2008 R2 Standard upgrade to 2012 R2

Ron Stalnaker 1 Reputation point
2021-04-14T13:05:38.847+00:00

I have 2 Domain Controllers, 1 is a 2008 R2 Standard, I am wanting to upgrade this to a 2012 and then to a 2016 R2. Since this a DC what is the best way to achieve this? I have reviewed the How To doc by Microsoft, but I only see 2012 R2 Eval edition.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
9,439 questions

8 answers

Sort by: Newest
Most helpful Newest Oldest
  1. Dave Patrick 351.7K Reputation points MVP
    2021-04-21T13:30:27.367+00:00

    Any progress or updates?

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments
  2. Daisy Zhou 13,786 Reputation points Microsoft Vendor
    2021-04-15T06:02:42.117+00:00

    Hello @Ron Stalnaker ,

    Thank you for posting here.

    Hope the information above provided by DSPatrick is helpful.

    Here is my suggestion for your reference.

    For upgrading domain controller from lower operating system to higher operating system, we suggest you promote a new higher operating system of Windows server as DC in the existing domain, then demote the lower operating system of DC to a Windows server after transfer FSMO roles to another DC if needed.

    We never recommend you perform an in-place upgrade of an existing domain controller to higher operating system, because it is very likely that there will be operating system problems during the in-place upgrade.

    Before we do any change in existing AD domain environment, we had better do:
    1.Check if AD environment is healthy. Check all DCs in this domain is working fine by running Dcdiag /v. Check if AD replication works properly by running repadmin /showrepl and repadmin /replsum.
    2.Had better back up all domain controllers.
    3.Check both SYSVOL folder and Netlogon folder are shared by running net share on each DC.
    4.Check we can update gpupdate /force on each DC successfully.

    5.If you want to add 2016 DC to the existing domain, the forest functional level must be at least 2003.

    Check forest /domain functional level via GUI or command as below.
    88046-fu1.png

    After that, we can follow steps below to upgrade Window server 2008 R2 DC to Window server 2016 DC after you confirm the domain functional level and forest functional level is at least 2003.

    1.Check if AD environment is healthy. Check all DCs in this domain is working fine by running Dcdiag /v. Check if AD replication works properly by running repadmin /showrepl and repadmin /replsum.
    2.Add the new Window server 2016 to this existing domain.
    3.Add AD DS and DNS roles and promote this Windows server 2016 as a DC (as a GC).
    4.Check if AD environment is healthy again based on step 1.
    5.If step 1-step 4 is OK without any error. We can transfer FSMO roles to new 2016 DC if needed.
    6.Migrate other roles on this 2008 R2 DC if you have other roles and need to migrate other roles.
    7.Demote Windows server 2008 R2 from DC to member server if needed.

    Before we demote 2008 R2 DC, we should check:

    If the removed DC was a DNS server, update the DNS client configuration on all member workstations, member servers, and other DCs that might have used this DNS server for name resolution. If it is required, modify the DHCP scope to reflect the removal of the DNS server.

    If the removed DC was a DNS server, update the Forwarder settings and the Delegation settings on any other DNS servers that might have pointed to the removed DC for name resolution.

    Forest and Domain Functional Levels
    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels

    Hope the information above is helpful.

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    0 comments
  3. Dave Patrick 351.7K Reputation points MVP
    2021-04-14T15:25:27.167+00:00

    I'd stand up a new windows instance for the file sharing and move that off as first step.

    Then assuming the DFL is 2003 (or higher) use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then move the roles off the 2008 to another healthy one. Then demote 2008, then rebuild it with Server 2016, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can move on to next one.

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments
  4. Dave Patrick 351.7K Reputation points MVP
    2021-04-14T15:07:03.93+00:00

    simply run the setup.exe for the 2012 r2 server on the 2008 R2, install and select keep all settings and files. I wanted to ensure this option would carry over the DC settings and not cause an issue.

    An in-place upgrade is very risky and never recommended, especially for a domain controller.

    It isn't possible to do an in-place upgrade using evaluation media. Licensed media would need to be used plus the 2012 would need to be activated in order to do the second in-place upgrade (which just doubles the risk level)

    --please don't forget to Accept as answer if the reply is helpful--

  5. Dave Patrick 351.7K Reputation points MVP
    2021-04-14T14:58:19.27+00:00

    the 2012 is a Hyper V instance. Would it be best to ensure the 2012 Hyper V is the primary

    Also this was not clear. I hope the domain controller is a guest instance. A hyper-v host should have the hyper-v role as only installed role.

    --please don't forget to Accept as answer if the reply is helpful--