If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.
COURSE of the MONTH
9 days, 19 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Replacing two 2008 R2 Domain Controllers with 2012 R2
Posted on 2014-12-22
Hi,
I have been tasked with Replacing our 2008R2 Domain Controllers with 2012 Domain Controllers. I say replace because the 2008 will not be an in-place upgrade.
As of this moment. I have :
- created two new 2012 servers - Patched them up - upgraded vmware tools etc ( yes they are virtual - VMWARE ).
And thats about where i sit.. haha
I was looking for assistance from people who have upgraded / replaced their DC's. Better yet : DOCS perhaps they ahve followed. I understand each business is unique.. and now docs will work for everyone. There's so much out there Im not sure which docs to trust ..etc.
I have found this :
http://blogs.technet.com/b/canitpro/archive/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-2003-network.aspx
However questions enter my head of - when do I make the 2012 servers actual domain controllers. Do I eventually give them the same Computer name as the ones I will be replacing - when is it safe to remove the 'old / currently used' domain controllers. How do i know everything has been transferred over etc ( granted this will be different for everyone ).
I have been tasked with Replacing our 2008R2 Domain Controllers with 2012 Domain Controllers. I say replace because the 2008 will not be an in-place upgrade.
As of this moment. I have :
- created two new 2012 servers - Patched them up - upgraded vmware tools etc ( yes they are virtual - VMWARE ).
And thats about where i sit.. haha
I was looking for assistance from people who have upgraded / replaced their DC's. Better yet : DOCS perhaps they ahve followed. I understand each business is unique.. and now docs will work for everyone. There's so much out there Im not sure which docs to trust ..etc.
I have found this :
http://blogs.technet.com/b/canitpro/archive/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-2003-network.aspx
However questions enter my head of - when do I make the 2012 servers actual domain controllers. Do I eventually give them the same Computer name as the ones I will be replacing - when is it safe to remove the 'old / currently used' domain controllers. How do i know everything has been transferred over etc ( granted this will be different for everyone ).
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
4 Comments
Here is a guide on adding your first 2012 DC
http://blogs.technet.com/b/askpfeplat/archive/2012/09/03/introducing-the-first-windows-server-2012-domain-controller.aspx
http://blogs.technet.com/b/askpfeplat/archive/2012/09/03/introducing-the-first-windows-server-2012-domain-controller.aspx
Active today
You don't rename the DC's. What you first must do is make sure that the domain is prepared for the introduction of Server 2012. In previous versions, this meant running ADPREP on the current FSMO holder for the (Schema Operations Master and Infrastructure Operations Master). In most situations these roles are on the same server.
http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx
One advantage of Server 2012, is that adding the Active Directory role to the server, takes care of this for you. Now your next concern is the matter of Forest/Domain functional levels. If they are, at a minimum, Server 2003, then you are fine.
http://technet.microsoft.com/library/understanding-active-directory-functional-levels(WS.10).aspx
Once you have verified all of the above, then it becomes a matter of verifying replication (not really that difficult of a task) and ensuring that you transfer the FSMO roles to your new 2012 DC.
Verifying Replication - http://technet.microsoft.com/en-us/library/cc736355(v=ws.10).aspx
Transfer FSMO roles - http://support.microsoft.com/KB/255690
It now just comes to a matter of services (DNS and DFS are practically taken care of as they are AD integrated), DHCP, Time Service, etc.
-saige-
http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx
One advantage of Server 2012, is that adding the Active Directory role to the server, takes care of this for you. Now your next concern is the matter of Forest/Domain functional levels. If they are, at a minimum, Server 2003, then you are fine.
http://technet.microsoft.com/library/understanding-active-directory-functional-levels(WS.10).aspx
Once you have verified all of the above, then it becomes a matter of verifying replication (not really that difficult of a task) and ensuring that you transfer the FSMO roles to your new 2012 DC.
Verifying Replication - http://technet.microsoft.com/en-us/library/cc736355(v=ws.10).aspx
Transfer FSMO roles - http://support.microsoft.com/KB/255690
It now just comes to a matter of services (DNS and DFS are practically taken care of as they are AD integrated), DHCP, Time Service, etc.
-saige-
Active today
before you do anything, i would run dcdiag on both servers to make sure there are no issues with each other
also need to make sure anything with static IP addresses is configured to use the new domain controllers for DNS
for dhcp, you can migrate the database
Migrate DHCP Server to Windows Server 2012 R2
http://technet.microsoft.com/en-us/library/dn495425.aspx
and whichever 2012 server holds the PDC emulator role, need to configure that as the time server
How to configure an authoritative time server in Windows Server
https://support2.microsoft.com/kb/816042/en-us
also need to make sure anything with static IP addresses is configured to use the new domain controllers for DNS
for dhcp, you can migrate the database
Migrate DHCP Server to Windows Server 2012 R2
http://technet.microsoft.com/en-us/library/dn495425.aspx
and whichever 2012 server holds the PDC emulator role, need to configure that as the time server
How to configure an authoritative time server in Windows Server
https://support2.microsoft.com/kb/816042/en-us
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Compliance and data security require steps be taken to prevent unauthorized users from copying data. Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility.
Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller.
Log onto the new domain controller with a user account t…
Suggested Courses
Course of the Month9 days, 19 hours left to enroll
762 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.