Upgrade Domain Controllers From 2008 R2 to Windows Server 2012


Upgrade Domain Controllers From 2008 R2 to Windows Server 2012 April 10

2013

This topic provides background information about Active Directory Domain Services in Windows Server 2012 and explains the process for upgrading domain controllers from Windows Server 2008 or Windows Server 2008 R2. UPGRADE FROM SERVER 2008 R2 TO Windows server 2012

Table of Contents

1.1.1    1

2.    Prerequisites check    2

3.    Prepare the forest    2

1.    Considerations for using Adprep.exe in Windows Server 2012    2

1-1    Install Active Directory Domain Services on Windows Server 2012 with PowerShell    2

2-1    Install Active Directory Domain Services on Windows Server 2012 with Server Manager    2

3-1    Promote a Server to a Domain Controller in Windows Server 2012 with Server Manager    2

4-1    Configure DNS on server    3

2.1.1    Check the Functional level    3

5-1    Change the DHCP setting in the server scope to the new DNS    6

6-1    Transferring the Root FSMO    6

3.1.1    Transferring the Domain-Specific Roles: RID, PDC, and Infrastructure Master    6

4.1.1    Transferring the Domain Naming Master role    7

5.1.1    Transferring the Schema Master Role    7

6.1.1    Transferring the Schema Master Role    7

7-1    Move a DHCP Database to another Server    8

7.1.1    Add the DHCP ROLE    8

8-1    Back up the DHCP database (at the source server)    8

8.1.1    Export DHCP    8

9-1    Install the DHCP server service on the server that is running Windows Server 2012    8

9.1.1    Import the DHCP database    9

10-1    Authorize the DHCP server    9

10.1.1    After installing and removing Roles    9

11-1    Refrences    9

  1. Prerequisites check

    Backup the DC

    Dcdiag /v /c /d /e /s:DNSserver2 >c:\dcdiag.log

    Repadmin /showrepl DNSserver2*

  2. Prepare the forest

  3. Considerations for using Adprep.exe in Windows Server 2012

In Windows Server 2012, Adprep.exe is integrated into the AD DS installation process and runs automatically as needed. For example, when you install the first domain controller that runs Windows Server 2012 into an existing domain and forest, then adprep /forestprep and adprep /domainprep automatically run and report the results of the operations.

  1. Install Active Directory Domain Services on Windows Server 2012 with PowerShell

Add-WindowsFeature -name ad-domain-services -IncludeManagementTools
  1. Install Active Directory Domain Services on Windows Server 2012 with Server Manager

    1. Open Server Manager, then select
      Manage
      and click on
      “Add Roles and Features”
    2. Click
      Next
      on the “Before you begin” window
    3. Select
      Role-based or feature-based installation
      and then click
      Next
    4. Click
      Select a server from the server pool
      , click the name of the server to install Active Directory Domain Services to, and then click
      Next
      (If you wanted to install this on a remote server, you have to first create a server group containing the remote server)
    5. Click
      Active Directory Domain Services
      . When the
      Add Roles and Features Wizard
      dialog box opens, select
      Add Features
      , then
      Next
    6. On the
      Active Directory Domain Services
      page, review the information and then click Next
    7. On the
      Confirm installation selections
      page, click
      Install
    8. On the
      Results
      page, verify Installation succeeded, and click
      Promote this server to a domain controller
      to start the Active Directory Domain Services Configuration Wizard
  2. Promote a Server to a Domain Controller in Windows Server 2012 with Server Manager

After installing the Active Directory Domain Services feature on your server, you can promote the server to a domain controller. If you have just finished the feature installation, the AD DS Configuration Wizard begins automatically.

However, if the feature installation has already been closed, you can start the Active Directory Domain Services Configuration Window by clicking the
Tasks
icon along the top of Server Manager.

  1. Choose your
    Deployment Configuration.
  2. To
    install a new domain in existing forest
    , choose “Child” or “Tree” domain, then browse for forest structure.
  3. Choose your
    Domain Controller Options.

    To create a
    new forest or domain
    , select the functional levels, click
    Domain Name System (DNS) server
    , specify the Directory Services Restore Mode password, and then click
    Next.

  4. To add a DC to a domain, choose
    Domain Name System (DNS) server
    ,
    Global Catalog (GC)
    , or
    Read Only Domain Controller (RODC)
    as needed, choose the site name, and type the Directory Services Restore Mode password and then click next.
  5. Specify where the directories for the Active Directory database, the log files, and the SYSVOL folder will be. Click
    Next
    .
    Warning: Do not attempt to store any of the above on a Resilient File System data volume.

    You may need to specify alternate credentials to run adprep on the Preparation Optionspage.

  6. If you want to reuse these steps again, click
    View Script
    , and copy the text of the PowerShell script.
  7. Verify your server was successfully promoted on the results page, and then click
    Close.

Note: A reboot is required and it happens automatically by default.

  1. Configure DNS on server

  2. Check the Functional level


After installing the DC Role

First make sure that the preferred DNS isn’t the server DNS

Add the servers to the name servers


Note: Make sure to remove the old server from the name servers

Make sure of the following records in dns


Make sure that the properties of both Domain.com

And the _msdcs.domain.com properties are the same in the name servers tab The IP address maybe un configured

  1. Change the DHCP setting in the server scope to the new DNS


  1. Transferring the Root FSMO

Some new features in Windows Server 2012 affect operations master roles:

New security principals are created when the PDC emulator runs Windows Server 2012.

