Guide: Migrating Server 2008 R2 Domain Controllers to Server 2012

On the 1st of August Microsoft officially announced that their latest client and Server Operating Systems Windows 8 and Server 2012 have now hit RTM (Release to Manufacturing) With the final bits then being handed to OEM’s on the 2nd.

In relation to this, I figured it would be good idea to cook up a guide showing the process involved to migrate from existing Server 2008 R2 domain controllers within your Active Directory environment to new Server 2012 installations. Thankfully the process for carrying this out remains almost identical as with previous versions of Windows Server.

Prerequisites:

  • Actively serving Windows Server 2008 R2 Domain Controllers
  • Server 2003 Forest functional level or higher (minimum)
  • An aditonal server or Virtual Machine running Windows Server 2012
  • A user account with domain administrative privillages
  • A user account that is a member of the Schema Admins group

 

Stage 1: Prepare the Active Directory Forest

The first step on this procedure is to insert your Windows Server 2012 DVD into the 2008 R2 domain controller which holds the Schema Master role (This is normally the primary domain controller within your environment)

The next thing we need to do is prepare the Active Directory forest with the latest schema extensions. To do this first make sure that you are logged onto the domain controller holding the Schema Master role and that the account being used is a member of the Schema Admins group.

Open an elevated Command Prompt window and type the following command:

X:supportadprepadprep /forestprep (Where X: is the letter of your DVD drive)

Type C followed by Enter to begin the process.

The forest has now been updated with the latest Schema extensions.

 

Stage 2: Promote a new server or Virtual Machine with Server 2012 as an additional domain controller.

Now that the forest has been successfully prepared, we will now proceed with promoting our new Server 2012 instance as an additional domain controller.

Unlike previous versions of Windows Server the use of the dcpromo command has been dropped from Server 2012. To promote a 2012 server you must use the wizard provided by Server Manager.

To do this click on the notifications icon and select the option to promote the server to a domain controller under Post-deployment configuration.

Continue with the rest of the wizard to promote the server, and checking both DNS and Global Catalog options. Since the process itself is pretty much straightforward I won’t include screenshots for every step involved here.

Once completed verify that the new domain controller has been successfully adding by checking various elements within Active Directory. E.g. Sites and Services or Users and Computers.

 

Stage 3: Transfer the FSMO roles to the new domain controller

The third and final stage is to move all of the existing four FSMO roles (Flexible Single Master Operation) to the newly promoted domain controller. These include; Schema Operations Master, RID Master, PDC Emulator and Infrastructure Master roles.

1. Transfering the Schema Operations Master

In order to carry out this task you must install the Active Directory Schema Snap-In on the FSMO role holder. Windows Server 2008 and higher require this DLL to be registered. To do this simply enter the following command from a Command Prompt window:

regsvr32 schmmgmt.dll

After adding the Snap-In we can now connect to the Schema by opening a new windows management console. Go to Start > Run and type “mmc” (without the quotes) to bring one up.

Select File > Add/Remove Snap-In and add the Active Directory Schema:

Verify connectivity with the Schema Operations Master by right clicking on the Schema and selecting “Connect to Schema Operations Master”

Change the Domain Controller to the new 2012 server by right clicking and selecting “Change Active Directory Domain Controller”

Note: After changing domain controller you may then be presented with a message stating that you are not connected to the Schema Operations Master:

This is only because you have selected a domain controller which does not  hold the specified role. This role will now be moved to the new Server 2012 domain controller.

Right click and select Operations Master”

Select the Change button to transfer the role to the Server 2012 domain controller:

 

2. Transferring RID, PDC and Infrastructure Operation Masters

To transfer the remaining roles to the new Server 2012 domain controller open Active Directory Users and Computers by going to Start > Administrative Tools > Active Directory Users and Computers.

As with the Schema Master, right click and change the domain controller to the new 2012 server.

For each Operations Masters select Change on each to transfer them:

 

Finally, verify that all Operations Masters have been transferred to the new domain controller:

 

If all has went smoothy you should now have a fully functional Server 2012 domain controller running within your environment. However, from here there are still some post-migration steps that you should be performed once everything has been verified as functioning correctly.

If you are performing such a migration in a production environment with multiple domain controllers then always remember to promote an additional server as a Server 2012 domain controller, especially after transferring the FSMO roles to another.

This will then allow you to demote any older domain controllers that are no longer required, giving you the ability to then raise the Domain and Forest Functional levels.

 

14 Replies to “Guide: Migrating Server 2008 R2 Domain Controllers to Server 2012”

  1. Nice article. I actually promoted my new 2012 server to a DC before reading your article. The 2012 wizard automagically did the forestprep, cause when I tried to do this manually following your guide, I received a message “Forest-wide information has already been updated”.

  2. Always thought there were 5 roles, looks like you missed the ‘Domain Naming Master’ role, changed with the AD Domains and Trust application.

  3. thanks Greig.

    Just a comment to not forget about transferring the Domain Naming Master Role as well (start Active Directory Domains and Trusts, right click on the domain, change operations master)

    Also – invaluable to double check your work, and “netdom query FSMO” at a command prompt will verify all the changes.

  4. Thaks for the stright forward article, easy to follow and makes sence.
    Can one not just “insert the cd and run the upgrade” on a 2008 r2 DC? What about following this article for the first DC, then “stick in the disc and click next” on the remaining DC’s?

  5. Hmmm.. I have set up a 2008 DC and a 2012 server on VMWare then following these steps two times from scratch, both with the same outcome. I successfully get the new 2012 DC up and running and successfully replicated, and successfully transfer all FSMO roles to 2012 but when I do and check the operations masters from the 2008 machine, all state ERROR. Any Clue? The 2012 box seems fine.

  6. I followed all of your steps but for some reason the “Domain Naming Master” is still the old DC, yet all the other roles are correct. Any ideas?

  7. Very helpful! One more step I had to perform was to transfer the domain naming operations master to the new DC. The 2008 R2 DC would not demote until that was done.

Leave a Reply

Your email address will not be published. Required fields are marked *

*