-Features-Wizard-Active-Directory-Domain-Services
  11. Check the box that says Restart the destination server automatically if required

    Add-Roles-and-Features-Wizard-Confirm-installation-selections
  12. Click the Install button
    Add-Roles-and-Features-Wizard-Confirm-installation-selections-restart
  13. Once the install is done, click the Close button
    Add-Roles-and-Features-Wizard-Installation-progress
  14. Next, head back to the Server Manager screen and select the warning icon with the flag; then select Promote this server to a domain controller.
    Server-Manager-Promote-this-server-to-a-domain-controller
  15. On the Deployment Configuration page, make sure Add a domain controller to an existing domain is checked and hit Next >
    Active-Directory-Domain-Services-Configuration-Wizard-Deployment-Configuration
  16. Check Domain Name System (DNS) server, Check Global Catalog (GC), and uncheck Read only domain controller (RODC).  Enter a strong password to be used to access Directory Services Restore Mode and click Next >
    Active-Directory-Domain-Services-Configuration-Wizard-Domain-Controller-Options
  17. Click Next > on the DNS Options page
    Active-Directory-Domain-Services-Configuration-Wizard-DNS-Options
  18. Click Next > on the Additional Options page, or if you would like, you can manually select a domain controller to replicate data from and then hit Next >.
    Active-Directory-Domain-Services-Configuration-Wizard-Additional-Options
  19. Click Next > on the Paths page
    Active-Directory-Domain-Services-Configuration-Wizard-Paths
  20. Click Next > on the Review Options page
    Active-Directory-Domain-Services-Configuration-Wizard-Review-Options
  21. Click Install on the Prerequisites Check page
    Active-Directory-Domain-Services-Configuration-Wizard-Prerequisites-Check

Step 3: Verify the new Windows Server 2012 Domain Controller

  1. Open Active Directory Users and Computers, expand <Your Domain> and click the Domain Controller OU to verify your server is listed.Active-Directory-Users-and-Computers-Domain-Controllers
  2. Open DNS Manager, right-click on <Your Domain>, select Properties and then click Name Servers Tab. Verify that your server is listed in Name Servers: listsDNS-Properties-Name-Servers
  3. Open Active Directory Sites and Services; verify that your server is listed in Servers under Default-First-Site-Name.Active-Directory-Sites-and-Services-Default-First-Site-Name

 

Leave a Reply

Your email address will not be published. Required fields are marked *