Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users
Course Of The Month
7 days, 13 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Replacing two 2008 R2 Domain Controllers with 2012 R2
Posted on 2014-12-22
Hi,
I have been tasked with Replacing our 2008R2 Domain Controllers with 2012 Domain Controllers. I say replace because the 2008 will not be an in-place upgrade.
As of this moment. I have :
- created two new 2012 servers - Patched them up - upgraded vmware tools etc ( yes they are virtual - VMWARE ).
And thats about where i sit.. haha
I was looking for assistance from people who have upgraded / replaced their DC's. Better yet : DOCS perhaps they ahve followed. I understand each business is unique.. and now docs will work for everyone. There's so much out there Im not sure which docs to trust ..etc.
I have found this :
http://blogs.technet.com/b/canitpro/archive/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-2003-network.aspx
However questions enter my head of - when do I make the 2012 servers actual domain controllers. Do I eventually give them the same Computer name as the ones I will be replacing - when is it safe to remove the 'old / currently used' domain controllers. How do i know everything has been transferred over etc ( granted this will be different for everyone ).
I have been tasked with Replacing our 2008R2 Domain Controllers with 2012 Domain Controllers. I say replace because the 2008 will not be an in-place upgrade.
As of this moment. I have :
- created two new 2012 servers - Patched them up - upgraded vmware tools etc ( yes they are virtual - VMWARE ).
And thats about where i sit.. haha
I was looking for assistance from people who have upgraded / replaced their DC's. Better yet : DOCS perhaps they ahve followed. I understand each business is unique.. and now docs will work for everyone. There's so much out there Im not sure which docs to trust ..etc.
I have found this :
http://blogs.technet.com/b/canitpro/archive/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-2003-network.aspx
However questions enter my head of - when do I make the 2012 servers actual domain controllers. Do I eventually give them the same Computer name as the ones I will be replacing - when is it safe to remove the 'old / currently used' domain controllers. How do i know everything has been transferred over etc ( granted this will be different for everyone ).
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
4 Comments
Here is a guide on adding your first 2012 DC
http://blogs.technet.com/b/askpfeplat/archive/2012/09/03/introducing-the-first-windows-server-2012-domain-controller.aspx
http://blogs.technet.com/b/askpfeplat/archive/2012/09/03/introducing-the-first-windows-server-2012-domain-controller.aspx
Active today
You don't rename the DC's. What you first must do is make sure that the domain is prepared for the introduction of Server 2012. In previous versions, this meant running ADPREP on the current FSMO holder for the (Schema Operations Master and Infrastructure Operations Master). In most situations these roles are on the same server.
http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx
One advantage of Server 2012, is that adding the Active Directory role to the server, takes care of this for you. Now your next concern is the matter of Forest/Domain functional levels. If they are, at a minimum, Server 2003, then you are fine.
http://technet.microsoft.com/library/understanding-active-directory-functional-levels(WS.10).aspx
Once you have verified all of the above, then it becomes a matter of verifying replication (not really that difficult of a task) and ensuring that you transfer the FSMO roles to your new 2012 DC.
Verifying Replication - http://technet.microsoft.com/en-us/library/cc736355(v=ws.10).aspx
Transfer FSMO roles - http://support.microsoft.com/KB/255690
It now just comes to a matter of services (DNS and DFS are practically taken care of as they are AD integrated), DHCP, Time Service, etc.
-saige-
http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx
One advantage of Server 2012, is that adding the Active Directory role to the server, takes care of this for you. Now your next concern is the matter of Forest/Domain functional levels. If they are, at a minimum, Server 2003, then you are fine.
http://technet.microsoft.com/library/understanding-active-directory-functional-levels(WS.10).aspx
Once you have verified all of the above, then it becomes a matter of verifying replication (not really that difficult of a task) and ensuring that you transfer the FSMO roles to your new 2012 DC.
Verifying Replication - http://technet.microsoft.com/en-us/library/cc736355(v=ws.10).aspx
Transfer FSMO roles - http://support.microsoft.com/KB/255690
It now just comes to a matter of services (DNS and DFS are practically taken care of as they are AD integrated), DHCP, Time Service, etc.
-saige-
Active today
before you do anything, i would run dcdiag on both servers to make sure there are no issues with each other
also need to make sure anything with static IP addresses is configured to use the new domain controllers for DNS
for dhcp, you can migrate the database
Migrate DHCP Server to Windows Server 2012 R2
http://technet.microsoft.com/en-us/library/dn495425.aspx
and whichever 2012 server holds the PDC emulator role, need to configure that as the time server
How to configure an authoritative time server in Windows Server
https://support2.microsoft.com/kb/816042/en-us
also need to make sure anything with static IP addresses is configured to use the new domain controllers for DNS
for dhcp, you can migrate the database
Migrate DHCP Server to Windows Server 2012 R2
http://technet.microsoft.com/en-us/library/dn495425.aspx
and whichever 2012 server holds the PDC emulator role, need to configure that as the time server
How to configure an authoritative time server in Windows Server
https://support2.microsoft.com/kb/816042/en-us
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Active Directory security has been a hot topic of late, and for good reason. With
90%
of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Are you ready to implement Active Directory best practices without reading 300+ pages?
You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month7 days, 13 hours left to enroll
729 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.