in-place upgrade of 2012 R2 DC to 2019 DC

Mark Gilbert 1 Reputation point
2020-08-26T16:29:56.737+00:00

Are there any special steps I need to take before performing an in-place upgrade from a 2012 R2 domain controller to 2019? This is a single domain controller environment. Is this even possible?

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,474 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,909 questions

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Stephanie Yu 396 Reputation points
    2020-08-27T01:19:45.017+00:00

    Hello MarkGilbert-0650,

    Thank you for posting here.

    Here are the answers for your references.

    The recommended way to upgrade a domain is to promote domain controllers that run newer versions of Windows Server and demote the older domain controllers as needed. That method is preferable to upgrading the operating system of an existing domain controller.

    Adprep and Domainprep
    If you are doing an in-place upgrade of an existing domain controller to the Windows Server 2016 operating system, you will need to run adprep /forestprep and adprep /domainprep manually. Adprep /forestprep needs to be run only once in the forest. Adprep /domainprep needs to be run once in each domain in which you have domain controllers that you are upgrading to Windows Server 2016.

    If you are promoting a new Windows Server 2016 server, you do not need to run these manually. These are integrated into the PowerShell and Server Manager experiences.

    From the reference “Forest and Domain Functional Levels”, we can see:
    The minimum requirement to add a Windows Server 2019 Domain Controller is a Windows Server 2008 functional level. The domain also has to use DFS-R as the engine to replicate SYSVOL.

    Therefore, we can add 2019 domain controller to this existing domain. It is not recommend that we perform in-place upgrade operating system from 2012 R2 to 2019.

    We can follow steps below to upgrade Window server 2012 R2 DC to Window server 2019 DC.

    1. Check if AD environment is healthy. Check all DCs in this domain is working fine by running Dcdiag /v. Check if AD replication works properly by running repadmin /showrepl and repadmin /replsum.
    2. Add the new Window server 2019 to this existing domain.
    3. Add AD DS and DNS roles and promote this Windows server 2019 as a DC (as a GC).
    4. Check if AD environment is healthy again based on step 1.
    5. If step 1-step 4 is OK without any error. We can transfer FSMO roles to new 2019 DC if needed.
    6. Demote Windows server 2012 R2 if needed. Before we demote 2012 R2 DC, we should check:

    If the removed DC was a DNS server, update the DNS client configuration on all member workstations, member servers, and other DCs that might have used this DNS server for name resolution. If it is required, modify the DHCP scope to reflect the removal of the DNS server.

    If the removed DC was a DNS server, update the Forwarder settings and the Delegation settings on any other DNS servers that might have pointed to the removed DC for name resolution.

    References:
    Forest and Domain Functional Levels
    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels

    Upgrade Domain Controllers to Windows Server 2016
    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/upgrade-domain-controllers

    Hope the information is helpful. If anything is unclear, please feel free to let us know.

    Best Regards,
    Stephanie Yu

    3 people found this answer helpful.
  2. Dave Patrick 426.1K Reputation points MVP
    2020-08-26T16:44:27.557+00:00

    It may be possible but is very risky. The better option is to clean install it.

    The two prerequisites to introducing the first 2019 domain controller are that domain functional level needs to be 2008 or higher and older sysvol FRS replication needs to have been migrated to DFSR
    https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2019, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to Accept as answer if the reply is helpful--

    1 person found this answer helpful.
  3. Dave Patrick 426.1K Reputation points MVP
    2020-08-26T16:54:33.127+00:00

    So you are saying running 2019 on top of (In-Place) on the 212 R2 DC server is not possible?

    No, i did not. Actually I said "It may be possible but is very risky." but the cleaner / much safer option is to clean install it. Since a hypervisor is used it makes for a very simple task.

    --please don't forget to Accept as answer if the reply is helpful--

    1 person found this answer helpful.
    0 comments
  4. Thameur-BOURBITA 32,586 Reputation points
    2020-08-26T21:24:08+00:00

    Hi

    You can read the following link to get more details about supported paths to perform a upgrade in place on a domain controller;

    upgrade-domain-controllers

    Upgrade in place is not the recommended method to upgrade a domain controller, It is recommended to promote a domain controller on a new server Windows 2019 then demote the old one.

    Please don't forget to mark this reply as answer if it help you to fix your issue

    0 comments