Link to home
Start Free TrialLog in
Avatar of Robert Ehinger
Robert EhingerFlag for United States of America

asked on

How Do I Migrate Server Settings and Data

Our school is currently running Windows Server 2008 R2 Enterprise. We purchased a new server and want to upgrade to Windows Server 2012 R2. I would like to migrate all of our settings and data from the old server to the new one. I have already created a Windows Server Migration Tools deployment folder on the destination server. From there I seem to be stuck. I see these articles talking about powershell Commands but when I try to run them on the source server I get syntax errors.
Windows Server 2021 R2 is installed and activated and online. It is not yet raised to a Domain Controller as I was not sure at what point to do that since we are still using the original server. I want to have to the one ready to deploy over the long 4th of July weekend.

Any advice would be greatly appreciated.

Thank you.
Avatar of Robert Ehinger
Robert Ehinger
Flag of United States of America image


Sorry, I misspoke. We are going from Windows Server 2008 R2 Enterprise to Windows Server 2016.
Avatar of Paul MacDonald
If you plan to make one of the new servers a domain controller, that should be one of the first things you do.  Remove the old domain controller last, if possible.

You'll have to describe the rest of the work you want to accomplish if you need help doing it.
You really ought to install 2019. Patching is so much faster. Microsoft will be releasing a new version of Windows soon, so it isn't like 2019 isn't stable.

Are you visualizing? There's basically no technical circumstance where running bare metal is preferred. The license includes the right to run two Windows Server VMs on the same hardware. 

What does the existing server do? That will dictate the steps needed.

Most cut over can be done overnight or weekend, but you should start staging data sooner. Don't wait until the holiday weekend to start.

You should check to see if FRS is still being used, and migrate to DFSR if needed.

I can go to 2019 but was reluctant because of migrating from 2008. The current server is the Domain Controller with the following roles, DHCP Server, DNS Server, Print and Document Server, Active Directory Domain Services, File Services, Network Policy, and Access Services, Remote Desktop Services, Web Server (IIS), and Web Server Update Services. It is the only server on the school network.
If I run dfsrmig /getmigrationstate from an administrator command prompt on my 2008 server I get the following message - 

The current domain functional level is not Windows Server 2008 or above.
DFSRMig is only supported on Windows Server 2008 or above level domains.
What next? 
Update domain and forest functional levels to 2008 R2.

You can migrate to 2019.

You should virtualize. IIS and RDP should not be on a DC. Are you even using RDP services?

OK. I did that and now the message i get when running
dfsrmig /getmigrationstate is

DFSR migration has not yet initialized.
set global state to desired value.
Follow the steps to do the migration to DFSR. 
It is easier if you could generally enumerate what you have.

First thing, confirm that your sysvol is using DFS-R replication.

Then are you using Domain based file shares, DFS or you are using server based share.

Here is the caveate, you can setup DFS-R to copy the file shares as they exist from your current server to a share on the new server as an alternative to using robocopy in stages/squence...... until you are ready to cut it over.

presetting the destiantion folders for rights, etc...

DHCP prestaging deals with excluding a block of IPs into an 80/20 such that the two can coexist without colliding.

When ready, you can exclude more on the old, and unexclude/release more on the new....

you can have as many DCs as you need. Often, you should have at least two for a single location, this way should one have a hardware failure, the environment can continue to operate without a hitch.
Redundancy for AD, from DNS, DHCP,....
domain and forest functional levels have been Updated to 2008 R2.

DFSR migration has not yet initialized.
set global state to desired value.
I have no idea how to set the global state or what the desired value is. I assume I am needing to do this on my 2008 R2 server?
it would be helpful to know what you initialized with DFSR. are you setting up the replicaiton group to copy data from this system to the other using DFSR?...
sysvol migration.
@Arnold, OP is migrating SYSVOL FRS to DFSR right now.
I followed the steps to migrate to DFSR on my Server 2008 R2 server. Everything appears to be OK. There were no errors. Now what?
What is the scope of the data that you have on your existing system that you need to migrate?
You can use DFS management and setup replication groups between the share/folders you have as the reference and the destination system where you want this data.
The DFS-replication will handle the synchronization of the data..

you can promote the 2012 as another DC. add DNS
The new server is 2019. Will that make a differenct?

