[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 111
  • Last Modified:

Things to look out for when upgrading from Windows 2008R2 AD to Windows 2012R2 AD

Hello Everyone,
It's been a while since ive done a domain upgrade (from 2003 to 2008 R2).

I've been looking at these sites:

https://technet.microsoft.com/windows-server-docs/identity/ad-ds/deploy/install-active-directory-domain-services--level-100-

http://jackstromberg.com/2013/10/migrating-domain-controllers-from-server-2008-r2-to-server-2012-r2/

to help with the update. I have two new servers that i will be installing Windows 2012 R2 and making them into DC's. I will then uninstall the DC role on the two current ones.

My biggest question is, what should i be aware of when upgrading to a 2012R2 AD? Currently the functional level is 2003. The workstations are Windows 7 and above and only a few 2003 member servers. We also have a few ubuntu servers and sun solaris 11 servers that connect to shares on the network and a few net app filers and overland storage snap servers.

I want to make sure connectivity to the shares will still happen as well as being able to add devices to the AD.

Thank you.
0
msidnam
Asked:
msidnam
2 Solutions
 
Joseph MoodyBlogger and wearer of all hats.Commented:
There aren't too many pitfalls from what you've read. You can still keep the FFL at 2003. You would probably want to raise it when you get to 2012R2 to take advantage of all of the new stuff (Recycle bin, Fine grain passwords, Microsoft Passport, etc). Nothing too much to worry about there either.

Document everything. Take a DC offline for a short period and make sure that nothing is hard coded to point at that DC. If it is good, you can add a new DC and demote your old one. Continue process.
0
 
FOXActive Directory/Exchange EngineerCommented:
Your situation is pretty straightforward
1. Make sure the new servers are fully patched
2. Add the IP of the 2008r2 domain controller to nic\preferred dns entry on both servers
3. Join both new servers to the domain
4. Promote both domain controllers as additional domain controllers on the domain through the gui or via powershell.  ref link: https://technet.microsoft.com/en-us/library/hh974719(v=wps.630).aspx
5. Add the ip of new domain controllers to preferred dns(each pointing to itself) and add the ips of the other domain controllers as alternate dns entries.
6. from any new domain controller do a netdom query fsmo(elevated command prompt) to verify where your roles are.
7. transfer your roles- from one of the new domain controllers launch powershell(right-click run as administrator) with 2 commands
Import-Module ActiveDirectory
Move-ADDirectoryServerOperationMasterRole -Identity "newDcname" -OperationMasterRole 0,1,2,3,4
ref link: http://www.nogeekleftbehind.com/2013/05/28/powershell-move-ad-fsmo-roles-in-server-2012/
8. verify again after the transfer              netdom query fsmo
9. verify replication- run  the command   Repadmin /replsummary    from each of the new domain controllers
10. If you are using dhcp set the ips of the new domain controllers to be pushed to the dns entries of all workstations
0
 
msidnamAuthor Commented:
Thank you both.
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now