Active Directory Migration from Server 2008 R2 to Server 2019 Step by step

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi friends welcome to my channel and today in this video I'm going to show you a directory migration from Windows Server 2008 r2 to Windows Server 2019 so Windows Server 2019 is newly introduced by Microsoft and today I'm going to show you how to how you can migrate basically Active Directory infrastructure and DNS from Windows Server 20 2008 r2 to 2019 and also I'm going to show you in this same video how you can decommission your existing like old domain controller which is 2008 r2 and how you can get rid of from Active Directory and DNS from the old server and you can move the all the a trajectory infrastructure and DNS infrastructure and windows over 2019 so let's start so this is my demo environment which I am going to use in this video to give you them damn with how we can migrate that to adapting and dienes so currently you can see here my first server is vin to k8r to DC 0 1 so I am using for virtual machines here so the first one is my at reductio and DNS server you can identify this is running window k 8 r2 and my domain name is victor enforce all dot lan so if i go here you can see this is my domain controller which is window k 8 r 2 DC 0 1 and my domain name is victim for soul dot look dot lan and you can see my IP address configuration 1 9 2 1 6 8 0.15 1 so this is my domain controller IP address here you can see I am running active acting and DNS services on this machine so if I go here from roles you can identify from role summary also if I expand here you can see these are the roles which is running Active Directory domain services and DNS so these two roles are running on this machine so you can see from here so so basically this is my actual rectory server which is running on Windows Server 2008 so if I go here you can see what this is so this is Windows Server 2008 r2 standard but sir-- is back one running so and my domain name so this is my old domain controller and the new machine where I am going to migrate these things is 2019 server and which is going to be in 2k 19 BC 0 1 and I'm going to migrate my attractive DNS role on this machine and I'm going to give the IP address of this machine 1 9 2 1 6 8 0.1 52 and this is going to be a same domain this is basically a productive migration or upgrade you can say from 2008 r2 to 2019 so the domain name is going to be a same so here is my machine so this is a brand new machine I have just installed operating system on this machine and nothing done in on this machine you can see this is a bare-metal machine which I have just installed so it's having 8 gig of memory and you can see this is not joining domain and Noorie name so I'm going to do all the tasks here from start so this is freshly installed machine I have not done any configuration changes or anything on this machine so we'll do it together and we'll do the migration as well so last we have to a client machine which is Windows 10 client machine so you can see the IP addresses are the first machine is wind took a 1000 won and I paid this one nine two one six eight 0.16 one so if I go here you can see these are this is my Windows 10 client machine so you can see this is joining my domain we train for sold-out LAN and if I go here on a command prompt and run set you can see this is joining my login server is going to be my window k8r 2 DC 0 1 so this is logged in for my domain controller authenticated and also you can verify others details here like you can see basically all the information I'm logged in as a user 0 1 here you can see home path user 0 1 and this is basically my Active Directory domain controller user if I type here Who am I you can see this is the time for sold user so this is user I have logged in from the domain account and if I type here like IP config you can verify my IP config and if I type ipconfig all you can see my DNS settings also so currently my DNS is set to 151 so this is my all IP IP configuration and this is joining my domain victim for tseldora so same if I verify on my second machine so IP config oh so you can see my host name is Vint okay Tandi SEL 0 1 which is here this machine and the IP address you can verify 162 which is given here and the same thing you can verify my DNS is currently allocated to 151 which is my domain controller 2008 domain window so this is the existing infrastructure which I am running right now in this video we have tasked to migrate our Active Directory from this 2008 r2 to 2019 and then we are also going to decommission the 2008 r2 server from a domain controller also we'll do it together so before proceeding anything you have to make sure your Active Directory domain controller which you are going to migrate is healthy and you have no more or no errors but like everything is working fine so I'm going to run DC that command oops my car what I'm running DC Dec so here's the command so if I my typos mistake so this is you can see where it's testing so it's our directory service diagnose is running and you can see trying to find the host and you can see everything is looking good all the test is passed so we have a healthy like you can say healthy domain controller and also you need to make sure you don't have any failed warning here so you can verify from this command bc tag also you can go here in administrative tables and you can open your Active Directory users and computers just to make sure everything is good and you have no errors so you can see this is my victim for so dot LAN and if I go to India you can see I have one group here I have few users here and I have to text up here which is been our Windows 10 client machines so this is good and also you can go and verify your group policy so you are able to modify or do any changes in group policy so you have to make sure your group policy is also working also you can verify your DNS is working fine so you have to make sure you have no problem with DNS as well because when you migrate actually actually server it's automatically going to migrate your domain or DNS calls as well so you don't need to do any task to migrate basically DNS from Windows Server 28 to 2008 to 2019 so this is good DNS is also working and also you can go if you have any trust or anything like you can go and verify those things also domain in accra Directory domain trust so this is good and also you can go here on a command prompt and you can