Migrate Active Directory to Windows 2012 R2 - pt. 1

upgradeadto2012versionpt1_01

Migrating Active Directory to Windows 2012 R2, all Domain Controllers have to be migrated to Server version 2012 R2 following a specific procedure.

The Domain Controllers to migrate are installed with Windows Server 2008 R2 and before begin the procedure, check you have a full working backup of your environment.

 

Blog series

Migrate Active Directory to Windows 2012 R2 - pt. 1
Migrate Active Directory to Windows 2012 R2 - pt. 2
Migrate Active Directory to Windows 2012 R2 - pt. 3

 

Check Domain Controllers health status

Before starting the migration, check DCs health status in order to be sure that current configuration is working with no issues.

To check DCs you can use a simple script to stores the results into files to be further analyzed.

@echo off
cls
echo.
echo ---------------------------
echo Test ACTIVE DIRECTORY
echo ---------------------------
echo.
echo.
echo Testing DNS
echo ---------------------------
dcdiag /TEST:DNS /v >> c:\temp\ad01_dns.txt

echo.
echo.
echo Testing DHCP
echo ---------------------------
netsh dhcp show server >> c:\temp\ad02_dhcp.txt

echo.
echo.
echo Testing Domain Controllers
echo ---------------------------
dcdiag /a /v /c >> c:\temp\ad03_dc.txt

echo.
echo.
echo Testing Replica
echo ---------------------------
repadmin /showrepl >> c:\temp\ad04_replica.txt

echo.
echo.
echo Replica Summary
echo ---------------------------
repadmin /replsummary >> c:\temp\ad05_replica_sum.txt

echo.
echo.
echo Show Replica Errors
echo ---------------------------
repadmin /replsum /errorsonly >> c:\temp\ad06_replica_err.txt
repadmin /options * >> c:\temp\ad07_replica_opt.txt 

pause
exit

How results are displayed running the commands from the Command Prompt.

upgradeadto2012versionpt1_01a

If the tests don't detect any error, the migration can safely begin.

 

Prepare Active Directory Schema

From one of your Domain Controller mount the Server 2012 R2 installation disc using the VMware Web Client.

upgradeadto2012versionpt1_02

Select the Windows Server 2012 R2 installation media then click OK.

upgradeadto2012versionpt1_03

Enable the connection to the CD for the Domain Controller then click OK.

upgradeadto2012versionpt1_04

From the Domain Controller, check the Windows Server 2012 R2 installation media is accessible.

upgradeadto2012versionpt1_05

Open the Command Prompt with administrative privileges and navigate to \support\adprep on the installation media.

D:\>cd \support\adprep

upgradeadto2012versionpt1_06

We need to upgrade the Active Directory Schema version to Windows 2012 R2. Run the command adprep /forestprep.

D:\support\adprep>adprep /forestprep

upgradeadto2012versionpt1_07

Type C to begin the process.

upgradeadto2012versionpt1_08

Now run the command adprep /domainprep.

D:\support\adprep>adprep /domainprep

upgradeadto2012versionpt1_09

To verify if the schema version has been updated successfully, open the Registry Editor and navigate to:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Parameters

The Schema Version REG_WORD value should be 69.

upgradeadto2012versionpt1_10

The Active Directory preparation schema process is now complete.

 

Decommission secondary Windows 2008 R2 DC

From the secondary Domain Controller, click Start > Run and type the command dcpromo.

upgradeadto2012versionpt1_11

The system checks the AD environment.

upgradeadto2012versionpt1_12

When the Installation Wizard window appears, click Next to continue.

upgradeadto2012versionpt1_13

Since this DC has the Global Catalog service installed, before demoting make sure the primary DC has the GC service enabled as well. Click OK.

upgradeadto2012versionpt1_14

To check if the primary DC has the Global Catalog service enable, open Active Directory Sites and Services. Expand Sites and navigate to Default-First-Site-Name > Servers. Right click first DC and select Properties option.

upgradeadto2012versionpt1_15

In General tab check if Global Catalog option is checked. In this example also the primary DC has the GC service enabled.

upgradeadto2012versionpt1_16

DON'T check the Delete the domain because this server is the last domain controller in the domain option and click Next.

upgradeadto2012versionpt1_17

Type the Password for the Local Administrator account then click Next.

upgradeadto2012versionpt1_18

From the Summary window, click Next to begin the operation.

upgradeadto2012versionpt1_19

The Domain Controller is being demoted. Check the Reboot on completion option to restart the server automatically.

upgradeadto2012versionpt1_20

 

Remove roles

After the server has rebooted, access the server Roles from the Server Manager and click Remove Roles.

upgradeadto2012versionpt1_21

The Remove Role Wizard starts. Click Next to continue.

upgradeadto2012versionpt1_22

Clear the check boxes for the roles to remove.

upgradeadto2012versionpt1_23

Click Next when done.

upgradeadto2012versionpt1_24

Click Remove to proceed with removal.

upgradeadto2012versionpt1_25

The removal process is being executed.

upgradeadto2012versionpt1_26

Click Close to exit the Wizard.

upgradeadto2012versionpt1_27

Click Yes to restart the server now.

upgradeadto2012versionpt1_28

After rebooting the server the Configuration Wizard resumes the configuration to complete the removal process.

upgradeadto2012versionpt1_29

Components are being removed from the system.

upgradeadto2012versionpt1_30

When the removal has completed, click Close to exit the Wizard.

upgradeadto2012versionpt1_31

 

Disjoin server from domain

Since the server won't be used anymore, the demoted Domain Controller must be disjoined from domain. From the Server Manager click Change System Properties.

upgradeadto2012versionpt1_32

In Computer Name tab click Change. Select Workgroup option and type a name to assign then click OK to confirm.

upgradeadto2012versionpt1_33

Click OK to continue.

upgradeadto2012versionpt1_34

The server is disjoined from the domain. Click OK.

upgradeadto2012versionpt1_35

Click OK.

upgradeadto2012versionpt1_36

Click Close.

upgradeadto2012versionpt1_37

Since we no longer need this server, click Restart Later.

upgradeadto2012versionpt1_38

Shutdown the server from Start > Shutdown.

upgradeadto2012versionpt1_39

The procedure to decommission the secondary Domain Controller has been completed. Part 2 of the procedure will cover the deployment of new 2012 R2 Domain Controllers transferring the FSMO Roles.

firma