Upgrading Active Directory domain controller & domain functionality level from Windows Server 2003 into 2012 R2 ?

Hi All,

What are the caveats and the pitfalls to avoid when performing the Active Directory domain controller upgrade & raising domain functionality level from Windows Server 2003 into 2012 R2 ?

in my current AD domain, the Exchange Server 2010 SP2 is working without issue communicating with the AD Server 2003.

Thank you in advance.
LVL 11
Senior IT System EngineerSenior Systems EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

We just performed an upgrade this week  from server 2003 to 2013 r2. My advise is upgrade to 2008 first then 2012 works perfectly with no issues and is a safe bet.
Senior IT System EngineerSenior Systems EngineerAuthor Commented:
Ok so in this case what's the operating system ?

Does that 2008 first is the domain functionality level ?
Seth SimmonsSr. Systems AdministratorCommented:
Exchange 2010 SP2 is no longer supported since April and does not support Windows 2012 R2 domain controllers.
Upgrade Exchange to SP3 and at least update rollup 5 (recommend 7 as it's the latest) to support a Windows 2012 R2 AD environment.  you also don't need 2008 as a stepping stone; you can install a 2012 R2 domain controller in a 2003 AD environment

Exchange Server Supportability Matrix

Microsoft Exchange Server 2010 Service Pack 3 (SP3)

Update Rollup 7 For Exchange 2010 SP3 (KB2961522)

Microsoft Exchange Server 2010 Service Pack 2

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

Senior IT System EngineerSenior Systems EngineerAuthor Commented:

Thanks for the reply so in this case I'll need to upgrade the SP2 into SP3 with CU 7 first and then migrate the FSMO role into Windows Server 2012 R2 DC ?

after that demote or decommission the old Windows Server 2003 so that the new Exchange Server 2010 SP3-CU7 can use the new DC/GC setting on WIndows Server 2012 R2 ?
Seth SimmonsSr. Systems AdministratorCommented:
upgrade exchange first before promoting your first 2012 R2 domain controller
once exchange is at SP3 then you can promote your 2012 R2 server

after that demote or decommission the old Windows Server 2003

i would let the 2 domain controllers run together for a little while (perhaps a week) to make sure they are taking to each other ok and replicating.  once that looks good, transfer your FSMO roles and demote.  i would suggest the demote be done after hours just in case exchange has issues.  it shouldn't, but just in case.  if it does have issues, restart the exchange topology service (which, in turn will restart all other exchange services thus a brief outage) and it should be ok after discovering the new domain controller
One gotcha I experienced with a demotion of server 2003 and was that the exchange did not see the new Global catalog server and I had to manually force the new Gc server.   One last thing before demotion I would turn off the old server a a day or so just to make sure that the domain is fully functional with out the old server.
Senior IT System EngineerSenior Systems EngineerAuthor Commented:

So what was the solution to your problem before, in case Exchange Server does not see the new DC/GC ?
I just had to manually specify in exchange that I wanted to to use the new DC as its GC

these were the instructions I followed.

    Start the Microsoft Management Console (MMC) Exchange System Management (ESM) snap-in (Start, Programs, Microsoft Exchange, System Manager).
    In the treeview pane, navigate to Administrative Groups, &ltadministrative group name&gt, Servers.
    Right-click the server and select Properties.
    Select the Directory Access tab.
    From the Show drop-down list, select Global Catalog Servers.
    Clear the "Automatically discover servers" check box.
    Click Yes in the confirmation box.
    Click Add.
    Enter the name of the GC to use.
    Click OK.

Thanks to the below website.
Senior IT System EngineerSenior Systems EngineerAuthor Commented:
Cool, because I assume that after the Exchange Server services restart, it should all picking up the DC/GC within the AD sites.
That is the Theory but in my case it dint. Its just a heads up in case you decommission the old server and exchange stops working. good luck
Seth SimmonsSr. Systems AdministratorCommented:
the exchange topology service should automatically find this
the link armenio posted is for exchange 2003; this is 2010
if this were 2003 i would have suggested that because it is finicky about domain controllers just disappearing but that shouldn't be an issue here
I'm not providing a solution, more of an 'additional' comment(s) in reference to my process.  I'm just wrapping up a migration from 2003 AD to 2012 R2 AD.  Performed several test without incident and have proceeded to move forward with a live migration.  Everything has gone great.  I currently have no 2003 AD Domain controllers and I only have 2012R2 AD Domain controllers.  Users are authenticating, DC's are replicating and Exchange is working...

When I performed my testing, after removing my last 2003 server, I was able to change the forest functionality and domain functionality from 2003 to 2012R2 (The choices were 2008, 2008R2, 2012 and 2012R2).  

Now that I'm in live, when attempting to change the functionality level of both forest and domain, my choices are 2008 or 2008R2.  I currently have 2008 and 2008R2 server in production; however, none of them are Domain controllers.  All of the domain controllers are 2012R2.

Is there something I missed that is not allowing me to change to 2012R2?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.