Sunday, August 7, 2016

Active Directory Migration from Windows Server 2008 R2 to Windows Server 2012 R2


  • Step-By-Step: Active Directory Migration from Windows Server 2008 R2 to Windows Server 2012 R2


With the end of support for Windows Server 2003
As mentioned, Windows Server 2012 R2 provides a great first step towards cloud adoption. In addition to this the ability to allow your organization to take advantage of capabilities such as Active Directory Recycle Bin improvements, DHCP failover, Dynamic Access Control, Hyper-V replication and much more.
Migrating Active Directory off your existing Windows 2008 R2 server and onto a new Windows 2012 R2


Prerequisites
    Download Windows Server 2012 R2. You also have the ability to complete this Step-By-Step in a virtual lab by downloading Hyper-V Server 2012 for free.
    As a precaution, complete a full backup of your existing server.
    Check the Schema version of AD DS (Before adprep) by running regedit, navigating to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Parameters and noting the current Schema version.

Step 1: Preparing your existing forest via the adprep command
    Insert the Windows Server 2012 DVD into the DVD drive of the Windows Server 2008 R2 AD DS.
    Open command prompt, and type adprep /forestprep and press enter.
    Check the Schema version of AD DS (After adprep) by running regedit, navigating to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Parameters and noting the current Schema version.
 
Step 2: Promoting the Windows Server 2012 Server domain controller

Step 3: Verify the new Windows Server 2012 Domain Controller
    Open Active Directory Users and Computers, expand <Your Domain> and click the Domain Controller OU to verify your server is listed.  
    Open DNS Manager, right-click on <Your Domain>, select Properties and then click Name Servers Tab. Verify that your server is listed in Name Servers: lists.  
    Open Active Directory Sites and Services; verify that your server is listed in Servers under Default-First-Site-Name.

Step 4: Transferring the Flexible Single Master Operations (FSMO) Role
    Open the Active Directory Users and Computers console on your new Windows Server 2012 computer.  
    Right click your domain and select Operations Masters in the sub menu.  
    In the Operations Masters window, ensure the RID tab is selected.  
    Select the Change button.
    Select Yes when asked about transferring the operations master role.
Once the operations master role has successfully transferred, click OK to continue.
Ensure the Operations Master box now shows your new 2012 Windows Server.
Repeat steps 4 to 6 for the PDC and Infrastructure tabs.
Once completed, click Close to close the Operations Masters window.
Close the Active Directory Users and Computers window.  

Step 5: Removing the Windows 2008 R2 domain controller
    On the Windows 2008 R2 server click Start, Click Run, type dcpromo, then click OK.  
    After the Welcome to the Active Directory Installation Wizard page, be sure to leave the Delete the domain because this server is the last domain controller in the domain unchecked.  
    On the Administrator Password Page, enter your password and click Next.  
    On the Summary page, click Next, wait for the process to end, then click Finish.  
    On the Completing the Active Directory Domain Services Installation Wizard, click Finish.  
    On the Active Directory Domain Services Installation Wizard page, click Restart Now to Restart the server.  
    After the reboot is completed, delete the Windows Server 2008 R2 server from the domain to a workgroup and remove any unnecessary record from Active Directory Sites and Services.


https://blogs.technet.microsoft.com/canitpro/2014/05/27/step-by-step-active-directory-migration-from-windows-server-2008-r2-to-windows-server-2012-r2/


Verify the schema version
Note - You can verify the schema version using dsquery * cn=schema,cn=configuration,dc=sivarajan,dc=com -scope base -attr objectVersion command. The following table lists the Active Directory Schema and the corresponding Object Version:

Active Directory Object Version
Windows 2000 13
Windows 2003 30
Windows 2003 R2 31
Windows 2008 44
Windows 2008 R2 47
Windows 8 Beta 52
Windows 2012 56
Windows 2012 R2 69

Check the Schema version of AD DS (After adprep) by running regedit, navigating to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Parameters and noting the current Schema version.




  • View Active Directory schema version


1-You can use registry too:
HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parame ters\SchemaVersion

2-the objectVersion in ADSIEdit.

3-"dsquery * cn=schema,cn=configuration,dc=domainname,dc=local -scope base -attr objectVersion"

https://social.technet.microsoft.com/Forums/windowsserver/en-US/45f8e9b9-07b9-4af7-9eba-d87169dccc22/view-active-directory-schema-version?forum=winserverDS



  • Active Directory: Active Directory Upgrade - High Level Steps


Upgrade schema
Upgrade the schema using correct version of OS – Adprep

Verify the schema version

Add additional DC
New server
Install a new server with correct version of OS and join this server to the existing domain

Promote DC
Perform DCPRMO on this server and select Additional Domain Controller for an existing Domain option.

Transfer Roles
If you are planning to decommission the old servers, you need transfer FSMO roles, DHCP etc to the new server.
You can identify the FSMO role DC information using Netdom /Query FSMO command.

Decommission old DC
You can remove (demote) a domain controller using DCPROMO command and again
http://social.technet.microsoft.com/wiki/contents/articles/2903.active-directory-active-directory-upgrade-high-level-steps.aspx

1 comment: