none
2008 SP2 AD migration to Windows Server 2016

    Question

  • Dear Techs,

    I would like to migrate my existing AD Servers to 2008 SP2 to Server 2016. Please guide me on how to achieve this task and make sure that my current AD setup is good enough to migrate or not.

    I do have some additional queries.

    1. Should I migrate to Windows 2012 R2 or opt for 2016? My current infra consist of all 2012 and 2012 R2 Servers. Is 2016 in a stable condition now (in terms of bugs and all)?

    2. I have 2 AD Servers. Both running 2008 SP2. So, how the migration process would be? 

    3. Will there be any compatibility issues for this migration task as my existing ones are 2008 SP2 versions !!!

    Looking forward !!!

    Thanks in advance


    Thanks and regards, Sabin S


    • Edited by Sabin_S Monday, April 23, 2018 4:29 AM mistakenly provided the wrong OS versions
    Thursday, April 19, 2018 6:44 AM

Answers

  • I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting. Then I'd stand up the new guest, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to verify health, when all is good you can decommission / demote old one. Then move on to next one. Server 2016 should be fine but just be sure to patch it fully before adding roles.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Marked as answer by Sabin_S Tuesday, May 1, 2018 5:41 AM
    Thursday, April 19, 2018 11:30 AM

All replies

  • I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting. Then I'd stand up the new guest, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to verify health, when all is good you can decommission / demote old one. Then move on to next one. Server 2016 should be fine but just be sure to patch it fully before adding roles.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Marked as answer by Sabin_S Tuesday, May 1, 2018 5:41 AM
    Thursday, April 19, 2018 11:30 AM
  • Dave,

    Thanks for the quick response. 
    I have ran 'dcdiag' on both AD Servers and all looks good enough. I understand that 'repadmin' do have lot of commands. Which all should I run to make sure the AD Server health is in good state? Just the ones with show command?

    1 very basic question though !!!
    As I am having an DC and ADC do I need to migrate both Servers? Or Migrate just the DC to the new 2016 Server. Then build a new 2016 Server and join to the configure it as an ADC.

    Thanks in advance


    Thanks and regards, Sabin S

    Monday, April 23, 2018 4:38 AM
  • You can run repadmin /showrepl for a quick check.

    1 very basic question though !!! As I am having an DC and ADC do I need to migrate both Servers? Or Migrate just the DC to the new 2016 Server. Then build a new 2016 Server and join to the configure it as an ADC.

    Not sure what is meant here. You should not in-place upgrade. Better to follow as I mentioned above building new instances of OS for each DC.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.


    Monday, April 23, 2018 12:51 PM
  • Dave,

    Thanks for the input.

    I have recently ran repadmin /showrepl and was showing all good at that time. Will re run again and see how things are.

    For my second question. I will try to  make it simpler. In a scenario where I have 2 AD Servers (DC and ADC) running Wind 2008 as OS. Lets say we migrated DC to a Server 2016 (new VM). For the ADC which is still running on a Wind 2008 how it should be dealt with?

    Also in this scenario, if I need an ADC (additional domain controller) along with the above created DC 2016 Server? How can I achieve the same?

    Thanks in advance


    Thanks and regards, Sabin S

    Wednesday, April 25, 2018 4:17 AM
  • You can keep the 2008 domain controller(s). You just wouldn't raise DFL/FFL at this time.

    https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.


    Wednesday, April 25, 2018 4:20 AM
  • Dave,

    Thanks again. Much appreciated for your constant inputs.

    Yes, I understand that our DFL\FFL is set to Server 2003. Won't change those anyway. Will go through the link shared.

    I have an exchange 2013 running as well. Will upgrading the AD from 2008 to 2016 result in any sort of compatibility or other issues with the Exchange? Please correct me if I am wrong, upgrading the AD from 2008 to 2016 will update the user and other schema details or attributes, correct? If yes, will it affect the Exchange Server or its functionalities.



    Thanks and regards, Sabin S

    Wednesday, April 25, 2018 12:07 PM
  • Yes, schema will be prepared to accept a 2016 domain controller. For questions about exchange 2013 better to ask in dedicated forums over here.

    https://social.technet.microsoft.com/forums/exchange/en-us/home?forum=exchangesvrgeneral

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Wednesday, April 25, 2018 12:43 PM
  • Dave,

    Thanks for all the inputs.
    Will ask in Exchange 2013 forum regarding the same.

    Much appreciated


    Thanks and regards, Sabin S

    Tuesday, May 1, 2018 5:40 AM
  • Sounds good, you're welcome.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Tuesday, May 1, 2018 12:08 PM