Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why
Replacing two 2008 R2 Domain Controllers with 2012 R2
Hi,
I have been tasked with Replacing our 2008R2 Domain Controllers with 2012 Domain Controllers. I say replace because the 2008 will not be an in-place upgrade.
As of this moment. I have :
- created two new 2012 servers - Patched them up - upgraded vmware tools etc ( yes they are virtual - VMWARE ).
And thats about where i sit.. haha
I was looking for assistance from people who have upgraded / replaced their DC's. Better yet : DOCS perhaps they ahve followed. I understand each business is unique.. and now docs will work for everyone. There's so much out there Im not sure which docs to trust ..etc.
I have found this :
http://blogs.technet.com/b/canitpro/archive/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-2003-network.aspx
However questions enter my head of - when do I make the 2012 servers actual domain controllers. Do I eventually give them the same Computer name as the ones I will be replacing - when is it safe to remove the 'old / currently used' domain controllers. How do i know everything has been transferred over etc ( granted this will be different for everyone ).
I have been tasked with Replacing our 2008R2 Domain Controllers with 2012 Domain Controllers. I say replace because the 2008 will not be an in-place upgrade.
As of this moment. I have :
- created two new 2012 servers - Patched them up - upgraded vmware tools etc ( yes they are virtual - VMWARE ).
And thats about where i sit.. haha
I was looking for assistance from people who have upgraded / replaced their DC's. Better yet : DOCS perhaps they ahve followed. I understand each business is unique.. and now docs will work for everyone. There's so much out there Im not sure which docs to trust ..etc.
I have found this :
http://blogs.technet.com/b/canitpro/archive/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-2003-network.aspx
However questions enter my head of - when do I make the 2012 servers actual domain controllers. Do I eventually give them the same Computer name as the ones I will be replacing - when is it safe to remove the 'old / currently used' domain controllers. How do i know everything has been transferred over etc ( granted this will be different for everyone ).
Asked:
3 Solutions
You don't rename the DC's. What you first must do is make sure that the domain is prepared for the introduction of Server 2012. In previous versions, this meant running ADPREP on the current FSMO holder for the (Schema Operations Master and Infrastructure Operations Master). In most situations these roles are on the same server.
http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx
One advantage of Server 2012, is that adding the Active Directory role to the server, takes care of this for you. Now your next concern is the matter of Forest/Domain functional levels. If they are, at a minimum, Server 2003, then you are fine.
http://technet.microsoft.com/library/understanding-active-directory-functional-levels(WS.10).aspx
Once you have verified all of the above, then it becomes a matter of verifying replication (not really that difficult of a task) and ensuring that you transfer the FSMO roles to your new 2012 DC.
Verifying Replication - http://technet.microsoft.com/en-us/library/cc736355(v=ws.10).aspx
Transfer FSMO roles - http://support.microsoft.com/KB/255690
It now just comes to a matter of services (DNS and DFS are practically taken care of as they are AD integrated), DHCP, Time Service, etc.
-saige-
http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx
One advantage of Server 2012, is that adding the Active Directory role to the server, takes care of this for you. Now your next concern is the matter of Forest/Domain functional levels. If they are, at a minimum, Server 2003, then you are fine.
http://technet.microsoft.com/library/understanding-active-directory-functional-levels(WS.10).aspx
Once you have verified all of the above, then it becomes a matter of verifying replication (not really that difficult of a task) and ensuring that you transfer the FSMO roles to your new 2012 DC.
Verifying Replication - http://technet.microsoft.com/en-us/library/cc736355(v=ws.10).aspx
Transfer FSMO roles - http://support.microsoft.com/KB/255690
It now just comes to a matter of services (DNS and DFS are practically taken care of as they are AD integrated), DHCP, Time Service, etc.
-saige-
before you do anything, i would run dcdiag on both servers to make sure there are no issues with each other
also need to make sure anything with static IP addresses is configured to use the new domain controllers for DNS
for dhcp, you can migrate the database
Migrate DHCP Server to Windows Server 2012 R2
http://technet.microsoft.com/en-us/library/dn495425.aspx
and whichever 2012 server holds the PDC emulator role, need to configure that as the time server
How to configure an authoritative time server in Windows Server
https://support2.microsoft.com/kb/816042/en-us
also need to make sure anything with static IP addresses is configured to use the new domain controllers for DNS
for dhcp, you can migrate the database
Migrate DHCP Server to Windows Server 2012 R2
http://technet.microsoft.com/en-us/library/dn495425.aspx
and whichever 2012 server holds the PDC emulator role, need to configure that as the time server
How to configure an authoritative time server in Windows Server
https://support2.microsoft.com/kb/816042/en-us
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
http://blogs.technet.com/b/askpfeplat/archive/2012/09/03/introducing-the-first-windows-server-2012-domain-controller.aspx