run netdom query fsmo to get the fsmo information and make sure all the roles are healthy so you can see all the rules for summer rolls are currently running on window k8 are 2 DC 0 1 which is this ever so my purpose is to show you you have to make sure your active directory is healthy and you have no problem with directory services before migration and if you found find any problem before migration you have to go there and you have to fix those issues first and then you can proceed with the migration format to directory and dns services from 2008 r2 to windows / 2019 so this is good and now we can go ahead and start the installation and ectrodactyly roles and we can promote this server as a Active Directory domain controller so the first thing we need to do we have to configure IP address on this machine so I'm going to configure IP address so I'm going to put a address 192 168 0.15 - and I'm going to give my gateway address and here this machine is going to join my domain so I'm going to put here 151 which is my domain controller currently and this machine is also going to be a I will change our DNS setting later on also so I'm going to just make sure this machine is able to join my domain so I have configured IP address which you can see here and now I am going to change this machine name so I'm going to put here when to k-19 this is 0-1 and now I'm going to join this machine in domain so Victor in 4 so hit enter so basically I have renamed this machine and I have configured IP address and join in my domain so I'm going to put my credential to join this machine in domain so vector2 welcome to victory for soul domain so click OK and now you must need to restart so I'm going to restart this machine so once this machine is rebooted I'm going to login as n builded basically built-in administrator account you can see here this is a built-in administrator account for computer in domain so if I go to here on members this account is a member of domain admins stater admin Enterprise administrator so we need to make sure we have administrative rights to join or to promote domain controller so now I'm going to login with the built-in administrator account domain admin account here so I need to type the domain name first so Victor enforcer and I'm going to type that account name admin is creator I'm going to type password for administrator so now I have joined this machine in domain and I have the correct rights to promote this machine ASIS domain controller so I'm just going to make sure I've logged in with the current account so you can see admitted out victim for soul and if I go and type for MI you can see I am victim for soul administrator account so this account having all the relevant admin rights to promote domain controller so this is good now you can see this machine in joining domain and also you can see here if I go to computers this is a by default computer is going to be come here so this is good so now we are going to promote this server as a domain controller so I'm going to click on manage and add roles and features so click Next and now at a Niva need to install Active Directory so this is role base installation click Next and here is our server so click Next and now I'm going to select a directory domain services so when you click Active Directory domain services they're automatically going to install our DNS as well so click Next and leave them next so I'm going to click on install so you can see what this is going to install basically basically Active Directory domain services group policy management tool and all these tools are basically a management tool so with this this inspiration is going to do so basically it's going to prepare all the binaries file which is required to promote this machine as a domain controller so after this once the installation is finished we are good to promote the server as a domain controller so it will take few seconds few more seconds I guess so almost 70 percent completed so now we got the link to promote this server as a domain controller so I'm going to click on it so now if we have option are so this machine is going to be join as a domain controller injects existing domain so we already have the domain with the one domain controller which is this victim facade or clan so I'm going to join this as existing domain has a domain controller and you have to make sure you have a current I administrative rights which I talked so if you don't have you can change the account name which having the correct rights to promote this machine has a domain controller in your infrastructure so I'm good with this way to enforce all administrator because this is a built-in domain account so it's have correct rights so click Next and now we need to type the password for directory service restore mode so I'm going to type my credential here click Next and specify delegation options so you can click Next so this is not be able to retrieve our domain to external components so let's cancel this and run move one more time so I'm going to cancel this with that and just make sure you have a correct our DNS setting so what I'm going to do here now I'm going to make some changes in DNS so I'm going to put the DNS so so this is going to point this machine itself because this is also going to be domain controller so click OK I'm going to put the DNS for my router as well so 192 168 0.1 and same thing I'm going to do on my whole domain controller as well so and 51 and primary is going to be ADA second one and I'm going to add my Gateway here so everything is good and now let's try one more time so before trying I'm going to just reboot one so make sure it's not going to like if anything goes wrong it's going to revert that and we got the like good healthy machine to join to promote as a domain controller so I am just rebooting and then we can try one more time so sometimes when you try to do this you can get some this type of error due to authentication fail or something so you can try after reboot so and you need to make sure you have a correct administrative right so we are good to run again so shall we settle down now so I'm going to run promote the service domain cutter once again so I'm going to type the credential here for righty service restore mode and click next and this time you can see we got the domain controller and any domain controller it was just a matter to reboot so we have configured the correct DNS setting and I rebooted and we got this so