How to move to windows 2016, 2019 Active directory

Question

I have one forest with a couple child domains that are all windows server 2012 r2, Domain Functional level: Windows Server 2008 R2, Forest functional level: Windows Server 2008 R2.

Looking to introduce Windows server 2016 and or 2019 and raising the Domain/forest functional levels and move away from windows server 2012, thus upgrading our Active Directory and looking for the most smoothest transition.

We would consult with our app teams to determine compatibility of course but just looking for general insight of folks who have made this move please.

Accepted Answer

The prerequisite before introducing the first 2016 domain controller: domain functional level needs to be 2003 or higher

The two prerequisites to introducing the first 2019 domain controller are that domain functional level needs to be 2008 or higher and older sysvol FRS replication needs to have been migrated to DFSR
https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405

I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

--please don't forget to Accept as answer if the reply is helpful--

Answer

Hi @Crod ,

I would recommend going with the latest Windows Server versions (2019 in this case), it gives you a longer lifecycle.

There are two (2) prerequisites before introducing the first 2019 domain controller, and they are:

1. The domain functional level needs to be 2008 or higher.
2. Older sysvol FRS replication needs to have been migrated to DFSR (for more information, see: https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405).

You should use the dcdiag / repadmin tools first to verify the health, if any errors are shown you should correct all of them before proceeding.

Next install a new Windows Server 2016/2019 and then do the following:

Patch the server with the latest available updates.
License the server.
Domain join the server to your existing domain.
Add the Active Directory Domain Services (ADDS).
Promote it to a domain controller making it a Global Catalog (GC).
Transfer FSMO roles over (Optional).
Transfer pdc emulator role (Optional).
Use dcdiag / repadmin tools to again verify the health.

If the new 2016/2019 DC is healthy, you can then start decommissioning or demoting the old domain controllers.

----------

(If the reply was helpful please don't forget to upvote or accept as answer, thank you)

Best regards,
Leon

Answer

Hi,

If you don't have any problem with compatibility with active directory on Windows 2019 , I join Leon , it's recommended to migrate to last version Windows 2019.

To be able to promote the first domain controller on Windows 2019 , the forest functional level must be Windows 2008 R2 or higher and use DFRS for sysvol replication.

Regarding the functional level ,with windows 2019, the highest Forest and domain functional level is Windows 2016.

Don't forget to mark this reply as answer if it help you to fix your issue

Share via

How to move to windows 2016, 2019 Active directory

2 additional answers

Your answer