I want to migrate Active Directory, my profiles folder, downloads etc. 
Since you migrated the sysvol from ntfrs to DFS-r, I would not have issues with joining the 2019 as another DC..

Without knowing where or how these folders are arranged, it is hard to answer the question.

IF these items are part of your roaming/folder redirection setup. using DFS-R is one option to get the shares copied out.

If these are local profiles .. the issue becomes more complex.

Need more detail on what exactly the setup is and what you are trying to achieve.
Personally, there are way to many options  to provide discrete answers to cover all.

you could look at coverting local profiles if that is the case into roaming profiles that copied them out to a share ....
We use roaming profiles.
I want to migrate all my Active Directory settings.
Also, once complete I want to make the new server my DHCP, DNS and Print server as well as the main domain controller. 
The AD setting or computer GPO For roaming profike uses a servername ir the domainname where the profile share is?

Or domain

While on the DC point to the same location, and can be changed without impacting the user.

Try it on one user, or setup a test user.
Then change their AD profile location.
Once you use domain based path, the data transfer can be facilitated by dfs-R, and publishing the share dfs management, you can then add targets, servers that have the data, and adjust weight to prefer one versus the other.
I.e. Define the new as the preferred target. To slowly and transperant lo the users.

DNS, nothing is needed here as AD integrated zone are replicated and made available on DC addition.

Print server, ypu would need to add the printers and then publish them to the same GPO as your current ones are using. GPP to alter selection make sure to use the same driver versions to avoid causing user issues, or update drivers ...

DHCP is simpler in a way.

You could export the DHCP reservation from the current.
You can then setup the scope and configure DHCP on the new without authorizing it.

You can have both running and operating by making sure they do not allocate the same  IP to different systems, this is achieved by using exclusion blocks
Current DC exclude a block of IPs from the current allocation block, while on the new DHCP, this is the only IP range the new server can allocate.

Right-click on the DHCP server in the DHCP management and get properties, it has a conflict detection mechanism. Deals with delaying a response from the new DHCP which will allow the current one to respond forst to a request for an IP.

The DHCP also has detection, but deals with being able to ping
By default ms Windows firewall commonly has ping, echo-request blocked. ...

The promotion of the new DC to prinary is straight forward,
Properties of sites and services, to gracefully transfer fsmo roles.
While trying to promote the new 2019 server to domain controller status I get this message - "The Active Directory Domain Services Installation Wizard has been relocated to Server Manager.
I have not been able to get the new 2019 server promoted to a DC. Please advise.
in server manager add roles. ad ds or better yet, use powershell

Not sure I understand.
in server manager add the additional roles AD DS,

This might be more helpful that me trying to describe the steps you have to go through.
OK, here is what I have accomplished so far -
  1. I promoted the new 2019 server to a domain controller
  2. Verified the replication between the two servers
  3. Transferred FSMO roles from 2008 R2 server to 2019 server
  4. Transfer data from 2008 R2 server to 2019 server 
Now my question is (and I am a bit nervous about this) how and when do I deploy the 2019 server as the main DC handling DNS, printers etc?
You transferred the FSMO roles and the DNS is what worries you?

run nslookup IP_address_of_the_new_dc.
update the DHCP server scope options to add the new DC into the name server distribution set.

Not sure why you are nervous about the DNS.

Did you configure the DNS on the new DC with the same inclination as you have setup the 2008?
i.e. do you have forwarders defined on the 2008, do you want to include the same forwarders on the 2019.

as long as the DNS is running on the 2019, and you see the root hints populated. not sure what the concern is.
No, the DHCP is what worries me. 
That is the simplest things. What is the issue?

you have a SCOPe A take a block of IPs from being allocated by the existing .
limit the new DHCP to only allocate this IP range.
and now you have two DHCPs that can coexist.
THe one you want to respond last, you can within the DHCP server properties, conflict detect delay the response it will send.

