AD: Windows 2008R2 to 2019 migration, one leap or step by step
If you want to upgrade the actual servers by performing an in-place upgrade (which I highly advise against), you need to go through multiple steps.
But if you want to add new 2019 Domain Controllers to replace the existing ones, then yes, you can definitely add 2019 DCs in a 2008R2 domain, after the standard preparatory steps (adprep).
Also make sure your SYSVOL uses DFS replication instead of FRS; which it should, but sometimes FRS just stays there because nobody bothered changing that after upgrading from 2003. FRS is not supported anymore and you can't add a 2019 DC in domain which still uses it.
Also, take extra care if you have non-Windows (or old Windows such as XP) devices that use Active Directory for authentication; they might be not compatible with 2019 DCs due to their stronger security settings.
Related videos on Youtube
37 : 58
36 : 27
07 : 21
10 : 33
02 : 00
Alexander
Updated on September 18, 2022Comments
-
Alexander over 1 year
In our company we are planning to do Windows 2008 R2 migration due to End of Support it reached. We're not that fans of living on edge but this time it appear to be wiser target to Windows Server 2019, not 2016 (so we'll live with for years further).
While reading on this topic and looking for best practice approaches I can see many people recommend to do step-by-step migration (2008R2 -> 2012 -> 2016 -> 2019), but in our case it appears to be very lengthy and error-prone way, isn't it? At the same time, looks like we can do that in one giant step (2008R2 -> 2019) so I would like to ask your advice, is it true?
-
Narzard about 5 yearsI have tried to do 2008R2>2019 directly and it did not work. I had to step, though I did 2008R2 > 2012 > 2019. -
Alexander about 5 yearsDear @Narzard thank you for you answer, did you tried AD scheme upgrade 2008R2>2019 or Windows Servers that were domain controllers in 2008R2 domain? I don't want to bother with upgrading servers, I just want to add new (2019) Servers into old domain, then move roles to it and then remove old (ex) DCs from domain and then upgrade the domain. THANK YOU!
-
Narzard about 5 yearsno, they were not servers on a domain.
-
-
Alexander about 5 yearsThe idea I mess with is this: I can upgrade Windows Server itself OR I can upgrade AD only by installing newer (or newest, 2019) version of Servers on separate VMs, add it to domain and move roles to it one by one, so I'll end up with duplicate VM for each of my old DCs with roles completely on it. Then, as all roles be moved to new Servers, I can do the scheme upgrade, isn't it? Thank you for your advice!
-
I say Reinstate Monica about 5 yearsYes you can install a 2019 server in your domain, promote it to a DC, transfer all of the AD roles to the new DC then un-promote your old server. That's obviously a simplified description of the process. -
Alexander about 5 yearsTwisty Impersonator this way I can skip these steps, right?
-
I say Reinstate Monica about 5 yearsBased on your comments I can see that your actual question is how to migrate your domain controller to server 2019 in the fewest steps possible. Your original post is not clear on this point. My answer above answers how to upgrade a 2008 r2 server to server 2019, which arguably is what your original post seems to ask. That said, yes, since you don't have to do an in place upgrade of your existing domain controller, you can skip the intermediate server upgrade steps.
-
Semicolon over 4 yearsI don't think the OP was asking about the operating system upgrades - but upgrading Active Directory specifically. Moreover, I would highly recommend AGAINST in-place upgrades.