{"id":12648,"date":"2015-05-06T10:00:00","date_gmt":"2015-05-06T08:00:00","guid":{"rendered":"http:\/\/nolabnoparty.com\/?p=12648"},"modified":"2015-05-05T08:24:19","modified_gmt":"2015-05-05T06:24:19","slug":"migrate-active-directory-to-windows-2012-r2-pt-3","status":"publish","type":"post","link":"https:\/\/nolabnoparty.com\/en\/migrate-active-directory-to-windows-2012-r2-pt-3\/","title":{"rendered":"Migrate Active Directory to Windows 2012 R2 - pt. 3"},"content":{"rendered":"<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"upgradeadto2012versionpt3_01\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_01.jpg\" alt=\"upgradeadto2012versionpt3_01\" width=\"602\" height=\"202\" border=\"0\" \/><\/p>\n<p>Final steps to migrate Active Directory to Windows 2012 R2 include the decommission of the first 2008 R2 DC migrating the DHCP to the new Windows Server 2012 R2 .<\/p>\n<p>If the old Domain Controller is acting also as DHCP server, the DHCP role should be migrated to the new server 2012 R2 in order to keep same settings.<\/p>\n<p><!--more--><\/p>\n<p>&nbsp;<\/p>\n<h2>Blog series<\/h2>\n<p><a title=\"Migrate Active Directory to Windows 2012 R2 \u2013 pt. 1\" href=\"https:\/\/nolabnoparty.com\/en\/migrate-active-directory-to-windows-2012-r2-pt-1\/\">Migrate Active Directory to Windows 2012 R2 - pt. 1<\/a><br \/>\n<a title=\"Migrate Active Directory to Windows 2012 R2 \u2013 pt. 2\" href=\"https:\/\/nolabnoparty.com\/en\/migrate-active-directory-to-windows-2012-r2-pt-2\/\">Migrate Active Directory to Windows 2012 R2 - pt. 2<\/a><br \/>\nMigrate Active Directory to Windows 2012 R2 - pt. 3<\/p>\n<p>&nbsp;<\/p>\n<h2>Export DHCP settings<\/h2>\n<p>If your primary old Domain Controller has the DHCP role installed, before the decommission we need to <strong>migrate the DHCP configuration<\/strong> to the new 2012 R2 server.<\/p>\n<p>Login to the Windows Server 2012 R2 previously deployed (DC01) and open the <strong>PowerShell<\/strong> shell.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_02\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_02.jpg\" alt=\"upgradeadto2012versionpt3_02\" width=\"600\" height=\"333\" border=\"0\" \/><\/p>\n<p>Run the following command to <strong>export DHCP settings<\/strong>:<\/p>\n<blockquote><p>Export-DhcpServer \u2013ComputerName server.domain.com -Leases -File path\\dhcpconfig.xml -verbose<\/p><\/blockquote>\n<p><span style=\"color: #400080;\">PS C:\\&gt; Export-DhcpServer \u2013ComputerName w2k8r2-dc01.nolabnoparty.local -Leases -File C:\\temp\\dhcpconfig.xml -verbose<\/span><\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_03\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_03.jpg\" alt=\"upgradeadto2012versionpt3_03\" width=\"600\" height=\"333\" border=\"0\" \/><\/p>\n<p>Exit the PowerShell. The exported <strong>dhcpconfig.xml<\/strong> file contains the configuration of current DHCP server.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_04\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_04.jpg\" alt=\"upgradeadto2012versionpt3_04\" width=\"600\" height=\"330\" border=\"0\" \/><\/p>\n<p>&nbsp;<\/p>\n<h2>Decommission last 2008 R2 Domain Controller<\/h2>\n<p>To decommission the last 2008 R2 Domain Controller, we have to follow the <strong>same procedure<\/strong> used in <a title=\"Migrate Active Directory to Windows 2012 R2 \u2013 pt. 1\" href=\"https:\/\/nolabnoparty.com\/en\/migrate-active-directory-to-windows-2012-r2-pt-1\/\" target=\"_blank\">part 1 -\u00a0Decommission secondary Windows 2008 R2 DC<\/a>.<\/p>\n<p>From the Windows 2008 R2 Domain Controller run the <strong>dcpromo<\/strong> command and follow the steps to demote the server.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_05\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_05.jpg\" alt=\"upgradeadto2012versionpt3_05\" width=\"503\" height=\"476\" border=\"0\" \/><\/p>\n<p><strong>Deploy a new 2012 R2 server<\/strong> and promote it as Domain Controller following the same procedure used in <a title=\"Migrate Active Directory to Windows 2012 R2 \u2013 pt. 2\" href=\"https:\/\/nolabnoparty.com\/en\/migrate-active-directory-to-windows-2012-r2-pt-2\/\" target=\"_blank\">part 2 - Deploy the first Windows 2012 R2 DC<\/a>.<\/p>\n<p>DON'T check the <strong>Delete the domain because this server is the last domain controller in the domain<\/strong> option and click <strong>Next\u00a0<\/strong>to proceed.