introducing server 2019 into existing AD

Duane L Morris 1 Reputation point
2021-10-08T21:01:46.71+00:00

AD Functional level at 2012R2
GC's are 2012R2 and one 2016
Added 2019 server, did dcpromo and said successful, but won't sync, dns, etc.

Errors with: the replication operation failed because of a schema mismatch between the servers involved

Ideas how to get around. We noticed that when trying to introduce 2016 RODC and 2019 RODC and now 2019 GC

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,453 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,843 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dave Patrick 426.1K Reputation points MVP
    2021-10-08T21:07:04.057+00:00

    The two prerequisites to introducing the first 2019 domain controller are that domain functional level needs to be 2008 or higher and older sysvol FRS replication needs to have been migrated to DFSR
    https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments
  2. Duane L Morris 1 Reputation point
    2021-10-08T21:13:28.4+00:00

    Yeah did the FRS to DFSR migration, ran AD Replication tool, dcdiag, etc and not a single error. Introduced 2019 and that when things start erroring.

    Dfsrmig /getmigrationstate

    The following domain controllers have not reached Global state ('Eliminated'):

    Domain Controller (Local Migration State) - DC Type

    50CAL ('Start') - Writable DC

    Migration has not yet reached a consistent state on all domain controllers.
    State information might be stale due to Active Directory Domain Services latency.

  3. Duane L Morris 1 Reputation point
    2021-10-08T21:15:21.11+00:00

    In fact will not even allow you to promote if FDSR is not completed

    0 comments
  4. Duane L Morris 1 Reputation point
    2021-10-09T02:35:06.103+00:00

    God I hate stepping backwards!! Removed the 2019 Server from AD and everything back and running. Every test I run comes back without errors.
    Tried using my SA Support for this and wound up with a non-english speaking tech that had no clue!! 500K per year for our EA and Support is worthless!

    0 comments