Migrate AD from 2012 to 2022

Denis OLN 40 Reputation points
2023-10-25T09:06:31.8833333+00:00

Hi everyone

So i have customer with 2 DC on located on different site comunicated with vpn site-to-site.

SRVBO (Primary Domain)

SRVRN (Seconday Domain)

Both dc as running on VM on Proxmox Server just for info.

Now customer want migrate this DC to Windows Server 2022.

So i create 2 new VM with Windows Server 2022 and this is the step i perform:

  1. Join Domain
  2. Install Domain Service Role and Promote ad DC
  3. Transfer FSMO Roles from SRVBO to DC01
  4. Demote SRVRN and remove the roles AD.

Now i have three DC:

SRVBO(old PDC)

DC01 (new windows2022 PDC in the same network of SRVBO)

DC02 (new windows2022 secondary domain)

The problem is if i poweroff SRVBO for testing, and reboot both DC01 and DC02 is still on this blue screen "Applying computer settings" for 5-10 minutes and once arrive to the desktop if i open "User and Computers Active Directory" i get this error: Unable to locate naming information: The specified domain does not exist or cannot be contacted.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,595 questions
0 comments No comments
{count} votes

Accepted answer
  1. Anonymous
    2023-11-08T14:22:30.98+00:00

    To be honest this thread has been running so long and so slowly I don't even remember the current status. With the problems you're having there's a good chance that domain health was in a broken state before this upgrade process was started which just adds to complication and confusion. I'd suggest moving roles off and demoting new ones, clear out the system and dfs replication event logs on original and then after reboot capture a new set of files to look at.

    1 person found this answer helpful.

16 additional answers

Sort by: Most helpful
  1. Denis OLN 40 Reputation points
    2023-11-03T13:08:35.5533333+00:00

    Hi Dave

    So i perform what you did:

    1 Move all FSMO Roles from DC01 back to SRVBO

    2 Demote Both DC01 and DC02

    3 Clean Metadata for the DC01 and DC02 from "Active Directory Site and Services" and click delete on DC01 and DC02, i also delete old record from dns server that point at DC01 or DC02.

    4 Clear Log for System and DFSR and then reboot SRVBO

    This is the new DCDIag:

    https://1drv.ms/f/s!AtoewrWi2bwigUr3YC_HHleo_jmQ?e=egiv98

    Event Viewer:

    System:

    Source: DistributedCOM ID: 10028

    DFS Replication: I don't have any errors.

    0 comments No comments

  2. Anonymous
    2023-11-03T13:18:59.29+00:00

    Mostly appears Ok, but this one is present and should be cleared up.

    https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/replication-error-8589

    --please don't forget to close up the thread here by marking answer if the reply is helpful--


  3. Anonymous
    2023-11-03T13:56:38.7+00:00

    Sounds good, the next step is to confirm the ports are freely flowing between networks.

    https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts#windows-server-2008-and-later-versions

    https://www.microsoft.com/en-us/download/details.aspx?id=24009

    --please don't forget to close up the thread here by marking answer if the reply is helpful--


  4. Denis OLN 40 Reputation points
    2023-11-06T10:35:59.6366667+00:00

    Hi dave

    This is the link with the result of portqry:

    https://1drv.ms/f/s!AtoewrWi2bwigU4mD-JmNfclwGxI?e=B0N6jd

    I test this port range "49152-65535" but not save the output in a file because it takes a lot of time but some port are listening and some not.

    Wait your instructions for next step.

    Thanks

    0 comments No comments