Share via

How to upgrade the active directory from 2012R2 to 2016

Ibrahim hasan 61 Reputation points
2021-07-18T09:57:47.747+00:00

Dear Expert,

I have to upgrade our AD from 2012R2 to 2016, may I know what is the steps to do this upgrade and what should I have to do avoid any issue?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,966 questions
Accepted answer
  1. SUNOJ KUMAR YELURU 13,956 Reputation points MVP
    2021-07-18T10:24:56.43+00:00

    Hi @Ibrahim hasan

    The recommended way to upgrade a domain is to promote domain controllers that run newer versions of Windows Server and demote the older domain controllers as needed. That method is preferable to upgrading the operating system of an existing domain controller.

    General steps to follow before you promote a domain controller that runs a newer version of Windows Server:

    1. Verify the target server meets system requirements.
    2. Verify Application compatibility.
    3. Review Recommendations for moving to Windows Server 2016
    4. Verify security settings. For more information, see Deprecated features and behavior changes related to AD DS in Windows Server 2016.
    5. Check connectivity to the target server from the computer where you plan to run the installation.
    6. Check for availability of necessary operation master roles:
      To install the first DC that runs Windows Server 2016 in an existing domain and forest, the machine where you run the installation needs connectivity to the schema master in order to run adprep /forestprep and the infrastructure master in order to run adprep /domainprep.
      To install the first DC in a domain where the forest schema is already extended, you only need connectivity to the infrastructure master.
      To install or remove a domain in an existing forest, you need connectivity to the domain naming master.
      Any domain controller installation also requires connectivity to the RID master.
      If you are installing the first read-only domain controller in an existing forest, you need connectivity to the infrastructure master for each application directory partition, also known as a non-domain naming context or NDNC.

    Refer to the below URL it is explained
    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/upgrade-domain-controllers

    If the Answer is helpful, please click Accept Answer and up-vote, this can be beneficial to other community members.

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Hannah Xiong 6,231 Reputation points
    2021-07-19T02:23:47.213+00:00

    Hello @Ibrahim hasan ,

    Thank you so much for posting here.

    As mentioned, we recommend we add a new 2016 DC to the existing domain instead of upgrading the Windows Server 2012 R2 to Windows Server 2016.

    Here are the steps about how to add a new DC to existing domain. We can try the above steps.

    1, Check DC health by running Dcdiag /v and check AD replication by running repadmin/showrepl and repadmin /replsum.
    2, Join Windows Server 2016 to existing domain.
    3, Promote Windows Server 2016 to Domain Controller.
    4, Repeat step1 to check AD environment health.
    5, Transfer FSMO roles to the new DC if needed.
    6, Demote the old DC if needed.
    7, Raise domain / forest function level based on our requirement and environment, as mentioned above.

    For any question, please feel free to contact us.

    Best regards,
    Hannah Xiong

    0 comments
  2. Ibrahim hasan 61 Reputation points
    2021-08-02T05:46:20.407+00:00

    Thanks a lot for all of you for your comments and guidance

    0 comments