Tag Archives: migrate

Update Domain Controller to Windows Server 2016/2019 and move FSMO roles to new domain controller

I’m still using Windows 2012R2 as my home lab’s domain controller. Since MS released Windows Server 2019, so I think it’s the time to upgrade my test lab to Windows Server 2019.
The first server I want to upgrade is my domain controller.

Even though you can mount the ISO and click setup.exe to upgrade Domain Controller to Windows 2016/2019, but after a test, I found that this kind of “upgrade” is a fresh installation…If you upgrade your DC in this way, you will find after reboot, your DC is gone…You will only have a standalone server running windows 2016/2019 which is in a workgroup… I don’t know why MS permit people doing “upgrade” in this way and don’t show any warning message at all…

So how to upgrade DC to Windows 2016/2019 in the right way?

The right way is to build a new server, and prompt it to domain controller, and then move all FSMO roles to it.

1. Install a new Windows 2016/2019 Server.
2. Install “Active Directory Domain Services” on the server
3. Promote the server to a domain controller. Make sure you also installed DNS services on it.
4. Reboot the server.
5. Once the serer is up and running. Open Server Manager, then open “Active Directory Module for Windows PowerShell”
6. Run below command:

Move-ADDirectoryServerOperationMasterRole -Identity "DC2019" -OperationMasterRole 0,1,2,3,4

Press Y to move all FSMO roles to this server.
7. Run below command to make sure all FSMO roles are migrated to the new domain controller

Get-ADDomain
Get-ADForest

8. demote the old domain controller and then remove the old DC from domain. And then shut down the old DC
9. Change the new DC IP address to the Old one. Then run below command to make sure all DNS records are updated and also no error.

ipconfig/registerdns
dcdiag /fix