you can use netsh to export (dump) the current data from the existing. and then use the static section to load it into the new DHCP.
note you can configure the new DHCP as long as you need.
The DHCP will only allocate IPs after it is authorized.
OK, I really appreciate your help. I have imported DHCP settings to the new server and stopped the DHCP service on the old server. I have a few more questions -
  1. Can I give the new server the same IP address after changing it on the old one?
  2. Will I need to change all the profiles to point to the new server name? The previous server name was schoolserver and the new one is schoolserver2019. Profiles pointed to \\schoolserver\profiles\username.
  3. Will the printers all need to be remapped and redeployed?
Thank you.
OK, I really appreciate your help. I have imported DHCP settings to the new server and stopped the DHCP service on the old server. I have a few more questions -
  1. Can I give the new server the same IP address after changing it on the old one?
  2. Will I need to change all the profiles to point to the new server name? The previous server name was schoolserver and the new one is schoolserver2019. Profiles pointed to \\schoolserver\profiles\username.
  3. Will the printers all need to be remapped and redeployed?
Thank you.

1. I always do.
2. Yes. I prefer to point to a DFS Namespace, so you never have to change the path again. Instead of pointing to \\schoolserver\profiles\username , point to \\\DFS\profiles\%username% . That can be a permanent UNC path, even as you change servers in the future. I have the same UNC paths in use from 2006, when the original file servers were Windows 2000. Now they're Window 2012 R2/2016/2019. IP addresses of file servers have changed, names have changed, etc. but the UNC path remains the same.
3. Yes. I use GPO preferences to delete old printers.
I usually avoid reusing the same IP as it is unnecessary. The DHCPDiscovery packet each client sends is to locate the available DHCP server/s.
The Server when the DHCPDiscovery packet is received responds to with its own IP.
reusing the IP is a one way trip.
I tend to setup the replacemetn, and split the scope to have one allocate IPS the other does not,
This way I avoid the issue as I have both the old and the new running at the same time.

For DNS, it is a more complex issue dealing with servers that have static IPs.
netsh can be used to update name servers....

IMHO, since the DFS option, using DFS based naming convention simplifies things.
THe DFS can have only one target.
DFS-Replication provides for a way to get data copied from one server to the new one while preserving ownership, as well as synchronization.
i.e. manual, you have to run the copy several times to make sure they are in-sync ...

as to the printers, much depends on which method you are using
GPO to push the pinters
GPP to designate user printer?

you could possibly have to add the printers to the new server, vbscript and powershell scripts I think exists that can help extract the instaleld printers on one, and then set them up on the new...
similar with shares.
Here's my argument of using the same IP for new DCs.
  • It's actually trivial to do, and is easily reversible. I have had to reverse on several occasions.
  • If you have any remote DHCP scopes going through DHCP relay, it avoids the need to reconfigure the DHCP relay agents. The bigger your network, the bigger that task.
  • It avoids having to reconfigure the DHCP scopes for new DNS servers.
  • It avoids reconfiguring any statically assigned DNS server on equipment such as servers, firewalls, switches, routers, printers, UPS, postage machines, etc.
  • It avoids needing to reconfigure NTP on devices such as routers, firewalls, switches, VMware hosts, etc.
  • It avoids the need to reconfigure internal segmentation and network perimeter firewalls.
  • If you use NPS, it prevents the need to reconfigure all of that too, and all of the clients.
If I needed to retire the IP address of a DC and move to a new one I would need to change thousands of settings across several hundreds of pieces of equipment. It would take weeks. I can swap the IP address of two DCs in minutes.
Scope and scale.
Certain things are scriptable. Many newer implementations of rpurers, switched, VPN concentrator include distribution..
Potentially in a large scale environment redundancies exist, I.e. Two servers that provide coverage.

As you note, much depends on the circumstance.
Reusing ip, reusing name?
Sorry I haven't returned to this sooner. I think I have everything migrated from Server 2008 to Server 2019. My last question would be, how do I know which is my main domain controller?
Avatar of arnold
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
There is no such thing as a main domain controller in AD. You might consider a specific DC your main one, but there is no such concept in AD.
Main, presumably deals with the DC that currently holds the FSMO roles.
Actually, all roles have been transferred and are on both servers. I have switch dhcp to the 2019 server. 
What is left?