Chuyển Domain Controller sang Server mới

Thời gian này cũng khá bận do migrate hệ thống , sẵn tiện viết luôn series migrate .

Phần đầu là migrate Server 2008 sang Server 2012 nhé!

Thực ra tính chụp lại màn hình nhưng hướng dẫn của Dell quá chi tiết rồi nên có lẽ sẽ copy luôn và mình chỉ take note 1 vài điểm nhỏ và 1 lỗi khi triển khai gặp phải 😀

Các bước chuẩn bị cần thiết :

• Đĩa DVD Server 2012 (hoặc ISO) nhét vào máy Server 2008
• Tài khoản domain quản trị nằm trong các group Enterprise Admins / Schema Admins / Domain Admins
• Kiểm tra trong mạng LAN CHẮC CHẮN  KHÔNG còn AD nào đang active ngoài AD 2008 cần migrate  – Đây là 1 chú ý quan trọng vì hồi làm mình đã mất một vài giờ để fix lỗi ” The wizard cannot access the list of domains in the forest.The error is:The RPC server is too busy to complete this operation” . Sau khi check log thì Server 2012 KHÔNG chọn server 2008 migrate mà chọn 1 server ảo đã được supplier dựng lên trước đây để test và không tắt đi , server đó bị lỗi dịch vụ dẫn tới việc 2012 truy xuất quá số lần timeout và báo lỗi ‘The RPC server is too busy to complete this operation’.

Đầu tiên vào Windows Server 2008 cập nhật Active Directory , forest với các lệnh Adprep

. Prepare the existing AD environment for the migration to the new server by upgrading the schema using adprep.exe. Log on to W08R2-DC as domain Administrator, open elevated command prompt and perform the following steps.

Note: This section isn’t necessary with Windows Server 2012 or Windows Server 2012 R2. The AD schema is updated during the promotion of the new server to a domain controller. It is here for informational purposes only.

a. Press the Windows Logo+R, type runas /user:administrator@domain.local where domain.local is replaced by the name of the Active Directory domain and press Enter.

b. Enter the Administrator account password when prompted and press Enter.

c. Type d:\support\adprep\adprep.exe /forestprep and press Enter.

Note: The drive letter d: in the above command is the DVD drive on the Dell PowerEdge 1950 and contains the Windows Server 2012 R2 DVD.

d. Type C to confirm the to upgrade the schema to version 69, Windows Server 2012 R2, and press Enter.

2. Install ADDS on W12R2-DC.

a. Open Server Manager by pressing Windows Logo+R, type servermanager.exe and press Enter. The same task can be accomplished by pressing Windows Logo and selecting Server Manager on the left side of the screen.

b. Click Add roles and features in the Dashboard under Configure this local server.

c. Click Next on Before You Begin.

d. Select Role-based or feature-based installation for Installation Type and click Next.

e. Select W12R2-DC on the Server Selection page and click Next.

f. Click Active Directory Domain Services to install it, click Add Features when prompted and click Next.

g. Click Next on Features.

h. Click Next on ADDS.

i. Click Install on Confirmation.

3. Promote W12R2-DC to a domain controller in the domain.local forest.

a. Click the refresh icon in the top center of the Dashboard in Server Manager and a Post-deployment Configuration notification will appear.

b. Click Promote this server to a domain controller to begin the Active Directory Domain Services Configuration Wizard.

c. Ensure Add a domain controller to an existing domain is checked and type the domain name in Domain:.

d. Click Change… next to Supply the credentials to perform this operation and type Administrator@domain.localwhere domain.local is the fully qualified domain name (FQDN) of the actual domain. Enter the Administrator password.

e. Type the Directory Restore Mode (DSRM) password, confirm it and click Next on Domain Controller Options.

f. Click Next on DNS Options.

g. Click Next on Additional Options.

h. Click Next on Paths.

i. Click Next on Preparation Options.

j. Click Next on Review Options.

k. Click Install on Installation to complete the wizard. The server will reboot upon completion.

4. Transfer the Domain naming operations master Flexible Single Master Operations (FSMO) role from W08R2-DC to W12R2-DC.

a. Open Server Manager by pressing Windows Logo+R, type servermanager.exe and press Enter. The same task can be accomplished by pressing Windows Logo and selecting Server Manager on the left side of the screen.

b. Click the Tools menu in the upper right of Dashboard in Server Manager and select Active Directory Domains and Trusts.

c. Right-click on Active Directory Domains and Trusts and choose Change Active Directory Domain Controllers. Click on W12R2-DC and click OK.

d. Right-click on Active Directory Domains and Trusts and choose Operations Master…. Click Change, acknowledge Yes to change the Domain naming operations master FSMO to W12R2-DC and click OK to complete the task.

