Solved

Things to look out for when upgrading from Windows 2008R2 AD to Windows 2012R2 AD

Posted on 2016-08-25
3
87 Views
Last Modified: 2016-08-25
Hello Everyone,
It's been a while since ive done a domain upgrade (from 2003 to 2008 R2).

I've been looking at these sites:

https://technet.microsoft.com/windows-server-docs/identity/ad-ds/deploy/install-active-directory-domain-services--level-100-

http://jackstromberg.com/2013/10/migrating-domain-controllers-from-server-2008-r2-to-server-2012-r2/

to help with the update. I have two new servers that i will be installing Windows 2012 R2 and making them into DC's. I will then uninstall the DC role on the two current ones.

My biggest question is, what should i be aware of when upgrading to a 2012R2 AD? Currently the functional level is 2003. The workstations are Windows 7 and above and only a few 2003 member servers. We also have a few ubuntu servers and sun solaris 11 servers that connect to shares on the network and a few net app filers and overland storage snap servers.

I want to make sure connectivity to the shares will still happen as well as being able to add devices to the AD.

Thank you.
0
Comment
Question by:msidnam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 22

Assisted Solution

by:Joseph Moody
Joseph Moody earned 150 total points
ID: 41770802
There aren't too many pitfalls from what you've read. You can still keep the FFL at 2003. You would probably want to raise it when you get to 2012R2 to take advantage of all of the new stuff (Recycle bin, Fine grain passwords, Microsoft Passport, etc). Nothing too much to worry about there either.

Document everything. Take a DC offline for a short period and make sure that nothing is hard coded to point at that DC. If it is good, you can add a new DC and demote your old one. Continue process.
0
 
LVL 16

Accepted Solution

by:
FOX earned 350 total points
ID: 41770828
Your situation is pretty straightforward
1. Make sure the new servers are fully patched
2. Add the IP of the 2008r2 domain controller to nic\preferred dns entry on both servers
3. Join both new servers to the domain
4. Promote both domain controllers as additional domain controllers on the domain through the gui or via powershell.  ref link: https://technet.microsoft.com/en-us/library/hh974719(v=wps.630).aspx
5. Add the ip of new domain controllers to preferred dns(each pointing to itself) and add the ips of the other domain controllers as alternate dns entries.
6. from any new domain controller do a netdom query fsmo(elevated command prompt) to verify where your roles are.
7. transfer your roles- from one of the new domain controllers launch powershell(right-click run as administrator) with 2 commands
Import-Module ActiveDirectory
Move-ADDirectoryServerOperationMasterRole -Identity "newDcname" -OperationMasterRole 0,1,2,3,4
ref link: http://www.nogeekleftbehind.com/2013/05/28/powershell-move-ad-fsmo-roles-in-server-2012/
8. verify again after the transfer              netdom query fsmo
9. verify replication- run  the command   Repadmin /replsummary    from each of the new domain controllers
10. If you are using dhcp set the ips of the new domain controllers to be pushed to the dns entries of all workstations
0
 
LVL 2

Author Closing Comment

by:msidnam
ID: 41770860
Thank you both.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question