Share via

Server 2008 R2 to Server 2019 Active Directory Migration

Eric Savage 1 Reputation point
2021-07-18T18:21:16.727+00:00

I am working on migrating my old Server 2008 R2 AD to a 2019 Server. I found out that I could run PowerShell on the 2019 to get the forest to the same version as the 2008 R2. I found a video on YouTube (https://www.youtube.com/watch?v=vuzrihbet1E&t=1515s&ab_channel=MSFTWebCast)
He has a several step process. I downloaded the Server 2019 ISO and then used the files from it to run the PowerShell commands for the forest. If you look at his steps, his step 4 references to make sure that replication is happening. I checked and it is. The downside is that now no one can log into the network without typing their username along with their domain name. They can no longer use their username (example - doejohn). They now have to login with the domain name attached to it (example - doejohn@ssss .local). Both ADs are still active at this time (Server 2008 R2 and Server 2019). Keep in mind that the Forest Level of the 2019 is 2008 R2. If someone tries to login such as doejohn, it says that the account has been disabled and to contact System Admin. My main Administrator account that I was using prior to the migration no longer works as an admin. I can log in, but it has no admin rights. When I log into the Active Directory Users and Groups, the Account information is changed. The User logon name is still set at doejohn and out to the right it has our @ssss .local domain. In User login name (pre-Windows 2000) it has our "domainname\" there and then to the right of it, it has the user with alot of characters after it such as doejohnddiwoe34ougnd When I try to change that to just doejohn, it states "The specified account already exists." I don't know if this will help out, but I did try to use the Storage Migration Service through the Windows Admin Center. Thing is, I started the transfer and it moved 1 file over and nothing since. In the General tab of the account in Active Directory it states Description "Storage Migration Service renamed doejohn to doejohn2t2vzivnbc. Storage Migration Service renamed doejohn2t2vzivnbc to doejohn2t2en0rpujnty renamed doejohn to doejohn2t2vzivnbc. Storage Migration Service renamed doejohn2t2vzivnbc to doejohn2t2en0rpujnty". Needless to say, I'm at a loss now. Any help in figuring this out would greatly be appreciated. Thanks in advance.

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,519 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,012 questions
Windows Server Migration
Windows Server Migration
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Migration: The process of making existing applications and data work on a different computer or operating system.
411 questions

6 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dave Patrick 426.3K Reputation points MVP
    2021-07-18T19:25:48.867+00:00

    You may need to restore from a recent backup and try again. The steps I would have followed are below.

    The two prerequisites to introducing the first 2019 domain controller are that domain functional level needs to be 2008 or higher and older sysvol FRS replication needs to have been migrated to DFSR
    https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    The other option may be to start a case here with product support.
    https://support.serviceshub.microsoft.com/supportforbusiness

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    1 person found this answer helpful.
    0 comments
  2. Dave Patrick 426.3K Reputation points MVP
    2021-07-18T18:37:40.703+00:00

    Hard to tell here but it sounds like a new domain might have been created? From PowerShell

    Get-ADForest

  3. Dave Patrick 426.3K Reputation points MVP
    2021-07-18T18:42:40.95+00:00

    From PowerShell

    Get-ADForest

  4. Fan Fan 15,306 Reputation points Microsoft Vendor
    2021-07-19T00:35:50.307+00:00

    Hi,

    Based on my understanding, now you had added the 2019 server ad a domain controller, and transfer the FSMO roles, and the old one still act as a DC, right?
    Before adding the new one, we should at least meet the following requirements:
    The old DC is working well
    The forest level is 2008R2 or higher, and the DFS-R is used for the sysvol replication.

    For now, do you have a domain account which can log on and runs normally?
    What's the result if shut down the new server, if the old one still works?

    Best Regards,

  5. Fan Fan 15,306 Reputation points Microsoft Vendor
    2021-07-26T06:33:46.337+00:00

    Hi,

    It is suggested to check the following points:
    1, If the logon name is the same as the UPN .
    117795-image.png
    2, If there are any machines have the same name with the domain.
    3, We may try to capture a network package to get more details.

    Best Regards,