[Last Call] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 243
  • Last Modified:

Steps to Upgrade 2003/2008 AD to purely 2008 R2 AD

Hi Experts:

I have a relatively simple network here that I would like to upgrade. Our current system in:

1 Server 2003 AD Controller / DNS called DC1
1 Server 2008 (32) AD Controller / DNS called DC2
We are running at the Server 2003 Functional Level and use static IP.

I recently purchased 2 new 64 bit servers for domain controllers / DNS and would like to use them to upgrade the network to a purely Server 2008 R2 domain. I have a rough plan in place but I need help proofing it and with specific details/commands.

My Rough Plan:

1) After a good backup... On a weekend move all FSMO roles to DC2 (Server 2008 32-bit) and demote DC1 (Server 2003).
2) Upgrade DC2 to Server 2008 Functional Level
3) Run adprep32 / forestprep, adprep32 / domainprep and adprep32 / domainprep / gpprep on DC2 to prepare it for the 2008 R2 servers
4) Install one of my new Server 2008 R2 servers (with same IP as the old DC1) into the domain as a AD controller / DNS server called DC3
5) Wait a few weeks.
6) Move all FSMO roles to DC3
7) Demote DC2 and install the remaining Server 2008 R2 Server as DC4 (with same IP as the old DC2).

That's my plan but I'm concerned that I'm missing a detail or two.



1 Solution
Darius GhassemCommented:
Actually everything looks good

Here is are some other guides to read over as well



Make sure before moving any roles or demotion you run dcdiag to check health of the domain.

Many admins I have helped assumed everything was functioning properly just because everything was running with any user complaints but didn't run a dcdiag to actually make sure the systems were running properly
Mike KlineCommented:
When you demote DC1 and DC2 I'd also change their IP after demotion so that you don't run into any conflicts when you try and reuse those IP addresses.

In your small network I'm guessing this will not be an issue but just for others that may come across this if you have apps that are hard coded to use DC1 or DC2 by name then change those....bad apps if those still exist.

You don't have to wait a few weeks in step 5 but it is ok if you want to take your time.

Good luck and nice job going to 2008 R2.


Your plan is looks like fine.

Install one of my new Server 2008 R2 servers (with same IP as the old DC1) into the domain as a AD controller / DNS server called DC3
If everything is went well gracefully then you are OK with the above step. In case of forcefully, you need to perform metadata cleanup to remove failed DC object from AD, DNS and AD SITE.

Abhijit Waikar.
yaklabAuthor Commented:

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now