if you have a multiple domain controller in your infested so you either you can go ahead and do this so click Next and then this is the default path for database folder and locks and says false so I'm going to leave the default so you can see what this is going to do so it's going to do the forest and schema preparation and domain preparation so we are good click Next and now you can see the script as well what we are going to do if you want to run this script from PowerShell you can go ahead and run this so I'm going to click Next and now it's going to check the all the prerequisites and if everything is good we can go ahead and promote this advisor to me in control so just wait for a few seconds so it will give you the option to promote or if you have any warning any error it's going to show you here so you can see here all pre request check pass successfully so we are good to go and you can see we have a few warning years related to like or cryptography and DNS delegation so we can ignore it and click on next so now you can see when we click on install it's going to progress and upgrading forest so this is going to take few minutes and after the Active Directory promotion is done this machine is going to reboot so currently you can see this machine is here on my computer scan oh you and soon this is going to be automatically moved to domain controller once this machine is promoted so now you can see it's upgrading domain domain now so this is good and waiting for DNS now and now in background it's installing the DNS basically DNS server role and now a group policy management so it's going to install and if that is meshing II it's going to install it so it's replicating that directory objects so now almost done it's going to reboot soon no it's configuring the dinner services on this computer so now you can see the server is successfully configured as a domain controller we are good and now this machine is automatically going to reboot in a few seconds so now if I go in my a trajectory server and refresh this you can see if we don't have Windows 2019 domain controller here so if I go and click here and refresh here you can see we have now two domain controllers which is good now you can see this machine is rebooting and now we have two domain control went ok 19 DC 0 1 and win to k8r to DC 0 1 and both our global catalog so now what we need to do we need to migrate all these is fsmo role once by one to new server new domain data which is 2019 and then we can remove this domain controller and DNS role from this machine so we'll do step by step and also we need to verify like all these stuff is going to be open there and we are able to do the modification like DNS manager group policy all these things so now we are get in so I'm going to type the password for administrator account so now I'm going to verify my Dena's first so if I go here in forward look up zone I can see all the DNS entries the year there and reverse lookup is also there so DNS is code and now let's verify group policy of management and we can see we have a simple to group policy configured in this test environment so I'm able to get those all GPIOs both the GPO here and also I can see what is the setting so this is good and the next thing we need to verify actually active users and computers so I'm going to verify Active Directory users and computers we occurred we can I can see all the objects are there like users physician and also I can see that both domain controllers and their properties like global catalog and let's verify site and services so you can see our site India having two servers here so everything is looking good so now I'm going to run CMD here and this is that command so you can see everything is past so this is good so everything is looking healthy here you can see also so now I'm going to check again they're for summer roll so you can see all this there is a domain controller we have joined or 2019 so as a domain controller but this is all there for summer roll is still on 2008 r2 DC 0 1 so I want to move it so let's move the fsmo role so if I go on domain controllers Active Directory users and computers and right click on domain name I will get the here option operations masters and you can see here operation master roles and wait is currently running and where we can change so I'm going to click on change how did she want to transfer the operation master role yes the operation master role was successful to transfer so this is good now I'm going to transfer PDC to FS summer this is also transfer successfully and infrastructure so this is good this is also transferred so we have transfer rate PDC and infrastructure so let's verify the same and I'm going to run this command again so it's going to take some time so I'm going to verify same from our 2019 server so net down qre fsmo so you can see PDCA rate and infrastructure is motile into k-19 DC 0 1 which so 3 rolls has been successfully transferred so this is good and now I'm going to move the next role which is we can move from our domain ectrodactyly domain and Trust so I'm going to right click here and Active Directory domain and Trust and operation masters this is going to be changed so I'm going to move this naming operation master domain naming master so I want to transfer yes and operation master successfully transfer so this is good now let's verify the same so now you can see now all three to four roles has been transferred the one is left which is schema master so to transfer a schema master role we need to launch the MMC and before launching the MMC schema master console we need to add the register the schema master file DLL file so so fetch as we are 32 and schema mg empty door DLL printer so you can see DLL register server is succeeded so this is good and now I can go and launch MMC and from MMC click on files and add/remove snap-in x' and you can see here at to data schema so I'm going to add this so now if I go here right click and change our first thing we need to change the domain controller so I want to change the main controller to 2008 so basically we can if I go on operation masters now we can see this is connected to current as 2008 DC 0 1 so we need to change it to 2019 so this is good and now I'm going to right-click on Operation masters and we can change to now so you can see the below one is 2019 DC's there one so click on yes so pressure master successful the transfer so this is good thing and now we can close all