Move 2008 terminal server from domain to new 2012 domain

Posted on 2015-01-06
Medium Priority
Last Modified: 2015-01-12
Hey Guys,
I got a couple of 2008 terminal servers in a 2008 domain I want to move to a new domain, so that I dont have to reinstall the servers, because they contain a lot of programs and settings, that will take time and cost a lot of money to configure from scratch.

The problem is that the new domain is set to 2012 servers only... can I somehow change that so I can have the 2008 servers in there as well ? And how do I move the servers and users so I can keep it as simple as possible ?
I have never moved a server from one domain to another before... I used to reinstall the servers from scratch, but these servers is too heavy, so I'm looking for a easy solution. (Nothing is easy... I know :-) )

Hope some of you have some ideas and suggestion.
Question by:Jesper Andersen
LVL 35

Assisted Solution

it_saige earned 750 total points
ID: 40533499
How is your new domain set to 2012 servers only?  Are you referring to the Forest/Domain Functional Levels?

If this is what you are referring to then you might be misunderstanding the settings.  The Forest/Domain functional levels *only* define the minimum operating system of the Domain Controllers, not member servers.  As I assume your terminal servers are member servers, there will be no problem moving them to the new domain.
Functional levels determine the available Active Directory Domain Services (AD DS) domain or forest capabilities.  They also determine which Windows Server operating systems you can run on domain controllers in the domain or forest. However, functional levels do not affect which operating systems you can run on workstations and member servers that are joined to the domain or forest.

LVL 24

Accepted Solution

VB ITS earned 750 total points
ID: 40533704
The problem is that the new domain is set to 2012 servers only... can I somehow change that so I can have the 2008 servers in there as well ?
Not sure what you mean by this. If you're referring to the domain and forest functional levels then that only really affects the version of Windows installed on Domain Controllers and not Terminal Servers.

For example. if your forest and domain functional levels have been raised to Server 2012 then you can only have Domain Controllers running Windows Server 2012 or Windows Server 2012 R2. Any other server running previous versions of Windows won't be able to be promoted to a DC. This doesn't mean that you can't have Server 2003 or 2008 as member servers though. See this article for more information: http://technet.microsoft.com/library/understanding-active-directory-functional-levels(WS.10).aspx

And how do I move the servers and users so I can keep it as simple as possible?
When you move the Terminal Servers to the new domain, you shouldn't have any issues with the current programs installed unless one or more of those programs rely on databases stored on a different server.

The main problem here will be the user profiles. When you recreate the user accounts on the new domain, they will be given different SIDs. As profiles are connected to SIDs  you will find that when the users log into the Terminal Servers with their recreated accounts they will get brand new profiles. You can try the steps in this article to migrate user profiles manually but you may run into niggling issues down the track.

I would recommend just copying over each user's relevant data (Desktop, Documents, Outlook signature, etc.) and give them a new profile from scratch.

Author Comment

by:Jesper Andersen
ID: 40544090
Hello guys,
Thanks for the suggestions... I had the forest functional levels mixed up, and I will give it a shot. THanks.

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question