Migrate AD from 2012 to 2022

Denis OLN 40 Reputation points
2023-10-25T09:06:31.8833333+00:00

Hi everyone

So i have customer with 2 DC on located on different site comunicated with vpn site-to-site.

SRVBO (Primary Domain)

SRVRN (Seconday Domain)

Both dc as running on VM on Proxmox Server just for info.

Now customer want migrate this DC to Windows Server 2022.

So i create 2 new VM with Windows Server 2022 and this is the step i perform:

  1. Join Domain
  2. Install Domain Service Role and Promote ad DC
  3. Transfer FSMO Roles from SRVBO to DC01
  4. Demote SRVRN and remove the roles AD.

Now i have three DC:

SRVBO(old PDC)

DC01 (new windows2022 PDC in the same network of SRVBO)

DC02 (new windows2022 secondary domain)

The problem is if i poweroff SRVBO for testing, and reboot both DC01 and DC02 is still on this blue screen "Applying computer settings" for 5-10 minutes and once arrive to the desktop if i open "User and Computers Active Directory" i get this error: Unable to locate naming information: The specified domain does not exist or cannot be contacted.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,582 questions
0 comments No comments
{count} votes

Accepted answer
  1. Anonymous
    2023-11-08T14:22:30.98+00:00

    To be honest this thread has been running so long and so slowly I don't even remember the current status. With the problems you're having there's a good chance that domain health was in a broken state before this upgrade process was started which just adds to complication and confusion. I'd suggest moving roles off and demoting new ones, clear out the system and dfs replication event logs on original and then after reboot capture a new set of files to look at.

    1 person found this answer helpful.

16 additional answers

Sort by: Most helpful
  1. Anonymous
    2023-11-06T13:30:11.26+00:00

    some port are listening and some not

    You'll need to reach out to the VPN / firewall provider about this problem.

    --please don't forget to close up the thread here by marking answer if the reply is helpful--


  2. Denis OLN 40 Reputation points
    2023-11-09T10:10:25.9666667+00:00

    Hi dave i have good news finally :)

    So i have promote DC01 as DC, then in event viewer on SRVBO is still get errors DSFR ID 5002, i found a tutorial to fix SYSVOL and NETLOGON not show up, basically i open Regedit on DC where sysvol and netlogon folder not show and navigate to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

    And Set SysVolReady from 0 to 1

    After that SYSVOL Folder showing up on DC01, but Netlogon folder not, for fix this just create a folder name "scripts" under "C:\Windows\SYSVOL\domain" and restart Netlogon service and then is showing up.

    But the folder "policies" on SRVBO(PDC) not synchronize on DC01, so i perform "An authoritative synchronization of DFSR-replicated sysvol replication" and now both DC SYSVOL Folder has bidirectional synchronization.

    So i think now can i move FSMO Roles From SRVBO to DC01 and then demote SRVBO?

    Thanks


  3. Denis OLN 40 Reputation points
    2023-11-23T07:56:20.28+00:00

    Hi you can close this thread


  4. Denis OLN 40 Reputation points
    2023-11-23T13:23:29.8566667+00:00

    Hi Dave

    That's was the solution for me how can i mark?

    Hi dave i have good news finally :)

    So i have promote DC01 as DC, then in event viewer on SRVBO is still get errors DSFR ID 5002, i found a tutorial to fix SYSVOL and NETLOGON not show up, basically i open Regedit on DC where sysvol and netlogon folder not show and navigate to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

    And Set SysVolReady from 0 to 1

    After that SYSVOL Folder showing up on DC01, but Netlogon folder not, for fix this just create a folder name "scripts" under "C:\Windows\SYSVOL\domain" and restart Netlogon service and then is showing up.

    But the folder "policies" on SRVBO(PDC) not synchronize on DC01, so i perform "An authoritative synchronization of DFSR-replicated sysvol replication" and now both DC SYSVOL Folder has bidirectional synchronization.

    So i think now can i move FSMO Roles From SRVBO to DC01 and then demote SRVBO?

    Thanks