Active Directory Replication Difference between SYSVOL and AD changes for example password changes

Stuart P 20 Reputation points
2023-02-07T17:27:56.04+00:00

Hi,

WE are in the process of adding the first Windows 2019 domain controllers to a domain currently consisting of only 2008R2 DC's with a 2008R2 Domain and Forest functional level. There are two domains, a parent and child and the new 2019 DC's will only be added to the Child domain. We will be migrating from FRS to DFSR in the child domain as the first step in this process but my question is do I need to migrate from FRS to DFSR in the parent domain, which wont contain 2019 DC's, as my assumption was that I didn't as FRS or DFSR are only used for the SYSVOL and AD objects are replicated via RPC to other DC's. Can anyone confirm if my assumption is correct please.

Thanks in advance.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,873 questions
0 comments No comments
{count} votes

Accepted answer
  1. Thameur-BOURBITA 35,436 Reputation points
    2023-02-07T22:57:43.5833333+00:00

    Hi @Stuart P

    Yes your assumption seems correct because SYSVOL replication , is managed in domain level not forest level and sysvol settings are saved in domain partition.

    For you case , migrating FRS to DFSR for sysvol replication in child domain, let you promote the first domain controller under Windows 2019 in child domain if the domain and domain functionel level is Windows 2008 R2 or higher.

    In other hand , I recommend you to migrate the sysvol replication for root domain to DFSR asap because FRS is no longuer supported by microsoft.

    Please don't forget to mark helpful answer as accepted

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Anonymous
    2023-02-07T23:11:57.8633333+00:00

    Yes, your steps sound good. Each domain FRS->DFSR migration can proceed separately.

    The two prerequisites to introducing the first 2019 or 2022 domain controller are that domain functional level needs to be 2008 or higher and older sysvol FRS replication needs to have been migrated to DFSR

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019 or 2022, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    2 people found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.