Windows 2008 Domain Controller migration to 2016+ Child Domain, CA and exchange 2016

DanthePro 41 Reputation points
2020-12-08T21:33:26.417+00:00

Hi all,

I have been assign the project to migrate our Windows 2008 domain controllers to windows 2016 domain controller. We have 8 Domain controllers and a child domain with 2 DC. To add we have an Exchange 2016 server and a Windows 2012 CA server. Questions:

Do we need to do a DCPROMO /adprep and forestprep on all Domain controller
what do we need to do with the child domain. Can we do the upgrade on the parent domain and not the child domain or we need to plan for both.
Do we need to add a CU for Exchange 2016
Is there anything to do with our Windows 2012 CA server that is not a DC by the way. 1 CA with 1 SUBCA
thx

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,443 questions
0 comments
Accepted answer
  1. Anonymous
    2020-12-08T21:39:57.42+00:00

    The prerequisite before introducing the first 2016 domain controller: domain functional level needs to be 2003 or higher

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2016, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one and move on to next one. I'd probably start with the child domain though it really shouldn't matter

    Also at some point after I'd recommend migrating sysvol replication from older FRS technology to DFSR
    https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405

    I'd suggest asking the exchange and CA migration questions from subject matter experts here
    https://video2.skills-academy.com/en-us/answers/topics/office-exchange-server-deployment.html
    https://video2.skills-academy.com/en-us/answers/topics/windows-server-security.html

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. DanthePro 41 Reputation points
    2020-12-09T16:08:51.647+00:00

    Thx for your answer, but why should you start with the Child Domain. Is it a logical route even if its not important to start with it.

    Also what do you think about a in place upgrade, is it recommended?

    thx

    0 comments
  2. Anonymous
    2020-12-09T16:14:08.913+00:00

    Thx for your answer, but why should you start with the Child Domain. Is it a logical route even if its not important to start with it.

    You can do either one as first step.

    Also what do you think about a in place upgrade, is it recommended?

    An in-place upgrade is never recommended, especially for a domain controller. Standing up new domain controllers is a very simple and quick process, not worth the risk.

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments
  3. Vicky Wang 2,731 Reputation points
    2020-12-10T09:19:42.317+00:00

    Hi,

    I am glad to hear that your issue was successfully resolved\I am pleased to know that the information is helpful to you. If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,
    Vicky

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.