![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 50%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,521 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 62%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDZ%3C/text%3E%3C/svg%3E)
Hello raj a,
Thank you for posting in Q&A forum.
We have a Windows Server 2016 Active Directory Forest and want to introduce a Windows Server 2022 server as a Domain Controller within the forest, is it possible?
A: Yes, you can.
What are the steps to add a Windows Server 2022 server as a Domain Controller in a Windows Server 2016 forest (with Forest Functional Level 2016)?
A:
Step 1
Before we do any changes to our AD environment, we had better to check our AD environment health. So, we can try the following steps:
1.We need to check if all the DCs works fine, we can run Dcdiag /v on each DC to check.
2.Run commands below on PDC to check AD replication status if you have multiple DCs in your domain.
repadmin /showrepl >C:\rep1.txt
repadmin /replsum >C:\rep2.txt
repadmin /showrepl * /csv >c:\repsum.csv
3.Check SYSVOL replication status if you have multiple DCs in your domain.
Step 2
1.Add new 2022 server to the existing domain.
2.Promote this new 2022 server to Domain Controller (add AD DS role and DNS role).
3.Also make this new 2022 DC as GC.
4.Check the health status of new DC and old DC and AD replication status (if you have more than one DC) followed Steps 1.
5.If everything is OK, transfer FSMO roles to the new 2022 DC if needed.
You can check whether you have successfully transferred the FSMO roles by running the command as administrator on any DC: netdom query fsmo
If you want to demote the 2016 DC later, you need to do:
1.If old 2016 DC was a DNS server, update the DNS client configuration on all member workstations, member servers, and other DCs that might have used this DNS server for name resolution. If it is required, modify the DHCP scope to reflect the removal of the DNS server.
2.If old 2016 DC was a DNS server, update the Forwarder settings and the Delegation settings on any other DNS servers that might have pointed to the old 2016 DC for name resolution. 3.Migrate all other roles on old 2016 DC to new 2022 DC (or other member servers) if you have or if you need.
4.After you transfer FSMO roles and update all DNS settings and migrate other roles if you have. And after a period of time, if everything is OK, you can consider demoting the old 2016 DC if needed.
I hope the information above is helpful.
If you have any questions or concerns, please feel free to let us know.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
