I will soon be migrating our AD domain controllers to Server 2016. We have a few DC's in the 1 forest but the one that holds the FSMO also has a lot of other services like DHCP and its a certification authority. I've come up with a very high level list of the process involved, id like to see if I am on the right track by the experts on here. My main concerns are over keeping the same IP and Name as the old DC and moving the certification authority.
The server I'm looking to migrate initially is ADC1
1. Move services to ADC2
a. Move RD Licensing Server
b. Move DHCP (or test if we can use the failover DHCP (ADC3) server)
c. Migrate FSMO roles
2. Backup Certification authority on ADC1
3. Find out what KMS keys are used on ADC1
4. Remove Certification authority services from ADC1
5. Turn off ADC1 and test connectivity and logons.
6. Turn ADC1 back on.
7. Demote ADC1
8. Remove all entries for ADC1 from DNS and AD schema
9. Create new 2016 server (with same IP and name as removed DC) and promote to DC
10. Upgrade forest schema to 2016
11. Install certification authority on new DC and restore from backup
12. Reinstall KMS and keys on new server
13. Move DHCP back to ADC1 and ensure failover is still working to ADC3
14. TEST DNS and AD replication.