2008 AD Server with FSMO, Certificates, etc.. - Migrating to AD Server 2012 or 2016


  • Hello,

    I have a recent project that I am having doubts about.  I may be over thinking this, so let me know if I am.  I am seeking advice, and best practices for this migration.

    what we currently have:

    Domain Forest Level is 2003  --> we now have all 2003 AD Servers decomm'ed (lowest level now is 2008)

    We have our Main Corporate site with 2 AD servers - Both house DNS and DHCP (both Server 2008)

    1 AD Server houses FSMO roles, Certificate Services,

    I need to load Server 2012 or 2016 onto New Hardware and join both new servers as a AD/DC.  And, Demote the OLD 2008 AD/DC.

    My question - Can I use the same Server Name, and Server IP Address from the OLD 2008 AD/DC Servers?  I only ask because we have a lot of equipment (Server and Network) that point to these IP Addresses/Names.  I know I cannot have the same name or same IP in the infrastructure.  Will having the same Host Name of the Old Hardware on the New Hardware mess with GUIDs, IDs, or anything else in AD?  This is our Main Datacenter, I do not want to come across any issues.

    Does anyone have experience, or a thoughts to accomplish this with no issues?

    I am open to thoughts / ideas.

    Thanks, Brent


    Friday, January 13, 2017 8:51 PM

All replies

  • Hi,

    Domain and Forest level 2003 is enough to add a domain controller under Windows 2012 or Windows 2016.

    You can keep the same name and same IP by following theses steps step by step:

    1. demote domain controller from old server
    2. Change the name and address IP of old domain controller
    3. install new server using  the old IP and old name domain controller
    4. Promote domain controller on new server

    Once you respect these step by order , you will promote your new domain controller with same name and IP of old domain controller and avoid conflict.


    Friday, January 13, 2017 10:50 PM
  • Once you demote the DC, you will be able to re-use the IP and server name. However, before proceeding, you need to make sure that all your AD integrated systems support DCs running Windows Server 2012 R2. It is advised to try this in your test environment before proceeding.

    This posting is provided AS IS with no warranties or guarantees , and confers no rights.

    Ahmed MALEK

    My Website Link

    My Linkedin Profile

    My MVP Profile

    Sunday, January 15, 2017 11:49 PM
  • Hi Brent,
    Alternatively, you could use this scenario:
    - First add new server as additional domain controller
    - Then transfer Fsmo roles to new DC
    - Demote old DC from domain and clean up its metadata
    - Change hostname and ip of new DC which is the same with old DC.
    In addition, we would not suggest to install CA service on a domain controller.
    Best regards,

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact

    Monday, January 16, 2017 5:53 AM