Export/import 2019 Domain Controller onto new host?

GlenTech 486 Reputation points
2023-02-04T14:57:40.25+00:00

I have a virtualized Server 2019 DC that I’d like to move to a new HV host as the old host is aging at this point and has a really high uptime. The 2019 VM is running fine and DCDIAG comes back clean so instead of spinning up a new VM and migrating the roles over, it would be much faster to power it down, export it over to the new host, and import it. Live migration isn’t an option as the new host is not joined to the domain. I’ve done this before with other VM’s but none were DC’s.

If it powers up successfully after the import, it will live there and the old copy of it won’t be turned back on. The only thing I’m concerned with is the do not export a DC but I’ve read a bunch of posts where people say it’s worked fine, just don’t run the old copy after which is obvious.

Virtualizing Domain Controllers using Hyper-V | Microsoft Learn

·        Do not use the Hyper-V Export feature to export a virtual machine that is running a domain controller.

·        With Windows Server 2012 and newer, an export and import of a Domain Controller virtual guest is handled like a non-authoritative restore as it detects a change of the Generation ID and it is not configured for cloning.

·        Ensure you are not using the guest that you exported anymore.

·        You may use Hyper-V Replication to keep a second inactive copy of a Domain Controller. If you start the replicated image, you also need to perform proper cleanup, for the same reason as not using the source after exporting a DC guest image.

The only downtime would be the time it takes to copy off to the new host. Am I ok proceeding here? There is another 2012 R2 DC running FYI.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,851 questions
Hyper-V
Hyper-V
A Windows technology providing a hypervisor-based virtualization solution enabling customers to consolidate workloads onto a single server.
2,538 questions
0 comments
Accepted answer
  1. Dave Patrick 426.1K Reputation points MVP
    2023-02-04T15:01:19.5633333+00:00

    Should be Ok, but seems a little risky in a single DC environment. Standing up a new one on new host would be the much safer method and doesn't take that long to do.

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019 patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest