troubleshooting Question

Migrate Active Directory Server 2003 to Active Directory Server 2016

Avatar of Fabio Rosiglioni
Fabio Rosiglioni asked on
SoftwareWindows XPWindows OSDHCPInstallation
26 Comments3 Solutions141 ViewsLast Modified:
I have to migrate the windows 2003 32bit servers (yes I know, it was time!) with domain controller role to the windows 2016 64bit servers. I have read several documents on the procedure to follow. But I would like a confirmation on the procedure to follow according to my reality.

    1 domain (named (GF.local)
      1 Active directory
        3 sites (named C, F, V), in 3 different subnet connected by VPN
          6 servers (named AD1, AD2, AD3, AD4, AD5, AD6), 2 servers each site (AD1,AD2 in C; AD3, AD4 in F; AD5, AD6 in V)
            All servers 2003 all servers provide DNS, WINS, DHCP, AD services:
              Servers AD1, AD2 provide DNS, WINS, DHCP, AD services to the subnet in site C
                Servers AD3, AD4 provide DNS, WINS, DHCP, AD services to the subnet in site F
                  Servers AD5, AD6 provide DNS, WINS, DHCP, AD services to the subnet in site V
                    AD1 server is the primary domain controller (Operation Masters Role)
                      Other servers:
                        3 files server Win 2003 Standard edition (1 in each site)
                          2 app server Win 2019 (site C)
                          o      2 SQL server Win 2008 (site C)
                            2 RDP server Win 2008 (site C)
                              1 Oracle server Win 2008R2 (site C)
                                1 linus server (site V)
                                  Clients:
                                    Windows 10 Pro
                                      Windows 7 Pro
                                        Windows XP Pro (Sp2 & Sp3)

                                        I thought of following this procedure:
                                        Step 1. Install 6 new Windows Servers 2016, 2 for each site. (named DC1, DC2, DC3, DC4, DC5, DC6).
                                        Step 2. Assign the new IP Address in Servers 2016.
                                        Step 3. Join all new Windows Servers 2016 to AD 2003 Domain.
                                        Step 4. Login to Servers 2016 with the Domain Administrator account.
                                        Step 5. Raise the Domain & Forest Functional Levels on AD Server 2003.
                                        Q: Do I have to perform this procedure on all 2003 servers or is it sufficient on the primary domain controller?
                                        Step 6. Add Active Directory Domain Services to Server 2016. I do it for all new servers.
                                        Step 7. Promote Server 2016 to Domain Controller. I do it for all new servers.
                                        Step 8. Transfer the Operation Masters Role to Server 2016 . From AD1 (2003) to DC1 (2016).
                                        Step 9. Change the Active Directory Domain Controller to Server 2016. From AD1 (2003) to DC1 (2016).
                                        Step 10. Change the Domain Naming Master to Server 2016. From AD1 (2003) to DC1 (2016).
                                        Step 11. Change the Schema Master to Server 2016. From AD1 (2003) to DC1 (2016).
                                        Step 12. Verify that all FSMO Roles have transferred to Server 2016.
                                        Step 13. Remove Server 2003 from Global Catalog.
                                        Q: Do I have to perform this procedure on all 2003 servers or is it sufficient on the primary domain controller?
                                        Step 14. Change the Preferred DNS Address on Servers 2003 to match Server's 2016 IP.
                                        AD1, AD2 > DC1;
                                        AD3, AD4 > DC3;
                                        AD5, AD6 > DC5;
                                        Step 15. Demote Server 2003 from Domain Controller. (all servers 2003)
                                        Step 16. Change static IP addresses on servers 2003 and servers 2016, assigning new IP addresses to old 2003 servers and previously used IP addresses to 2016 servers. This in order not to have to reconfigure all the devices with static IP (not in DHCP).
                                        Step 17. Login to Active Directory 2016 from the Workstations.
                                        Q: Do I have to finish the whole procedure for all servers before connecting with workstations or can I also connect during the procedure?
                                        Step 18. (Optional) Remove all Servers 2003 from the Domain & Network.

                                        The clients are for 90% windows 10 Pro, 9% windows 7 Pro and for 1% windows XP Pro SP3 and 2 (I can't update these machines because they have industrial software dedicated to laboratory equipment.)
                                        Q: Do XP computers work in a domain with DC windows server 2016?

                                        Q: Should I expect something else?


                                        Fabio
                                        ASKER CERTIFIED SOLUTION
                                        Hello ThereSystem Administrator
                                        Join our community to see this answer!
                                        Unlock 3 Answers and 26 Comments.
                                        Start Free Trial
                                        Learn from the best

                                        Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

                                        Andrew Hancock - VMware vExpert
                                        See if this solution works for you by signing up for a 7 day free trial.
                                        Unlock 3 Answers and 26 Comments.
                                        Try for 7 days

                                        ”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

                                        -Mike Kapnisakis, Warner Bros