In this article we will Migrate Active Directory Server 2019 to Server 2022.
Brief introduction about Active Directory Domains and Trusts
A few preliminary checks should be carried out before starting migration activity as shown in below image.
NOTE: A new virtual machine with Windows server 2022 operating system has been created in order to facilitate migration. When migration is completed, Windows 2019 domain controllers will be decommissioned.
My domain controller server running on Windows Server 2019 Operating System and name called WIN-2019. Domain name is secure.com
Procedure to Migrate Active Directory Server 2019 to Server 2022:
- Prepare existing Active Directory Forest to support Windows Server 2022 as a domain controller.
- Promote Window Server 2022 to additional domain controller status.
- Verify the replication between the Windows Server 2019 Domain Controller and the Windows Server 2022 Domain Controller.
- Transfer Flexible Single Master Operation roles (FSMO) to Windows Server 2022.
Step1 : Prepare Existing AD Forest will be prepared to function as a domain controller with Windows Server 2022.To upgrade the schema version in Windows 2019 Active Directory forest , we must use the command ADPREP.exe.
As above picture show the schema version in active directory 2019 is objectVersion:88
We need to upgrade active directory schema version to 2022. Mount Windows Server 2022 ISO image in windows 2019 domain controller and run below command.
- adprep.exe /forestprep
- adprep.exe /domainprep
- adprep.exe /domainprep /gpprep
Now check the Schema Version as shown below image (or) open Windows Registry and search [Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters] .Windows Server 2019 and Windows Server 2022 have the same schema version of 88.
Step2: Promote Windows server 2019 as an additional domain controller. Login into destination machine windows server 2022, Open Server manager and add Active Directory Domain Services (AD DS) feature.
After installation select promote this server to a domain controller option and add existing domain controller (windows2019-secure.com) credentials.
Select default options for Domain Controller Options, at Additional Options select existing domain controller.
Select default options for Paths, Review Options, Prerequisites Check, Installation and Results. It requires reboot. After reboot login into machine and check the status of domain name.
Step3: Check Replication between both domain controllers. Open Server Manger, click on Tools and select Active Directory Sites and Services. Select Win2022 machine and All Task and check Replication Topology.
Now Check the replication status using DNS. Observers start of authority number 21 both domain controllers for _msdcs.secure.com (Microsoft domain controller service) and 38 both domain controller for secure.com.
Step4: Transfer FSMO to newly promoted Windows Server 2022 additional domain controller because we have to promote Additional Domain Controller as a Domain Controller.
Login into Windows 2022 server and Open Active Directory Users and Computers–>right click on Domain Name –>select Operation Masters –>select Relative ID (RID) Master and click on Change button.So that it will change WIN-2019.secure.com to WIN-2022.secure.com.
Transfer remaining Primary Domain Controller (PDC) Emulator and Infrastructure Master roles as shown like below image.
Transfer remaining two FSMO roles Schema Master and Domain Naming Master using PowerShell as shown below.
Now check the status of FSMO roles by using netdom query fsmo command, all 5 roles has been successfully transferred to windows 2022 domain controller.
Since Windows server 2022 domain controller was configured as a global catalog server.WIN-2022.secure.com has been successfully promoted from additional domain controller to root domain controller.
Check Domain Functional level and Forest Functional level:
As of now Windows Server 2019 and Windows Server 2022, for Active Directory Forest maximum Domain functional level and Forest functional level will be Windows Server 2016.
Login into windows server 2022 and Open Active Directory Users and Computers right click on domain select Raise domain functional level . Open Active Directory Domains and Trusts right click select Raise Forest Functional Level.
Migrate Active Directory Server 2019 to Server 2022 has been completed successfully.
conclusion:
Final step is decommissioning windows Domain Controller 2019 Server by removing Active Directory Domain Services feature and Change the membership of the computer from Domain to Workgroup.
you can Active Directory replication after migration.
I really appreciate your time. Let me know if you have any questions about Migrate Active Directory Server 2019 to Server 2022.