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"upgradeadto2012versionpt3_06\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_06.jpg\" alt=\"upgradeadto2012versionpt3_06\" width=\"503\" height=\"476\" border=\"0\" \/><\/p>\n<p>Click <strong>Yes<\/strong> to continue.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"upgradeadto2012versionpt3_07\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_07.jpg\" alt=\"upgradeadto2012versionpt3_07\" width=\"413\" height=\"230\" border=\"0\" \/><\/p>\n<p>Type a <strong>Password<\/strong> then click <strong>Next<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"upgradeadto2012versionpt3_08\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_08.jpg\" alt=\"upgradeadto2012versionpt3_08\" width=\"503\" height=\"476\" border=\"0\" \/><\/p>\n<p>Click <strong>Next<\/strong> to start demoting the Windows 2008 R2 Domain Controller.<\/p>\n<p><img decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin: 0px auto; display: block; padding-right: 0px; border-width: 0px;\" title=\"upgradeadto2012versionpt3_09\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_09.jpg\" alt=\"upgradeadto2012versionpt3_09\" width=\"503\" height=\"476\" border=\"0\" \/><\/p>\n<p>The demoting process takes place. The server reboots automatically.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_10\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_10.jpg\" alt=\"upgradeadto2012versionpt3_10\" width=\"437\" height=\"306\" border=\"0\" \/><\/p>\n<p>When the server has rebooted, remove demoted DC from the domain.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_11\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_11.jpg\" alt=\"upgradeadto2012versionpt3_11\" width=\"327\" height=\"384\" border=\"0\" \/><\/p>\n<p>Check the computer has been disabled in Active Directory.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_12\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_12.jpg\" alt=\"upgradeadto2012versionpt3_12\" width=\"600\" height=\"420\" border=\"0\" \/><\/p>\n<p>This server won't be used anymore, shutdown the VM.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_13\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_13.jpg\" alt=\"upgradeadto2012versionpt3_13\" width=\"430\" height=\"154\" border=\"0\" \/><\/p>\n<p>If you want to<strong> keep same IP address<\/strong>\u00a0of old Domain Controller, change the IP in the new Windows 2012 R2 Domain Controller. When done, <strong>reboot the VM<\/strong>.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_14\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_14.jpg\" alt=\"upgradeadto2012versionpt3_14\" width=\"414\" height=\"462\" border=\"0\" \/><\/p>\n<p>When the server has restarted, from <strong>Server Manager<\/strong> select <strong>Tools &gt; Active Directory Users and Computers<\/strong>. Expand the domain name and select <strong>Domain Controllers<\/strong>. In the right pane the new Domain Controller shows up.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_15\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_15.jpg\" alt=\"upgradeadto2012versionpt3_15\" width=\"600\" height=\"420\" border=\"0\" \/><\/p>\n<p>To verify the DNS functionality, from <strong>Server Manager<\/strong> select <strong>Tools &gt; DNS<\/strong>. Expand the <strong>server name<\/strong> and <strong>Forward Lookup Zones<\/strong>. Right click the domain name and select <strong>Properties<\/strong>. Ensure DC is listed in the <strong>Name Servers<\/strong> tab.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_16\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_16.jpg\" alt=\"upgradeadto2012versionpt3_16\" width=\"414\" height=\"497\" border=\"0\" \/><\/p>\n<p>&nbsp;<\/p>\n<h2>Import DHCP settings<\/h2>\n<p>If your primary Domain Controller has the DHCP role installed, we need to <strong>restore the DHCP configuration<\/strong> previously exported from the old 2008 R2 server to keep leases consistency.<\/p>\n<p>Login to the Windows 2012 R2 (DC01) and open the <strong>PowerShell<\/strong> shell.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_17\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_17.jpg\" alt=\"upgradeadto2012versionpt3_17\" width=\"600\" height=\"292\" border=\"0\" \/><\/p>\n<p>Run the following command to <strong>import DHCP settings<\/strong>:<\/p>\n<blockquote><p>Import-DhcpServer \u2013ComputerName server.domain.com -Leases -File path\\dhcpconfig.xml -BackupPath C:\\temp\\dhcp_backup\\ -verbose<\/p><\/blockquote>\n<p><span style=\"color: #400080;\">PS C:\\&gt;<\/span><span style=\"color: #400080;\">Import-DhcpServer -ComputerName w12r2-dc01.nolabnoparty.local -Leases -File C:\\temp\\dhcpconfig.xml -BackupPath C:\\temp\\dhcp_backup\\ -verbose<\/span><\/p>\n<p>Type <strong>Y<\/strong> to proceed with import.