Windows 2012 R2 DC to Windows 2022 DC Migration

A Ska 241 Reputation points
2024-05-09T08:35:17.7333333+00:00

Dears

We're planning Domain Controller migration from 2012 R2 to 2022.

We have 2 DCs 2012 R2 that must be migrated on 2 others DC 2022. We'll keep the same IP of old DCs because of dns dhcp settings on all of our devices

We do not have this patch installed on our 2012R2 DCs:

https://support.microsoft.com/it-it/topic/kb5008380-aggiornamenti-dell-autenticazione-cve-2021-42287-9dafac11-e0d0-4cb8-959a-143bd0201041

Is it mandatory before adding the new DCs to the domain?

There may be problems if not installed?

Thanks

Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,606 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,360 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,718 questions
Windows Server Management
Windows Server Management
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Management: The act or process of organizing, handling, directing or controlling something.
441 questions
Windows Server Migration
Windows Server Migration
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Migration: The process of making existing applications and data work on a different computer or operating system.
437 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Daisy Zhou 26,326 Reputation points Microsoft Vendor
    2024-05-09T10:58:17.2433333+00:00

    Hello A Ska,

    Thank you for posting in Q&A forum.

    Is it mandatory before adding the new DCs to the domain?

    A1: I think it is not mandatory.

    There may be problems if not installed?
    A2: You can read:
    User's image

    Furthermore, could this patch get issues about domain authentication?

    A3: I think There is no issue related to domain authentication. But CVE-2021-42287 addresses a security bypass vulnerability that affects the Kerberos Privilege Attribute Certificate (PAC) and allows potential attackers to impersonate domain controllers.

    To be on the safe side, Microsoft strongly recommends installing the necessary updates.

    https://support.microsoft.com/en-us/topic/kb5008380-authentication-updates-cve-2021-42287-9dafac11-e0d0-4cb8-959a-143bd0201041

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.