5. Transfer the RID, PDC and Infrastructure FSMO roles to W12R2-DC.

a. Open Server Manager by pressing Windows Logo+R, type servermanager.exe and press Enter. The same task can be accomplished by pressing Windows Logo and selecting Server Manager on the left side of the screen.

b. Click the Tools menu in the upper right of Dashboard in Server Manager and select Active Directory Users and Computers.

c. Right-click on the domain name in Active Directory Users and Computers and choose Change Active Directory Domain Controllers. Click on W12R2-DC and click OK.

d. Right-click on the domain name Active Directory Users and Computers and choose Operations Master…. Click Change on the RID tab, acknowledge Yes to change the RID FSMO role to W12R2-DC and click OK to complete the task. Perform the same task on the PDC and Infrastructure FSMO roles.

6. Transfer the Schema master FSMO role from W08R2-DC to W12R2-DC.

a. Press Windows Logo+R, type regsvr32 schmmgmt.dll and press Enter. Acknowledge the successful registration of the .dll by clicking OK.

b. Windows Logo+R, type mmc and press Enter to open the Microsoft Management Console (MMC).

c. Click File, select Active Directory Schema under Available snap-ins:, click Add and click OK to add the snap-in to the MMC.

d. Right-click on the domain name in the MMC and choose Change Active Directory Domain Controllers. Click on W12R2-DC and click OK. Acknowledge the message.

e. Right-click on the domain name the MMC and choose Operations Master…. Click Change, acknowledge Yes to change the Schema master FSMO role to W12R2-DC and OK to complete the task.

7. Install the DHCP Server role on W12R2-DC. Complete steps a through I in section 2 above and install DHCP Server.

8. Migrate the DNS role from W08R2-DC to W12R2-DC.

a. On W12R2-DC open the Network Connections Control Panel tool by pressing the Windows Logo+R, type ncpa.cpland press Enter.

b. Right-click on the Network Interface Card (NIC) and click Properties.

c. Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.

d. Change the Preferred DNS server: to 192.168.0.2 and click OK to complete the change.

e. On W08R2-DC press Windows Logo+R, type dhcpmgmt.msc and press Enter.

f. In DHCP under IPv4 select Server Options and double-click on 006 DNS Server under Option Name.

g. Click Remove under IP Address, change the IP address to 192.168.0.2 and click Add to complete the process. Acknowledge any messages that appear.

h. Perform steps a through d in this section on W08R2-DC.

9. Migrate the DHCP role from W08R2-DC to W12R2-DC. Perform the following steps on W12R2-DC.

a. Press Windows Logo, type Windows PowerShell, right-click on Windows PowerShell and click Run as administratorto open Windows PowerShell.

b. Type md c:\export and press Enterto create a new folder named export on c:

c: Type md c:\export\backup and press Enter to create a new folder named backup on c:\export.

d. Type Export-DhcpServer -ComputerName W08R2-DC.domain.local -Leases -File c:\export\leases.xml -verbose and press Enter to export the leases.

e. Type Import-DhcpServer -ComputerName W12R2-DC.domain.local -Leases -File c:\export\leases.xml -verbose and press Enter to import the leases.

f. Open Server Manager by pressing Windows Logo+R, type servermanager.exe and press Enter. The same task can be accomplished by pressing Windows Logo and selecting Server Manager on the left side of the screen.

g. Click the Tools menu in the upper right of Dashboard in Server Manager and select DHCP.

h. Right-click on DHCP, choose Add Server, click This authorized DHCP server and click OK to add the server.

i. Right-click on W08R2-DC.domain.local, click Unauthorize and acknowledge Yes.

j. Right-click on W12R2-DC.domain.local, click Authorize and acknowledge Yes.

k. Click on W12R2-DC.domain.local, click Action, click All Tasks and click Restart to restart the DHCP service.

Note: The IPv4 scope under W12R2-DC.domain.local should have a green check next to it after completing steps e through f.

10. Run the Active Directory Domain Services Configuration Wizard on W08R2-DC and demote it.

a. Press Windows Logo+R, type dcpromo and press Enter. Acknowledge the global catalog message.

b. Click Next on Delete the Domain.

Note: Do not proceed if a message appears about the inability to contact another domain controller after clicking Next in step b. The AD environment isn’t healthy as W08R2-DC should be able to contact W12R2-DC.

c. Type the Administrator Password, confirm it and click Next.

d. Click Next on Summary.

e. Click Reboot on completion

11. Remove W08R2-DC from the domain.

Note: The steps in this section may not be necessary as Windows Server 2012 R2 should automatically remove the computer object. They are provided in the event this doesn’t occur.

a. Log on to the server using the local Administrator account. Press the Windows Logo+R, type sysdm.cpl and press Enter to open System Properties.

b. Click Change….

c. Click Workgroup:, enter a WORKGROUP name and click OK.

d. Click OK to accept the Computer Name/Domain Changes dialog box.

e. Click OK to accept the Computer Name/Domain Changes dialog box.

f. Click Close.

g. Click Restart Now to restart the server.

Additional Information:

Information about migrating from Windows Server 2003 to Windows Server 2012 R2 can be found here.