  • The RID Master has new RID issuance and monitoring functionality. The improvements include better event logging, more appropriate limits, and the ability to – in an emergency – increase the overall RID pool allocation by one bit.

netdom query FSMO

Schema master DNSSERVER2.Domain.com

Domain naming master DNSSERVER2.Domain.com

PDC DNSserver1.Domain.com

RID pool manager DNSserver1.Domain.com

Infrastructure master DNSSERVER2.Domain.com

  1. Transferring the Domain-Specific Roles: RID, PDC, and Infrastructure Master

    1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
    2. Right-click the icon next to Active Directory Users and Computers, and then click Connect to Domain Controller.

      NOTE: If you are not on the domain controller where you want to transfer the role, you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.

    3. Click the domain controller which will be the new role holder, and then click OK.
    4. Right-click Active Directory Users and Computers icon and then click Operation Masters.
    5. In the Change Operations Master dialog box, click the appropriate tab (RID, PDC, or Infrastructure) for the role you want to transfer.
    6. Click Change in the Change Operations Master dialog box.
    7. Click OK to confirm that you want to transfer the role.
    8. Click OK.
    9. Click Cancel to close the dialog box.
  2. Transferring the Domain Naming Master role

    1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Domains and Trusts.
    2. Right-click the Active Directory Domains and Trusts icon, and then click Connect to Domain Controller.

      NOTE: If you are not on the domain controller where you want to transfer the role, you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.

    3. Click the domain controller that will be the new role holder, and then click OK.
    4. Right-click Active Directory Domains and Trusts, and then click Operation Masters.
    5. In the Change Operations Master dialog box, click Change.
    6. Click OK to confirm that you want to transfer the role.
    7. Click OK.
    8. Click Cancel to close the dialog box.
  3. Transferring the Schema Master Role

You can use the Schema Master tool to transfer the role. However, the Schmmgmt.dll dynamic-link library must be registered in order to make the Schema tool available as an MMC snap-in.

Registering the Schema Tool

  1. Click Start, and then click Run.
  2. Type regsvr32 schmmgmt.dll, and then click OK. A message should be displayed stating that the registration was successful.

    1. Transferring the Schema Master Role

      1. Click Start, click run, type mmc, and then click OK.
      2. On the Console, menu clicks Add/Remove Snap-in.
      3. Click Add.
      4. Click Active Directory Schema.
      5. Click Add.
      6. Click Close to close the Add Standalone Snap-in dialog box.
      7. Click OK to add the snap-in to the console.
      8. Right-click the Active Directory Schema icon, and then click Change Domain Controller. NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
      9. Click Specify Domain Controller, type the name of the domain controller that will be the new role holder, and then click OK.
      10. Right-click Active Directory Schema and then click Operation Masters.
      11. In the Change Schema Master Dialog box, click Change.
      12. Click OK.
      13. Click OK.
      14. Click Cancel to close the dialog box.
      15. Run netdom query FSMO again to make sure
    2. Move a DHCP Database to another Server

    3. Add the DHCP ROLE

    4. Back up the DHCP database (at the source server)

       


  1. Open DHCP.
  2. In the console tree, click the applicable DHCP server.
  3. On the Action menu, click Backup.
  4. In the Browse For Folder dialog box, select the folder that will contain the backup DHCP database, and then click OK.
  1. Export DHCP

The database must be moved using the following command

  1. netsh dhcp server IP export D:\dhcpdatabase.txt all
  2. wait for the command complete successfully

Note: While the export command runs, DHCP server is stopped and does not respond to clients seeking new leases or lease renewals.

  1. You can now stop the DHCP service on the source server.
  1. Install the DHCP server service on the server that is running Windows Server 2012

To install the DHCP Server service on an existing Windows Server 2008 computer:

1.       Start Server Manager.

2.       Click on Add Roles.

3.       Select the DHCP server role and press Next.

4.       Click through the next sequence for screens of the installation wizard to complete the DHCP server installation. You should not authorize the DHCP server at this point.

  1. Import the DHCP database

Log on as a user who is a member of the local Administrators group or DHCP administrators group.

2.       Copy the exported DHCP database file to the local hard disk of the Windows Server 2012 computer.

3.       Verify that the DHCP service is started on the Windows Server 2008 computer.

4.       Click Start, click Run, type cmd in the Open box, and then click OK.

5.       At the command prompt, type netsh dhcp server import d:\dhcpdatabase.txt all, and then press ENTER, where d:\dhcpdatabase.txt is the full path and file name of the database file that you copied to the server.

6.       After you receive the message that the command completed successfully, quit the command prompt.

Note: Unauthorized the old server

  1. Authorize the DHCP server

     

1. Click Start, point to All Programs, point to Administrative Tools, and then click DHCP. You must be logged on to the server by using an account that is a member of the Administrators group. In an Active Directory domain, you must be logged on to the server by using an account that is a member of the Enterprise Administrators group.

2. In the console tree of the DHCP snap-in, expand the new DHCP server. If there is a red arrow in the lower-right corner of the server object, the server has not yet been authorized.

3. Right-click the server objects, and then click Authorize.

4. After several moments, right-click the server again, and then click Refresh. A green arrow indicates that the DHCP server is authorized.

After installing and removing Roles

Test the DNS and the new Server

Client test

Modify the DNS of some clients so that the primary DNS is

then new server2012 server

Server test

Modify the DNS of some Servers to be

Then new server2012 server

  1. Refrences

http://support.microsoft.com/kb/255690

http://technet.microsoft.com/en-us/library/hh994618.aspx#BKMK_OpsMasters

Advertisements

5 thoughts on “Upgrade Domain Controllers From 2008 R2 to Windows Server 2012

  1. Very great post. I simply stumbled upon your blog and wished to mention that I have really loved surfing
    around your weblog posts. After all I will be subscribing on your feed and I am hoping you write
    once more very soon!

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s