these stuff and we can verify one more time tougher summer road so you can see now all the five key marrow fsmo role is running on DC went ok nineteen DC zero one which is good so now we can basically change the DNS setting on our machine so first thing i'm going to change dns settings my both the client machines and i'm going to verify this is going to join from like login for my domain controller which is 19 so I'm going to put the DNS 192 168 0 dot 152 click OK and I'm going to reboot these machines the same thing I'm going to do with this machine so I've rebooted both my windows 10 machines and now I can go ahead and close these all things for 2008 r2 machine and now I'm good to demote this machine from a domain controller so to do this first thing I want to remove this machine from a domain catalog so from here 2008 r2 I'm going to double click on it and from NTDs settings I'm going to uncheck this global catalog and apply click ok so this is good and now it's become a DC type under DC type you can say this is good only a DC domain controller not a grou global catalog so now I'm going to reboot this machine once so both my machines has been rebooted windows10 client machines so I'm going to log in and both the machines so now I'm going to verify like my domain login server has been chained so on when 1000 won I'm going to verify first then the set command and I can see my domain login service went okay 19 DC 0 which is good thing and let's verify the same on my CL 0 too so you can see the login name login sideways she also changed for this so we got to know like our windows 2019 domain controller is working perfectly fine so now we can proceed for the decommission of this machine so I have just rebooted my 2008 machine and now we can go ahead and proceed for the decommission and removing that tracked in DNS role so I'm going to run one dcpromo here on my old machine dcpromo so welcome to that reductive installation resort so when I click Next this is going to be say like this is a global catalog server unless we like we have changed this from a global catalog this is not a global catalog server anymore so we can ignore it so basically this is going to take some time to sing these information from another domain controller so we are good with it so you have to make sure this is not a global catalog so click Next and now we have to make sure you are not selecting this I would recommend you to take the back of both your domain controller first for your Active Directory infrastructure before denoting any domain controller from your infrastructure so this is good and I make sure that you are not selecting that I delete this domain because this is the last domain in infrastructure so if we have another domain controller in place to take the take care of the domain infrastructure so we are going to click Next now it's checking for the Tina's delegation so we need to type the administrator password with this machine and reset oops so click on next and reboot on completion so it's automatically going to reboot so you can see stopping the net logon services so now the machine is rebooted and I'm going to hit control tower del and now if I go here and login to this machine you will be able to verify this machine is no more in Active Directory you can see this is moved to computers because this machines are no more Active Directory server so this is good thing if I go here an X and expand the roles you can see we don't have actually actually domain we have acted at you some services but we got the error here so we can proceed now to remove these roles permanently from this machine and also I'm going to remove the DNS role and both the this is going to require reboot so we can go ahead now this is going to remove these two roles from this machine and then we are good so now you can see roles has been uninstalled and restart pending so I am going to restart this machine so this machine is going to become 2008 r2 is going to become our only one domain controller infrastructure so we have one domain controller which has been 2k 19 BC 0-1 now and this machine is no more having any direct in DNS role so I'm going to login back on our old machine which is 2008 r2 so removal progress so everything is succeeded removal succeeded and now if I go to rolls you can see no rolls has been you solve this machine so this is good we have successfully decommissioned this machine from a domain controller in DNS roll and now let's verify one more time to reboot this machine both clients and verify if we have an issue with the login so mostly everything is going to be good so I'm going to run here CMD again and you can verify RDC health mmm so everything is past so we are good so you can go ahead and analyze these things in details but basically everything is passed so we can see read manager netlog and machine account everything is good so also let's verify the fsmo roles once not done carry fsmo so you can see status everything else on window k-19 DC 0 1 so everything is good now I rebooted my machine so I'm going to just login back and verify my client machine having no issues so I am able to login so let's login to CL 0 2 I'm going to run few commands here to just verify everything is good so like Who am I so I am victim for sole user 0 1 and I'm going to verify set again so I'm good I am lock and service which has been 2k 19 DC 0 1 so I'm good so this is how we can migrate Active Directory domain services from Windows Server 2008 r2 to Windows / 2019 also also we can have like we have checked how we can decommission 2008 r2 server from our domain infrastructure so this is all in this video so thank you for watching and please subscribe me for more videos and if you have any query any question related to this video you can always post me and my given melodies thank you once again bye bye

Info

Channel: Labs Hands On

Views: 49,264

Rating: undefined out of 5

Keywords: How, to, server 2019, server 2019 upgrade, server 2019 updates, server 2019 cluster, server 2019 containers, ad migration from 2008 to 2019, ad migration tool, ad migration 2008 to 2016, ad migration 2012 to 2016, active directory migration 2012 to 2019, active directory migration 2018 to 2019, active directory domain migration, active directory migration steps, active directory migration tool, quest ad migration, ad user migration

Id: wr5ZCjPTnRo

Channel Id: undefined

Length: 36min 27sec (2187 seconds)

Published: Sat Feb 23 2019