Share via

Migrate Active Directory from 2000 to 2022

Andy Chong 897 Reputation points
2024-03-07T03:36:43.37+00:00

Hi Support,

We have a Windows 2000 Active Directory need to migrate to Windows 2022. Do below migration path correct?

  • Setup new Windows 2003 DC
  • Move FSMO, remove Windows 2000 DC and raise functional level
  • Setup new Windows 2012 R2 DC
  • Move FSMO, remove Windows 2003 DC and raise functional level
  • Migrate FRS to DFRS
  • Setup new Windows 2022 DC
  • Move FSMO, remove Windows 2012 R2 DC and raise functional level

Thanks

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Server | User experience | Other
0 comments

Answer accepted by question author

  1. Thameur-BOURBITA 36,526 Reputation points Moderator
    2024-03-07T05:07:12.6566667+00:00

    Hi @Chong

    You migration path is correct.

    In the first step,With Active Directory 2000 you can add a domain controller under windows 2003 as you mentione it or windows 2008 r2.

    When you install a domain controller windows 2008r2 and demote domain controller 2000 you can raise functional level to windows 2008r2 and migrate replication system from sysvol from frs to dfsr without need to install a domain controller under windows 2012 r2 . This is just a optimization of your migration path but your migration path is correct.

    Please don’t forget to accept helpful answer

    1 person found this answer helpful.

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yanhong Liu 14,325 Reputation points Microsoft External Staff
    2024-03-08T07:22:54.4366667+00:00

    Hello Chong,

    Thank you for posting in Q&A forum.

    Based on your description, your migration steps are feasible. However, you can also make some optimization adjustments, you can remove Windows 200 0DC from Windows 2000 AD - Windows 2008 R2 DC - Mobile FSMO. Raise the functional level to Windows 2008 R2 - Migrate FRS to DFRS (Windows 2012R2 DC can be skipped) - Add Windows 2022DC directly - Move FSMO, remove Windows 2008 R2 DC, raise functional level to Windows 2022. The above skips the Windows 2012 R2 DC step, which is possible because migrating from Windows 2000 to 2008 R2 allows you to jump directly to 2022 after migrating from FRS to DFRS.

    Here are the general steps, but please note that this is only an overview. Before you make the migration, be sure to back up your Active Directory data and test it out of production.

    To upgrade to an intermediate version:

    First, upgrade your Windows Server 2000 to an intermediate version that supports lift-and-shift, such as Windows Server 2008 or Windows Server 2012. This is a necessary step because there is no migration path from Windows Server 2000 to 2022 that is directly supported.

    Migrating to a new domain controller:

    Install Windows Server 2022 and add it as a new domain controller. Make sure it becomes a member of the domain and copy all the necessary directory information.

    To migrate the FSMO role:

    Migrate the Flexible Single Master Operations (FSMO) role from the old domain controller to the new domain controller. This includes Schema Master, Domain Naming Master, Relative Identity Master, Domain Controller Naming Master, and Schema Master.

    To migrate users and groups:

    Migrate users, groups, and computer objects. You can use the Active Directory Migration Tool (ADMT) or other tools to do this. Ensure that all SIDs and permissions are properly mapped.

    DNS Migration:

    If your DNS is integrated with Active Directory, ensure that your DNS settings are properly migrated to the new domain controllers. Ensure that all clients and servers correctly resolve the names of the new domain controllers.

    Validation & Testing:

    Verify that all users and groups were successfully migrated to ensure that all domain controllers are working properly. Conduct appropriate testing to ensure that applications and services work with the new environment.

    To remove the old domain controller:

    Securely remove old Windows Server 2000 domain controllers from the domain. Ensure that all data has been successfully migrated and there are no services that depend on the legacy domain controller before performing this step.

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best Regards,

    Yanhong Liu

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments
  2. Marcin Policht 87,895 Reputation points MVP Volunteer Moderator
    2024-03-07T04:35:31.4533333+00:00

    This seems like a valid plan - details would depend on the number of domain controllers, but the high-level approach looks fine.

    You could potentially use in-place upgrade in some of these steps, but deploying another domain controller in the same domain increases the resiliency and facilitates failback.

    hth

    Marcin

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.