Step by Step Domain Migration Windows Server 2008 to ... · migrate to Windows Server 2012 R2...
Transcript of Step by Step Domain Migration Windows Server 2008 to ... · migrate to Windows Server 2012 R2...
Step by Step Domain
Migration Windows
Server 2008 to
Windows Server 2012
Hussain Shakir
LinkedIn: https://www.linkedin.com/in/mrhussain
Twitter: https://twitter.com/hshakir_ms
Blog: http://mstechguru.blogspot.com/
Table of Contents About Author ........................................................................................................................................ 3
Product Overview .................................................................................................................................. 4
Windows Server 2008 R2 VM Properties for DC ................................................................................. 4
TCP/IP Configurations on VM.............................................................................................................. 5
Assumptions: - ....................................................................................................................................... 5
View FSMO Roles Status in Windows Server 2008 ............................................................................. 6
Preparing Existing Forest Via Adprep .................................................................................................. 6
Schema Upgrade Process ...................................................................................................................... 8
Schema Version Verification ................................................................................................................ 9
Promoting the Windows Server 2012 Server Domain Controller ....................................................... 10
Verficiation of FSMO Roles on Each DC ............................................................................................. 14
Transferring the RID, PDC emulator and Infrastructure Master Roles ............................................. 15
Transfer domain naming master role .................................................................................................. 18
Transfer Schema Master Role ............................................................................................................. 20
About Author
Shakir is IT Consultant with over 13 years of extensive experience working with Microsoft
Technologies AD, Exchange, O365, Windows Azure, PowerShell, Skype for Business, SQL,
SharePoint and Microsoft public clouds, and providing solutions to different local &
international Enterprise customers.
Shakir has been involved in Infrastructure Designing and Implementation, Virtualization, and
Disaster Recovery. Extensive hands-on experience in Core Server Infrastructure, Cloud
Computing, Virtualization/ Management and Information Protection. Analysis and Support of
Microsoft Windows Server based Client / Server network, AD, Messaging, Skype for Business,
SQL Always ON, Virtualization and System Center Infrastructure Products. Shakir has various
industry certifications: MCT, MCTS, MCITP, MCSA, MCSE: Messaging, MCPS, MCSE:
Cloud Platform and Infrastructure and also providing trainings on Microsoft Based
Technologies.
Product Overview
Active Directory is one of the most widely used services on enterprise networks. In addition to
providing basic authentication and authorization services, Active Directory enables so many
other capabilities that its popularity is no surprise.
Most of the people are still running Windows Server 2008 in the network and wants to safely
migrate to Windows Server 2012 R2 edition. Windows Server 2012 R2 adds some significant
new features to both Active Directory Domain Services (AD DS).
In this step by step guide we will walk through the simple procedure to migrate Windows Server
2008 R2 to Windows Server 2012 R2 Active Directory domain controller in a lab network.
Windows Server 2008 R2 VM Properties for DC
I am using VMware Workstation for this migration, also using Samsung SSD 850 PRO 1 TB for
all labs, you can run a DC with 512 MB of RAM only with SSD or event less than 512 MB
RAM.
TCP/IP Configurations on VM
Static IP will be used for TCP/IP configuration, your IP will be used as preferred DNS server.
Assumptions: -
It is assumed that you have already up and running Windows Server 2008 R2 as Domain
Controller in your network and you are looking for the migration to Windows Server 2012 R2.
As a precaution, complete a full backup of your existing Windows Server 2008 R2 Domain
Controller.
View FSMO Roles Status in Windows Server 2008
Preparing Existing Forest Via Adprep
Adprep.exe is a command-line tool that is included on the installation disk of each version of
Windows Server. Adprep.exe performs operations that must be completed on the domain
controllers that run in an existing Active Directory environment before you can add a domain
controller that runs that version of Windows Server.
Insert the Windows Server 2012 DVD into the DVD drive of the Windows Server 2008
R2 AD DS.
