AD Migration - HenceTech/Documentations GitHub Wiki

This site uses cookies for analytics, personalized content and ads. By continuing to browse this site, you agree to this use. Learn more Microsoft logo |

Search Sign in

Step-By-Step: Migrating Active Directory FSMO Roles From Windows Server 2012 R2 to 2016 ★★★★★★★★★★★★★★★ avatar of mvp-dishan-francisMVP Dishan FrancisMay 24, 20175 30 0 With Windows server 2016 was released for public (GA), many businesses are working on migrating their services to the new offering. This post will walk you through the steps needed to migrate Active Directory FSMO roles running on Windows Server 2012 R2 to Windows Server 2016 Active Directory. The same steps are valid for migrating from Windows Server 2012, Windows Server 2008 R2 and Windows Server 2008.

In this setup, the Windows Server 2012 R2 domain controller is setup as a PDC. The Windows Server 2016 machine has already been added to the existing domain.

updc1

Current domain and forest functional level of the domain is windows server 2012 R2.

updc2

So, let's start with the migrate process.

Install Active Directory on windows server 2016

  1. Log in to windows server 2016 as domain administrator or enterprise administrator
  2. Check the IP address details and put the local host IP address as the primary DNS and another AD server as secondary DNS. This is because after AD install, server itself will act as DNS server
  3. Run servermanager.exe form PowerShell to open server manager (there is many ways to open it)Â updc3
  4. Then click on Add Roles and Features updc4
  5. It will open up the wizard, click next to continue updc5
  6. In next window keep the default and click next updc6
  7. Roles will be installed on same server, so leave the default selection and click next to continue updc7
  8. Under the server roles tick on Active Directory Domain Services, then it will prompt with the features needs for the role. Click on add features. Then click next to proceed updc8 updc9 updc10
  9. On the features windows keep the default and click next updc11
  10. In next window, it will give brief description about AD DS, click next to proceed updc12
  11. Then in next window it will give brief description about configuration and click on install to start the role installation process. updc13 updc14
  12. Once installation completed, click on promote this server to a domain controller option updc15
  13. It will open up the Active Directory Domain Service configuration wizard, leave the option Add a domain controller to existing domain selected and click next. updc16
  14. In next window define a DSRM password and click next updc17
  15. In next window click on next to proceed updc18
  16. In next windows, it asks from where to replicate domain information. You can select the specific server or leave it default. Once done click next to proceed. updc19
  17. Then it shows the paths for AD DS database, log files and SYSVOL folder. You can change the paths or leave default. In demo, I will keep default and click next to continue updc20
  18. In next windows, it will explain about preparation options. Since this is first windows server 2016 AD on the domain it will run forest and domain preparation task as part of the configuration process. Click next to proceed. updc21
  19. In next window, it will list down the options we selected. Click next to proceed. updc22
  20. Then it will run prerequisite check, if all good click on install to start the configuration process. updc23
  21. Once the installation completes it will restart the server. updc24 Migrate FSMO Roles to windows server 2016 AD I assume by now you have idea what is FSMO roles. If not search my blog and you will find article explaining those roles. There are 2 ways to move the FSMO roles from one AD server to another. One is using GUI and other one is using command line. I had already written articles about GUI method before so I am going to use PowerShell this time to move FSMO roles. If you like to use GUI mode search my blog and you will find articles on it.Â
  1. Log in to windows server 2016 AD as enterprise administrator
  2. Open up the Powershell as administrator. Then type netdom query fsmo. This will list down the FSMO roles and its current owner. updc25
  3. In my demo, the windows server 2012 R2 DC server holds all 5 fsmo roles. Now to move fsmo roles over, type Move-ADDirectoryServerOperationMasterRole -Identity REBELTEST-PDC01 -OperationMasterRole SchemaMaster, DomainNamingMaster, PDCEmulator, RIDMaster, InfrastructureMaster and press enter In here REBELTEST-PDC01 is the windows server 2016 DC. If FSMO roles are placed on different servers, you can migrate each and every FSMO roles to different servers. updc26
  4. Once its completed, type netdom query fsmo again and you can see now its windows server 2016 DC is the new FSMO roles owner. updc27 Uninstall AD role from windows server 2012 R2 Now we moved FSMO roles but we still running system on windows 2012 R2 domain and forest functional levels. In order to upgrade it, first we need to decommission AD roles from existing windows server 2012 R2 servers.Â
  5. Log in to windows 2012 R2 domain server as enterprise administrator
  6. Open the PowerShell as administrator
  7. Then type Uninstall-ADDSDomainController -DemoteOperationMasterRole -RemoveApplicationPartition and press enter. It will ask for local administrator password. provide new password for local administrator and press enter. updc28 updc29 updc30
  8. Once its completed it will restart the server. Upgrade the forest and domain functional levels to windows server 2016 Now we have the windows server 2012 R2 domain controllers demoted, next step is to upgrade domain and forest functional levels.Â
  9. Log in to windows server 2016 DC as enterprise administratorÂ
  10. Open PowerShell as administrator
  11. Then type Set-ADDomainMode –identity rebeladmin.net -DomainMode Windows2016Domain to upgrade domain functional level to windows server 2016.  In here rebeladmin.net is the domain name. updc31
  12. Then type Set-ADForestMode -Identity rebeladmin.net -ForestMode Windows2016Forest to upgrade forest functional level. updc32
  13. Once done you can run Get-ADDomain | fl Name,DomainMode and Get-ADForest | fl Name,ForestMode to confirm new domain and functional level updc33 Tags Active Directory Active Directory Forest AD 2016 AD DS 2016 FSMO How to How-To MVP server 2016 Step-By-Step Windows Server 2016 Windows Server 2016 and tagged active direcotry Comments (5)

Name *

Email *

Website

Shahul Minhajudeen May 29, 2017 at 9:43 am Well done. Good job.

Reply Emile Monestime June 6, 2017 at 3:22 am This is a great post. Thank you very much.

Reply humbulani Mugari June 9, 2017 at 7:24 am well done, this is the exact way to install and configure active directory

Reply Md. Atikul Haque June 9, 2017 at 8:28 am Really fantastic article.

Reply Francesco July 26, 2017 at 3:31 pm Thank you very useful Article

Reply Skip to main content Follow Us Video of the Week

Sharing of thoughts and information is what blogging is all about. This way we can learn from each other. Post A Comment!

These postings are provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.

Resident Bloggers

Anthony Bartolo Twitter | LinkedIn

Pierre Roman Twitter | LinkedIn

Privacy & Cookies Terms of Use Trademarks © 2018 Microsoft