The recommended way to upgrade a domain is to promote domain controllers that run newer versions of Windows Server and demote the older domain controllers as needed. That method is preferable to upgrading the operating system of an existing domain controller.
General steps to follow before you promote a domain controller that runs a newer version of Windows Server:
- Verify the target server meets system requirements.
- Verify Application compatibility.
- Review Recommendations for moving to Windows Server 2016
- Verify security settings. For more information, see Deprecated features and behavior changes related to AD DS in Windows Server 2016.
- Check connectivity to the target server from the computer where you plan to run the installation.
- Check for availability of necessary operation master roles:
To install the first DC that runs Windows Server 2016 in an existing domain and forest, the machine where you run the installation needs connectivity to the schema master in order to run adprep /forestprep and the infrastructure master in order to run adprep /domainprep.
To install the first DC in a domain where the forest schema is already extended, you only need connectivity to the infrastructure master.
To install or remove a domain in an existing forest, you need connectivity to the domain naming master.
Any domain controller installation also requires connectivity to the RID master.
If you are installing the first read-only domain controller in an existing forest, you need connectivity to the infrastructure master for each application directory partition, also known as a non-domain naming context or NDNC.
Refer to the below URL it is explained
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/upgrade-domain-controllers
If the Answer is helpful, please click Accept Answer
and up-vote, this can be beneficial to other community members.