Solved

Upgrading Domain Controller to Server 2012

Posted on 2013-06-06
6
521 Views
Last Modified: 2013-06-07
We are upgrading the hardware of our Domain Controller which is Server 2008 (not R2).  We only have one DC in our domain.  What I plan to do is this...

-Install Server 2012 on new server
-Promote new server running Server 2012 to Domain Controller
-Demote old domain controller on Server 2008

Would this be the right sequence?  Will there be an issue going from Active Directory 2008 to 2012?  Anything I need to be aware of?  Do I first need to migrate AD to 2012?
0
Comment
Question by:bpl5000
6 Comments
 
LVL 16

Assisted Solution

by:uescomp
uescomp earned 50 total points
ID: 39227027
In short, yes.

Join the 2012 server, make sure to delegate all the FSMO roles, promote the new 2012 and demote the 2008.
0
 
LVL 17

Assisted Solution

by:Brad Bouchard
Brad Bouchard earned 100 total points
ID: 39227097
Your steps you described are in perfect order.

You will first:

1)  Create your new 2012 server and get it up-to-date but don't promote it yet (technically you can't)
2)  You no longer need to run adprep on another DC from the 2012 folder that is on the CD/ISO because 2012 preps things for you.
3)  Add AD DS role to your 2012 server
4)  Run DCPROMO or promot this server to a DC from the Server Manager

Once you're done, transfer all FSMO roles to your new DC.
http://www.petri.co.il/transferring_fsmo_roles.htm

After that, decomission your old DC by running DCPROMO on it.  Removing DNS will happen on it too at this time.

You should be good to go, however remember to go manually update any statically set IP addresses with the new information and update your DHCP server with the new server name/IP.
0
 
LVL 18

Assisted Solution

by:sarang_tinguria
sarang_tinguria earned 50 total points
ID: 39227846
A tiny but important thing is to configure new 2012 server as a authoritative domain controller

Follow below article applies to 2012 also

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_10789-Time-Service-Configuration.html
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 9

Accepted Solution

by:
Zenvenky earned 300 total points
ID: 39228594
Yes, you are doing it right way. Agree with other experts, however let me tell you how you shall complete it.

1. Install 2012 on a machine and make it member server.
2. change the DNS pointings over NIC  and make sure it is pointing to 2008 DC.
3. Now Run DCDiag in verbose mode and check the AD health on 2008DC, fix them if you see any tests failed.
4. Promote 2012 as DC to the domain, this process will tak care of schema update (you shall have domain and enterprise admin permissions to do it).
5. Wait for replication to happen (atleast 2 hours).
6. If everything is fine, then transfer FSMO roles to 2012DC.
7. Change DNS pointings and make preferred DNS as itslef.
8. Make 2012DC as authoritative Time Server as Sarang mentioned.
9. Again wait for atleast 3 hours to check DC's health as your's a single DC environment.
10. If everything is fine, then demote 2008DC.
11. You can do itfrom ADUC, just select 2008DC and delete this will complete the metadata cleanup.
12. Go to sites and service and delete 2008DC's entries.
13. In DNS console delete 2008DC's entries.
14. Take complete backup of 2012DC using Windows Server Backup (SystemState).
15. You are DONE.

Reference:

DNS Best Practices

Authoritative Time Server
0
 
LVL 5

Author Comment

by:bpl5000
ID: 39228839
I should have asked this before, but will there be any downtime?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39229188
Not if you do it right.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now