Solved

Windows Domain Controller -- upgrade ?

Posted on 2014-07-25
5
211 Views
Last Modified: 2014-08-10
What articles do you recommend for a "Windows 2003 to 2012" domain controller update ?

http://technet.microsoft.com/library/hh994618.aspx
0
Comment
Question by:finance_teacher
  • 2
  • 2
5 Comments
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 125 total points
ID: 40220062
Do you mean 2003 to 2012 R2?

I'd start with this one:
http://blogs.technet.com/b/askds/archive/2014/07/23/it-turns-out-that-weird-things-can-happen-when-you-mix-windows-server-2003-and-windows-server-2012-r2-domain-controllers.aspx

And I'd suggest using downgrade rights and upgrade the DC to 2008 R2 instead in order to get rid of the 2003 DCs first.  Even if the above article wasn't a problem, you're jumping 5 versions if you're going 2003 (pre R2) to 2012 R2 and for me, it feels more comfortable going 2-3 versions not 5.  (I'd just have more confidence in the process because keep in mind, your network has evolved differently from my network and that fact that I may not have any issues doesn't mean you won't.
0
 
LVL 11

Assisted Solution

by:NetoMeter Screencasts
NetoMeter Screencasts earned 250 total points
ID: 40221075
Right now, there is an issue when you mix 2003 and 2012 R2 Domain Controllers - everybody is talking about this on the Internet:

http://blogs.technet.com/b/askds/archive/2014/07/23/it-turns-out-that-weird-things-can-happen-when-you-mix-windows-server-2003-and-windows-server-2012-r2-domain-controllers.aspx

You need to apply one of the three workarounds or if you are not pressed on time, wait for the hotfix to be released. A lot of people hit this issue and open support cases with Microsoft, so i guess the hotfix will be released quite soon.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 40221390
Wow,,, you completely missed my comment NetoMeter?
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 125 total points
ID: 40221457
I see no problem in just doing it.  Add the new one to the domain, promote it, add the IP of the new one as second DNS server entry at the clients. Test it, then demote the old one and set the new one's IP as first DNS server at the clients.
If you are afraid, stage it in a virtual test environment. But I don't see what one should be afraid off. All that is done to the old one is a schema upgrade.

The (double-)linked article shows a problem, but it is unlikely to even happen if you don't run the old and the new together for just a short while as computer account passwords are changed only every 30 days. But to make sure, you could adjust that time by GPO to, say, 60 days and so you will be able to test (running both old and new together) for a whole month (and then you can reset that policy) http://technet.microsoft.com/en-us/library/jj852252(v=ws.10).aspx
0
 
LVL 11

Assisted Solution

by:NetoMeter Screencasts
NetoMeter Screencasts earned 250 total points
ID: 40221628
Lee, I apologize for the double posting. I got under the impression that you are providing a link with instructions about the upgrade and figured out that it's the same link post-factum.

If it's a small environment and no co-existence is required - just one old 2003 DC with nothing else that's needed on it, I would agree with McKnife.

In real life, usually you need to have coexistence and move additional services like DHCP (with the scopes and leases), file shares, applications etc.

If this is the case, I would rather go with:
- Option 1: for a small network - get the list of machines with expiring passwords and reset the passwords manually.
- Option 2 or 3: for a large number of clients.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AD and Exchnage 2010 Photos 3 41
Trust relationship when doing server upgrades 3 42
Windows 2012 R2 CA Migrating to SHA256 7 37
How does ADMT SID History work? 1 23
Resolve DNS query failed errors for Exchange
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question