Andy

Administrator
Creative Team
User ID
1
Joined
7 Jan 2019
Messages
1,121
Reaction score
57
Points
48
A quick walkthrough on how to upgrade or migrate an Active Directory Server.

In this guide, the old server is Windows Server 2008 R2 Standard, and the new server is Windows Server 2016 Essentials.

This guide should work on other Windows Server version as the concept would be pretty much the same.

Firstly, we would install Active Directory (AD) role on the new server.

If AD role can’t be installed, we can safely remove the Active Directory Certificate Services first.

The we would join the new server to the domain.

Then type this on the new domain controller:

C:\Windows\system32> netdom query fsmo
Schema master ws-2008-r2-std.saputra.local
Domain naming master ws-2008-r2-std.saputra.local
PDC ws-2008-r2-std.saputra.local
RID pool manager ws-2008-r2-std.saputra.local
Infrastructure master ws-2008-r2-std.saputra.local
The command completed successfully.


That means all of the domain role still being handled by the old server.

Let’s go to Active Directory Users and Computers

Right click on saputra.local and select Operations Masters

Change operation masters to new server for all RID, PDC, and Infrastructure

After we changed three roles above, the condition should be like this:

C:\Windows\system32> netdom query fsmo
Schema master ws-2008-r2-std.saputra.local
Domain naming master ws-2008-r2-std.saputra.local
PDC ws-2016-ess.saputra.local
RID pool manager ws-2016-ess.saputra.local
Infrastructure master ws-2016-ess.saputra.local

The command completed successfully.


Go to Active Directory Domains and Trusts

On the left pane, right click on Active Directory Domains and Trusts

Select Operations Masters (there’s Raise Forest Functional Level as well, completely optional)

And the role should now become like this:

C:\Windows\system32> netdom query fsmo
Schema master ws-2008-r2-std.saputra.local
Domain naming master ws-2016-ess.saputra.local
PDC ws-2016-ess.saputra.local
RID pool manager ws-2016-ess.saputra.local
Infrastructure master ws-2016-ess.saputra.local
The command completed successfully.


To transfer the last role, type:

C:\Windows\system32> regsvr32 schmmgmt.dll

Then:

C:\Windows\system32> mmc.exe

Load snap-in Active Directory Schema

It will then connect to the old AD server first

Right click ‘Connect to Schema Operations Master’ and select the new server

Then select Operations Master and change the role with the new server:

C:\Windows\system32> netdom query fsmo
Schema master ws-2016-ess.saputra.local
Domain naming master ws-2016-ess.saputra.local
PDC ws-2016-ess.saputra.local
RID pool manager ws-2016-ess.saputra.local
Infrastructure master ws-2016-ess.saputra.local
The command completed successfully.


[Demoting old server]

Obviously, go to the old server;
Use dcpromo.exe, it will say AD is a Global Catalog server;
Go to Active Directory Users and Computers (this can be done from either new server or old server);
Expand the domain and select Domain Controllers;
Select the old server and click on NTDS Settings;
Untick Global Catalog;

And now we should be able to demote the old server.

If you have any questions or comments, feel free to write down below and I would happy to answer 🤓
 
 Short URL:
Back
Top