question

ComputerGladiator avatar image
0 Votes"
ComputerGladiator asked ·

Adding a Server 2019 as secondary DC to an exisitng 2012 R2 domain

Hello, I am looking for guidance in adding a new Server 2019 as a secondary DC to an existing 2012 R2 domain. Does anyone have a steps by step procedure?
Thank you

windows-server-2019windows-server-2012
· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If there are any updates, welcome to share here!

0 Votes 0 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered ·

Please run;

Dcdiag /v /c /d /e /s:%computername% >c:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt

then put unzipped text files up on OneDrive and share a link.





· 7 ·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello, I have added AD and DNS features and promoted the new DC. Appears to have completed successfully but thought I would provide the link to the repadmin and dcdiag results if you don't mind reviewing. Thank you.
https://1drv.ms/u/s!Av1PEgpeCgHJig4T_kpx0oXcjCyC?e=eV1rTD

0 Votes 0 ·
DSPatrick avatar image DSPatrick ComputerGladiator ·

The DFS Replication service has detected that no connections are configured for replication group Domain System Volume.

This one may be problematic. Check the event logs for more details. It might be this one (ignore the hotfix) just the Resolution steps.
https://support.microsoft.com/en-us/topic/changes-that-are-not-replicated-to-a-downstream-server-are-lost-on-the-upstream-server-after-an-automatic-recovery-process-occurs-in-a-dfs-replication-environment-in-windows-server-2008-r2-beb3536b-41db-8ae2-d360-b23194de32bc


--please don't forget to Accept as answer if the reply is helpful--







0 Votes 0 ·

When I run the command from the link above I get an error. I have confirmed that the DFS Replication service to automatically recover databases is enabled as per link. I have checked the event logs and they look very clean without any errors related to DFS Replication on DC2. The SYSVOL information appears to be brought over to DC2. I

0 Votes 0 ·
Show more comments
DSPatrick avatar image
0 Votes"
DSPatrick answered ·

The two prerequisites to introducing the first 2019 domain controller are that domain functional level needs to be 2008 or higher and older sysvol FRS replication needs to have been migrated to DFSR
https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405

I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.


--please don't forget to Accept as answer if the reply is helpful--







·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered ·

Hi,
The minimum requirement to add a Windows Server 2019 Domain Controller is a Windows Server 2008 functional level. The domain also has to use DFS-R as the engine to replicate SYSVOL.
To raise the forest functional level
Open Active Directory Domains and Trusts. To open Active Directory Domains and Trusts, click Start , click Administrative Tools , and then click Active Directory Domains and Trusts .
In the console tree, right-click Active Directory Domains and Trusts , and then click Raise Forest Functional Level .
In Select an available forest functional level , select the value and then click Raise .

If you want to check if the DFSR is used for for the Sysvol replication , the following command can be used:
Command:
dfsrmig.exe /getglobalstate
If the Result: 3 (ELIMINATED) the DFSR is used for the replication.
If not, FRS should be migrated to DFSR:
https://docs.microsoft.com/en-us/windows-server/storage/dfs-replication/migrate-sysvol-to-dfsr

Then before add the new dc , we should also make sure everything is working well, following command for your reference :
Dcdiag /v >c:\dcdiag1.log
Repadmin /showrepl >C:\repl.txt
Repadmin /showreps * 

Last ,the new DC can be added , following for your reference:
https://www.petenetlive.com/KB/Article/0001262(third-party link)
This response contains a third-party link. We provide this link for easy reference. Microsoft cannot guarantee the validity of any information and content in this link.

Best Regards,


·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ComputerGladiator avatar image
0 Votes"
ComputerGladiator answered ·

Hello, thanks for everyone's response. I ran dfsrmig.exe /getglobalstate and shows
Current DFSR global state: 'Eliminated'
Succeeded.

Dcdiag /v >c:\dcdiag1.log - This log indicates passed for each stage
Repadmin /showrepl >C:\repl.txt - No errors shown
Repadmin /showreps * - Results with this error....... LDAP error 81 (Server Down) Win32 Err 58.

What does this error represent? Current DC is Server 2012 R2
Thank you

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered ·

Sounds good, also check that domain functional level is 2008 or higher.

I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.


--please don't forget to Accept as answer if the reply is helpful--








·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ComputerGladiator avatar image
0 Votes"
ComputerGladiator answered ·

Any idea what this error means? Should I run these tools only on the current DC?
Thank you

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ComputerGladiator avatar image
0 Votes"
ComputerGladiator answered ·

I want add that the current functional domain level is Windows Server 2012 R2 and I do not intend to decommission this server. I wish to retain the current 2012 R2 domain controller and add a second domain controller that is Server 2019.

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ComputerGladiator avatar image
0 Votes"
ComputerGladiator answered ·
·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered ·

Please do not zip the files.




·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ComputerGladiator avatar image
0 Votes"
ComputerGladiator answered ·
·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.