Demoting DC/DHCP

Question

Hi,

WE have 5 virtualized server 2012 DC's in 4 different subnets and a single physical server 2016 DC.
In site A we have 2 VM 2012 DCs and singel 2016 physical DC. One of the VM 2012 DC has all of the FSMO roles plus DHCP.
The Physical DC also has DHCP role and we use these 2 DHCP as failover.

Now we want in the site A remove the DCs that are 2012 and replace them with the server 2016 or 2019.

What is best way to do this? Should we just move the FSMO roles from the VM 2012 DC to the physical 2016 DC, then demote the VM 2012 DC? What would heppens to the DHCP on this VM 2012 after demoting the DC?

Or should we move the FSMO roles to a newly installed and promoted VM 2016 DC and also move the DHCP from 2012 DC/DHCP to the new VM 2016 DC/DHCP and then demote the 2012 VM DC?

Any suggestion?

Answer 1

Or should we move the FSMO roles to a newly installed and promoted VM 2016 DC and also move the DHCP from 2012 DC/DHCP to > the new VM 2016 DC/DHCP and then demote the 2012 VM DC?

I'd favor this option but since they're virtual machines why not stand up a separate member server to host the DHCP service?

Some general info;

The prerequisite before introducing the first 2016 domain controller domain functional level needs to be 2003 or higher.

I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2016, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

--please don't forget to Accept as answer if the reply is helpful--

Answer 2

Hi,
What would heppens to the DHCP on this VM 2012 after demoting the DC

If you have already install another DHCP as failover , you can uninstall the DHCP service on VM2012 before launching the domain controller demotion .
The second DHCP server will ensure the availability of DHCP service during the server migration.

* Should we just move the FSMO roles from the VM 2012 DC to the physical 2016 DC, then demote the VM 2012 DC? *

Yes, if you replace the old DC on Windows to new server Windows 2016 or Windows 2019 , you should perform the following steps:

• Move the FSMO to another DC then demote the VM 2012 install new machine
• Demote old DC 2012
• install new machine on Windows 2016 or 2019
• Promote a domain controller on new machine
• Move back FSMO to new machine Please don't forget to mark this reply as answer if it help you to fix your issue

Answer 3

Hi
Thank you for posting in our forum.
I agree with the views of two community experts, their opinions are very professional.
Hope this information can help you
Best wishes
Vicky

Answer 4

Thank you you all for your replay,

My only concern is the dhcp server. Our multiple sites are heavily dependent on dhcp for voip and also IP assignment.
We also have dhcp servers in our reomte sites, but right now we are thinkinig to replace the DCs in home office.

I think We would go ahed with second option because it is the safer one.

Answer 5

Hi,
I am glad to hear that your issue was successfully resolved.
If there is anything else we can do for you, please feel free to post in the forum.
Have a nice day!