none
AD Upgrade VS Consolidate

    Question

  • Hello,

    We are looking forward to Consolidate as well as upgrade our active directory. Below is the scenario region wise:

    a. 1 root domain, 2 child domains-- 2008R2

    b. 1 domain - 2008R2 - separate forest with no trust relationship with a.

    c. 1 domain - 2008r2, 1 domain - 2016, both separate forests no trusts b/w themselves or any other regions forest.

    What should be our approach? 

    1. Upgrade all DC in every domain and then migrate to root domain in region a.

    2. Migrate all AD objects to root domain in region a and then upgrade DC to 2016.

    3. Create a new greenfield AD with 2016 and migrate everything over there

    4. any other approach that we do not know of?

    Thursday, April 18, 2019 7:54 AM

Answers

All replies

  • As long as you are OK with using one of these domains/forests as your future AD environment, (i.e. its name/OU structure/permission model, etc. meet your organization's requirements) then you might be able to simplify your task by choosing it as the migration/consolidation target.

    If so, my suggestion would be to upgrade that domain/forest to WS 2016 and then migrate all others into it

    hth
    Marcin

    Thursday, April 18, 2019 10:42 AM
  • Hello Marcin,

    the only good option we can think of from current AD is root domain.

    so i understand we should first upgrade root to 2016 and then migrate everything to root.

    but then should forest functional level be also raised before migration or after that?

    Thursday, April 18, 2019 11:10 AM
  • You cannot raise the functional level until all DCs in the domain/forest are running WS 2016.

    My suggestion would be to wait with this until migration/consolidation is completed

    hth
    Marcin


    Thursday, April 18, 2019 11:12 AM
  • Thanks for you help Marcin.

    Is there any guide or blog that can help me in the high level and low level design for this project,

    Friday, April 19, 2019 4:24 AM
  • Hello,
    Thank you for posting in our TechNet forum.

    1. I think we can install 2016 Windows server and promote it as DC in root domain,
    2. Then migrate everything to root.
    3. Last thing when you raise functional level(such as to 2016), the older Server OS DCs become nonfunctional.(Server 2012, 2008, etc.) so before raising functional level you should demote old DCs from domain or upgrade the operating system of the old DCs.


    References:

    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by HarryMinhas24 Friday, April 19, 2019 10:37 AM
    Friday, April 19, 2019 8:36 AM
    Moderator
  • Hi,
    Thank you for your update and marking my reply as answer. I’m very glad that the information is helpful.
     
    As always, if there is any question in future, we warmly welcome you to post in this forum again. We are happy to assist you!

    Have a nice day!


     
    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, April 22, 2019 2:24 AM
    Moderator