Schema Upgrade Process
Check the Schema version of AD DS (After adprep) by running regedit, navigating to
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Par
ameters and noting the current Schema version.
Open command prompt, and type adprep /forestprep and press enter.
You can see the Adprep process has initiated.
At this point Adprep completed the upgrade process successfully.
Schema Version Verification
Let’s again check the registry value for schema version
As you can see the schema version has been updated from 47 to 69.
Promoting the Windows Server 2012 Server Domain Controller
Add AD DS role in Windows Server 2012 R2 and Promote your server as ADC.
Select first option to add your Windows Server 2012 R2 in to your existing domain which is
Windows Server 2008 R2.
Provide DSRM password and click on Next.
Click Next to Continue
For replication you can select Windows Server 2008 R2 Domain Controller for replication and
click Next.
After this step server will reboot and you can check the status of your ADC.
Verficiation of FSMO Roles on Each DC
FMSO Status on Windows Server 2012 R2
You can see that all FSMO roles are currently with DC2008 Server which is our Old DC having
runnning Windows Server 2008 R2.
FMSO Status on Windows Server 2008 R2
Transferring the RID, PDC emulator and Infrastructure
Master Roles
As the first step let’s look how we can transfer these 3 roles over to new server.
1. Log in to the windows 2012 R2 server as domain administrator
2. Click on Server Manager > Tools > Active Directory Users and Computers as shown
below
In MMC, right click on the domain name then click on Operation Masters
In next window, it will show the 3 FSMO roles. The default is PDC. At this screen, it will show
the current PDC holder. Then it is asking if need to change it to new windows 2012 r2 server
click on Change.
You can see RID Operation Master role is with DC2008 Server.
You can see PDC Operation Master role is with DC2008 Server.
You can see Infrastructure Operation Master role is with DC2008 Server.
Let’s transfer one by one all roles. Click on Change and then Click on Yes.
Click Ok to continue.
You can see the RID Operation Master role has been transferred to DC2012 from DC2008.
We will follow the same procedure to transfer PDC and Infrastructure Operation Master role. I
am not showing screenshot of PDC and Infrastructure Master role.
Transfer domain naming master role
1. Log in to the windows 2012 R2 server as domain administrator
2. Click on Server Manager > Tools > Active Directory Domains and Trusts
You can see Domain Naming Master role is still with DC2008
Click Change and Click Yes Ok
Domain Naming Master roles has successfully transferred to DC2012.
At this point we have successfully transfer 4 FSMO roles.
Transfer Schema Master Role
1. Log in to the windows 2012 R2 server as domain administrator
2. Open the Run window in server (Windows key + R) and type regsvr32 schmmgmt.dll
and press enter
1. Click ok to continue
You can check status of roles untill now by netdom query fsmo, you can see except Schema
Master all roles are transferred to DC2012.
2. Open the Run window again, type mmc and click OK
Click Ok
Then in mmc window click on File > Add-Remove Snap-in
Then from snap in select Active Directory Schema and click on the Add button
Click on the Ok button to continue
Then right click Active Directory Schema and click Change Active Directory Domain
Controller
In Next window select the windows server 2012 R2 DC (DC2012.mstechguru.blogspot.ae) and
click ok
An information message is provided. Click OK to continue
Right click Active Directory Schema > Operation Master
At this point its showing the current schema master role holder
(DC2008.mstechguru.blogspot.ae) and its asking if we need to move it to windows server 2012
R2 (DC2012.mstechguru.blogspot.ae). Click Change to move the role over.
Click Change and Click Yes to continue
Click Ok
The current schema master will now display windows server 2012 R2 as
DC2012.mstechguru.blogspot.ae
Now we successfully move all FSMO roles one by one. To confirm all 5 FSMO roles have been
moved over to the new windows server 2012 R2, open command prompt in any server and type
command netdom query fsmo and press enter.