Scribd
Upload
41 views5 pages

Server Migration in AD

Server migration in Active Directory involves transferring AD roles and services from an old server to a new one without data loss. The process includes preparing the new server, installing AD Domain Services, verifying replication, transferring FSMO roles, and updating DNS. Post-migration checks ensure the new setup is functioning correctly and that users can log in without issues.

Uploaded by

Prabhav Gupta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
41 views5 pages

Server Migration in AD

Server migration in Active Directory involves transferring AD roles and services from an old server to a new one without data loss. The process includes preparing the new server, installing AD Domain Services, verifying replication, transferring FSMO roles, and updating DNS. Post-migration checks ensure the new setup is functioning correctly and that users can log in without issues.

Uploaded by

Prabhav Gupta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

 Server migration in Active Directory means moving your Active Directory roles and

services from an old server (like Windows Server 2012) to a new server (like Windows
Server 2019 or 2022) without losing any AD data or settings.

Its includes like


 Hardware upgrade
 Operating system upgrade
 Security or performance improvements
 AD restructuring

You're not just copying files — you're moving the core of AD (users, groups, DNS, replication,
roles, etc.) from one server to another.

🏗️Example Scenario

You have an old Domain Controller DC1 running Windows Server 2012. You want to migrate
everything to a new server DC2 running Windows Server 2022.

Cclprddcc01 – Carnival DC

🧭 Step-by-Step Guide for Server Migration in AD

🔹 Step 1: Prepare the New Server

 Install the new Windows Server OS (example: 2019 or 2022).


 Set a static IP address.
 Join it to the existing domain as a member server.
 Make sure the old DC and new server can communicate over the network.

🔹 Step 2: Install Active Directory Domain Services (AD DS)


 On the new server (DC2), open Server Manager → Add Roles → Select Active
Directory Domain Services.
 After install, click Promote this server to a domain controller.
 Choose: Add a domain controller to an existing domain.
 Enter domain admin credentials.
 Select options like DNS server, Global Catalog.
 Click Next → Install.

🔁 Result: New server becomes a Domain Controller and starts replicating AD data from the
old one.

🔹 Step 3: Verify Replication

OR use Active Directory Sites and Services to check replication status.


Go to active directory sites and services
Then go to servers server 2022->ntds settings ->replicate configuration from selected DC
click okay
Then next option replicate configuration to selected DC

repadmin /replsummary

and uncheck global catalog

Step 4: Transfer FSMO Roles (Imptant!)

FSMO roles are 5 special AD functions. Transfer them to the new server:

Cmd : ntdsutil

Connected to the computer name windows server 2022

And you need to enter tyeh cmds names as 5 roles

Transfer infrastructure master

Transfer naming master

Transfer PDC master


Transfer RID master

Transfer schema master

For the confirmation if want to type cmd : netdom query fsmo

Step 5: Check and Update DNS

[Link]

 Make sure DNS is installed and working on the new server.


 And there will two zones should be working file
 Add the new DC IP as preferred DNS in client systems and DHCP scopes.
 Verify with: nslookup

Step 6: Demote the Old Domain Controller (Optional)

We will raise decommission REQ for old DC demote

Once everything is verified on the new DC:

 On the old server (DC1), go to Server Manager > Remove Roles.


 Remove AD DS → It will prompt to demote the server.
 Provide domain admin credentials.
 It will remove it as a DC and reboot.

Step 7: Clean Up Old Server in AD

 Delete the old DC from:


o Active Directory Sites and Services
o DNS records
o AD Computers container

🔍 Important Post-Migration Checks

 netdom query fsmo – FSMO roles on new DC?


 dcdiag – Check DC health
 repadmin /replsummary – No replication issues?
 Are users able to log in?
 Are Group Policies applying?
 Check Time Sync and DNS

1. What is server migration in Active Directory?


➤ It's the process of moving AD services like Domain Controller roles, DNS, and DHCP
from one server to another (usually to a newer OS or better hardware).
2. Why do we perform AD server migration?
➤ To upgrade server OS, improve performance, enhance security, or replace failing
hardware.
3. What are the FSMO roles in AD, and why are they important during migration?
➤ FSMO roles are special AD roles (5 in total). They need to be transferred to the new
server to ensure AD works properly.
4. What is the first step in migrating a domain controller?
➤ Add a new server to the domain and promote it as an Additional Domain Controller
(ADC).

🔹 Intermediate-Level Questions

5. How do you transfer FSMO roles?


➤ Using GUI, PowerShell (Move-ADDirectoryServerOperationMasterRole), or
ntdsutil.
6. What tools do you use to check AD replication during migration?
➤ repadmin /replsummary, dcdiag, and Event Viewer.
7. How do you make the new domain controller a Global Catalog?
➤ Use Active Directory Sites and Services, go to the NTDS Settings of the server, and
check “Global Catalog”.
8. What steps do you take before demoting the old domain controller?
➤ Ensure AD replication is successful, FSMO roles are moved, DNS and DHCP are
migrated, and clients are using the new DC.
9. What is dcpromo and when do you use it?
➤ It's a tool (older versions) to promote/demote DCs. Now mostly done via Server
Manager.

🔹 Advanced-Level Questions

10. What if replication fails during migration?


➤ Use tools like repadmin and dcdiag to troubleshoot. Check DNS, network, firewall,
time sync, and services.
11. Can you migrate a domain controller to a different site or subnet?
➤ Yes, but you must update Active Directory Sites and Services and ensure proper
replication links.
12. What is the role of DNS in server migration in AD?
➤ AD relies on DNS. Ensure the new DC is also a DNS server and is listed in the DNS
zone.
13. Have you performed an in-place upgrade or clean migration? Which is better?
➤ Clean migration is better for stability and performance. In-place upgrades can carry
over old issues.
14. How do you verify a successful AD migration?
➤ Check:

 AD replication (repadmin /replsummary)


 FSMO role holders (netdom query fsmo)
 Clients are authenticating via new DC
 No errors in Event Viewer

You might also like