none
Upgrading Domain Controller from 2008R2 to 2012, best practices?

    Question

  • Hello,

    I have a site with 3 domain controllers, one of them is running Windows Server 2008 R2, the rest are 2012 R2.

    I want to get this 2008R2 DC upgraded so that all my DC members are running Windows Server 2012 R2, this way I can raise my domain functionality to 2012 and then to 2012 R2.

    I see two ways to do this..

    1. Build a new 2012 R2 DC server and decommission the 2008 R2 DC
    2. Demote 2008 R2 DC and build new 2012 R2 DC keeping the same server name/ip

    This DC in question has the DNS role.

    With option #1, I would need to go around and point all my servers DNS to use the new DC IP. 

    With option #2, since this is a replace; keeping the same server name and IP, I won't have to touch any servers afterwards.

    Now I am looking for recommendations and best practices, while #2 has less post maintenance; is it good in practice? Could there be lingering fragments in AD metadata or elsewhere regarding the 2008R2 DC that was demoted that could conflict with a new 2012R2 DC that took its place and is now acting as a DC?

    Thanks for your help.

    Sunday, March 26, 2017 2:02 AM

Answers

  • Either 1 or 2 should be fine. Successful demotion should take care of any cleanup of old DC but you can check it by referencing this one.

    https://technet.microsoft.com/en-us/library/cc816907%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

    All three DCs are most likely DNS servers. You can check your DHCP server is handing out at least one of the remaining DC's during rebuild period.

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Marked as answer by techy86_ Tuesday, March 28, 2017 2:46 PM
    Sunday, March 26, 2017 3:15 AM

All replies

  • Either 1 or 2 should be fine. Successful demotion should take care of any cleanup of old DC but you can check it by referencing this one.

    https://technet.microsoft.com/en-us/library/cc816907%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

    All three DCs are most likely DNS servers. You can check your DHCP server is handing out at least one of the remaining DC's during rebuild period.

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Marked as answer by techy86_ Tuesday, March 28, 2017 2:46 PM
    Sunday, March 26, 2017 3:15 AM
  • Could there be lingering fragments in AD metadata or elsewhere regarding the 2008R2 DC that was demoted that could conflict with a new 2012R2 DC that took its place and is now acting as a DC?

    So you will gracefully demote this server 2008 r2 from domain and no need to perform metadata cleanup.You should  perform metadata cleanup on a domain controller in the domain of the domain controller that you forcibly removed.

     Your 2 scenario seems to be OK,but as you said if you keep same ip and ip address you won't need to set dns after upgrade to point new dc config.


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Sunday, March 26, 2017 10:35 AM
  • Hi,
    You could follow the article step by step to have a try regarding the similar scenario:
    Remove an Old DC and Introduce a New DC with the Same Name and IP Address
    http://blogs.msmvps.com/acefekay/2010/10/09/remove-an-old-dc-and-introduce-a-new-dc-with-the-same-name-and-ip-address/
    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
    Best regards,
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, March 27, 2017 2:23 AM
    Moderator