Upgrading Domain Controllers from 2008r2 to 2012r2

Posted on 2013-12-04
Last Modified: 2013-12-04
I would like to upgrade my two 2008 R2 Domain Controllers to 2012 R2, and I would like to know any special steps or considerations I should take.

Environment Specifics
•      There are two DC’s, both running 2008 R2
•      My Domain and Forest functional level are 2008 R2
•      Both servers are GC and DNS servers
•      One of them has all the FSMO roles
o      It also is our sole DHCP server
o      It also is our only NTP server
•      I don’t do anything with Certificate Services or WSUS

Specific Questions
•      Should I go through 2012 first?
•      Should I upgrade the one that doesn’t have the FSMO roles first?
•      What kind of downtime should I plan for?

Thank you in advance,

Question by:silver1386
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Assisted Solution

Krokodili earned 125 total points
ID: 39695779
To perform an in-place upgrade of a computer that has the AD DS role installed, you must first use the command-line commands Adprep.exe /forestprep and Adprep.exe /domainprep to prepare the forest and domain. An in-place operating system upgrade does not perform automatic schema and domain preparation.
Adprep.exe is included on the installation media in the \Support\Adprep folder. There are no additional configuration steps after that point, and you can continue to run the Windows Server 2012R2 operating system upgrade.

To upgrade the operating system of a Windows Server 2008R2 domain controller to Windows Server 2012R2, perform the following steps:
1. Insert the installation disk for Windows Server 2012R2, and then run Setup.
2. After the language selection page, click Install now.
3. After the operating system selection window and the license acceptance page, in the Which type of installation do you want? window, click Upgrade: Install Windows and keep files, settings, and apps.

Note: With this type of upgrade, there is no need to preserve users’ settings and reinstall
applications; everything is upgraded in place. Remember to check for hardware and software compatibility before performing an upgrade.
LVL 37

Assisted Solution

Mahesh earned 250 total points
ID: 39695794
You can go directly to 2012 R2 active directory, 2012 server is not required.

Only You need to ensure that account used for upgrading schema is having schema admins and domain admins group membership

You can upgrade AD schema from 2008 R2 member server as well provided that you have installed ADDS tools on that and you can reach to domain controller having schema master role over network

There is no downtime required for this activity
Once your ADC is deployed, you can transfer roles and change appropriate DNS on clients \ servers and can then easily demote Dc without downtime

LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 125 total points
ID: 39696073
As stated you can in fact do an in-place upgrade from 2008R2 to 2012R2. I would also beware that when you are doing this you will need be required to have new CALS for all of the users you have authenticating. This can be a huge cost if you have a significate amount of users. So althought the upgrade path is fairly strightforward make sure that you have the proper licensing in place to accomidate this upgrade.

Take a look at the below link for more info...

LVL 37

Accepted Solution

Mahesh earned 250 total points
ID: 39696111
its always recommended to have schema upgraded 1st, then have a 2012 R2 member server  promoted to 2012 R2 domain controller unless you lack of server hardware.
This is the safest way to upgrade.


Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question