On October 10, 2023, the Windows Server 2012 operating system will no longer get support. Due to this, many businesses wished to switch from these operating systems. Operating systems that are nearing their end of life have an immediate impact on different industry compliances, IT audits, Penetration tests, and more. End-of-life operating systems give little choice but to update, even if there is no business reason to do so.
It’s crucial to realize that Active Directory is not a stand-alone solution if you want to understand why AD migrations are more difficult than other software or hardware updates. Instead, Windows Server’s operating system includes its primary service, AD DS. Therefore, you don’t move AD directly; rather, you migrate Active Directory through upgrading Window Server on your domain controllers.
There are various phases involved in migrating Active Directory from 2016 to 2019. An overview of the process is given below:
- Assess the current environment: Before you start the migration process, it is very important to get a clear understanding of your current Active Directory environment. It includes the number of domain controllers, their roles, and any custom configurations you may have in place. Additionally, important to ensure that all applications and services that rely on Active Directory are compatible with the new version. If there are any compatibility issues, they need to be resolved before proceeding with the migration.
- Firewall ports communication: Firewalls can block communication between domain controllers, which can cause issues during the migration process. It’s important to ensure that all necessary ports are open between the domain controllers.
- Install the new domain controller: Install a new Windows Server 2019 machine and add it to the existing domain as a member server.
- Patch Servers with latest Windows Updates: install the latest windows patches on the newly build server. Please make sure server should be fully patches before starting the promotion process.
- Install AD DS Role: Install the Active Directory Domain services role from server manager.
- Promote the new domain controller: Promote the new server to a domain controller by using the Active Directory Domain Services Installation Wizard. This will create a new Active Directory Forest or domain, depending on the configuration you choose.
- Transfer FSMO roles: Transfer the Flexible Single Master Operations (FSMO) roles from the old domain controller to the new one. These roles include the PDC Emulator, RID Master, Infrastructure Master, Schema Master, and Domain Naming Master.
- Replicate data: Allow time for the new domain controller to replicate all necessary data from the old domain controller. This process can take several hours depending on the size of your environment.
- Decommission the old domain controller: Once the new domain controller is fully operational and you have verified that all data has been replicated, you can decommission the old server by demoting it from the domain controller role.
- Verify the migration: Verify that all Active Directory functionality is working as expected on the new domain controller.
- Raise the Domain and Forest Functional level: Raise the Domain and Forest Functional level so that it will meet with Microsoft standards.
It’s important to keep in mind that this is only an overview of the migration procedure. Before making any changes to your production environment, it is advised that you carefully plan and test the migration. The exact methods may vary based on your specific scenario.
So, that’s all in this blog. I will meet you soon with next stuff. Have a nice day!!!
Guys please don’t forget to like and share the post. Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them.
You can also share the feedback on below windows techno email id.
If you have any questions, feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.