Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Things to look out for when upgrading from Windows 2008R2 AD to Windows 2012R2 AD

Posted on 2016-08-25
3
Medium Priority
?
98 Views
Last Modified: 2016-08-25
Hello Everyone,
It's been a while since ive done a domain upgrade (from 2003 to 2008 R2).

I've been looking at these sites:

https://technet.microsoft.com/windows-server-docs/identity/ad-ds/deploy/install-active-directory-domain-services--level-100-

http://jackstromberg.com/2013/10/migrating-domain-controllers-from-server-2008-r2-to-server-2012-r2/

to help with the update. I have two new servers that i will be installing Windows 2012 R2 and making them into DC's. I will then uninstall the DC role on the two current ones.

My biggest question is, what should i be aware of when upgrading to a 2012R2 AD? Currently the functional level is 2003. The workstations are Windows 7 and above and only a few 2003 member servers. We also have a few ubuntu servers and sun solaris 11 servers that connect to shares on the network and a few net app filers and overland storage snap servers.

I want to make sure connectivity to the shares will still happen as well as being able to add devices to the AD.

Thank you.
0
Comment
Question by:msidnam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 22

Assisted Solution

by:Joseph Moody
Joseph Moody earned 600 total points
ID: 41770802
There aren't too many pitfalls from what you've read. You can still keep the FFL at 2003. You would probably want to raise it when you get to 2012R2 to take advantage of all of the new stuff (Recycle bin, Fine grain passwords, Microsoft Passport, etc). Nothing too much to worry about there either.

Document everything. Take a DC offline for a short period and make sure that nothing is hard coded to point at that DC. If it is good, you can add a new DC and demote your old one. Continue process.
0
 
LVL 16

Accepted Solution

by:
FOX earned 1400 total points
ID: 41770828
Your situation is pretty straightforward
1. Make sure the new servers are fully patched
2. Add the IP of the 2008r2 domain controller to nic\preferred dns entry on both servers
3. Join both new servers to the domain
4. Promote both domain controllers as additional domain controllers on the domain through the gui or via powershell.  ref link: https://technet.microsoft.com/en-us/library/hh974719(v=wps.630).aspx
5. Add the ip of new domain controllers to preferred dns(each pointing to itself) and add the ips of the other domain controllers as alternate dns entries.
6. from any new domain controller do a netdom query fsmo(elevated command prompt) to verify where your roles are.
7. transfer your roles- from one of the new domain controllers launch powershell(right-click run as administrator) with 2 commands
Import-Module ActiveDirectory
Move-ADDirectoryServerOperationMasterRole -Identity "newDcname" -OperationMasterRole 0,1,2,3,4
ref link: http://www.nogeekleftbehind.com/2013/05/28/powershell-move-ad-fsmo-roles-in-server-2012/
8. verify again after the transfer              netdom query fsmo
9. verify replication- run  the command   Repadmin /replsummary    from each of the new domain controllers
10. If you are using dhcp set the ips of the new domain controllers to be pushed to the dns entries of all workstations
0
 
LVL 2

Author Closing Comment

by:msidnam
ID: 41770860
Thank you both.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question