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_18\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_18.jpg\" alt=\"upgradeadto2012versionpt3_18\" width=\"600\" height=\"284\" border=\"0\" \/><\/p>\n<p>The configuration is imported.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_19\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_19.jpg\" alt=\"upgradeadto2012versionpt3_19\" width=\"600\" height=\"441\" border=\"0\" \/><\/p>\n<p>Open the DHCP snap-in, right click the server name and select <strong>Authorize<\/strong> option.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_20\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_20.jpg\" alt=\"upgradeadto2012versionpt3_20\" width=\"600\" height=\"391\" border=\"0\" \/><\/p>\n<p>The <strong>imported scope is now active<\/strong>\u00a0on the new 2012 R2 server.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_21\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_21.jpg\" alt=\"upgradeadto2012versionpt3_21\" width=\"600\" height=\"391\" border=\"0\" \/><\/p>\n<p>The migration procedure is complete. Check the Active Directory <strong>health status<\/strong> running same script used at the beginning of the migration to be sure no issues are detected.<\/p>\n<p>&nbsp;<\/p>\n<h2>Troubleshooting<\/h2>\n<p>A common issue faced during the migration is the <strong>missing SYSVOL and NETLOGON <\/strong>shares in the new 2012 R2 DCs after their promotion.<\/p>\n<p>Check the shares availability using the command:<\/p>\n<p><span style=\"color: #0000a0;\">C:\\&gt;net share<\/span><\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_22\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_22.jpg\" alt=\"upgradeadto2012versionpt3_22\" width=\"600\" height=\"304\" border=\"0\" \/><\/p>\n<p>To fix this problem is necessary to force an <strong>authoritative and non-authoritative synchronization<\/strong> for replicated SYSVOL. Several\u00a0procedures\u00a0are available in Internet to guide you through the synchronization process.<\/p>\n<p><img decoding=\"async\" style=\"float: none; margin-left: auto; display: block; margin-right: auto; border-width: 0px;\" title=\"upgradeadto2012versionpt3_23\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2015\/04\/upgradeadto2012versionpt3_23.jpg\" alt=\"upgradeadto2012versionpt3_23\" width=\"600\" height=\"304\" border=\"0\" \/><\/p>\n<p>When the shares are available again, the migration can be considered completed.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/images\/firma.jpg\" alt=\"firma\" title=\"\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Final steps to migrate Active Directory to Windows 2012 R2 include the decommission of the first 2008 R2 DC migrating the DHCP to the new Windows Server 2012 R2 . If the old Domain Controller is acting also as DHCP server, the DHCP role should be migrated to the new server 2012 R2 in order to keep same settings.<\/p>\n","protected":false},"author":3,"featured_media":12625,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rop_custom_images_group":[],"rop_custom_messages_group":[],"rop_publish_now":"initial","rop_publish_now_accounts":{"linkedin_93tdZWzMZc_93tdZWzMZc":"","facebook_2879994398731222_17841400390232720":"","twitter_113568041_113568041":"","mastodon_115463926174894442_115463926174894442":""},"rop_publish_now_history":[],"rop_publish_now_status":"pending","footnotes":""},"categories":[913,1065],"tags":[1558,1593,220,1557],"class_list":["post-12648","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-active-directory-en","category-microsoft-en","tag-2012-r2","tag-active-directory","tag-domain-controller","tag-migrate","has_thumb"],"_links":{"self":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts\/12648","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/comments?post=12648"}],"version-history":[{"count":0,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts\/12648\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/media\/12625"}],"wp:attachment":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/media?parent=12648"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/categories?post=12648"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/tags?post=12648"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}