Upgrading/Migrating Active Directory to Windows 2012

Upgrading or Migrating Active Directory to Windows Server 2012

While managing an Active Directory infrastructure for the last few years, administrators have seen Active Directory migrations from starting from Windows NT to Windows 2000 and then Windows 2003, then Windows Server 2008, Windows Server 2008 R2 and to finally Windows Server 2012 was recently released. It would be a tough time for an AD administrator trying to manage and upgrade an AD infrastructure that has domain controllers running a mix of one/more/all of the following: Server 2003, Server 2008, Server 2008 R2 and Server 2012?

Please follow this blog to help you with the upgrade process in general. There is already a lot of information available on the internet.

An Overview of the Process

Let’s chalk out a framework to manage the process.

ASSESS ===>> PLAN === >> TEST ==== >> DEPLOY

 

Assess Your Environment

Start by assessing where you are today with your Active Directory infrastructure. Specifically:

  • Document your current company Architecture, Design and Sizing of Servers. What is the current domain controller deployment, the Architecture or the domain, how many sites, and how many Domain Controllers per site?
  • Document all your dependencies and all applications that depend on AD? What are the important business applications, and their dependency on AD?
  • Discover and document your current Domain Controllers configuration?
  • Research the changes to the default OS behavior in the “new” versions of Windows. Do you know what these are, and how they might affect you?
  • Inventory of all applications/services that are running on your Domain Controllers.

Plan The Upgrade

Now think about where you’re going, and what you have to do to get there.  Use your assessment data to drive the plans. Specifically:

  • Decide which version of Windows Server you are heading for – Windows Server 2012?
  • Determine whether you are ready for this new version of Windows?
  • Document your desired architecture. Are you going to carry your current architecture forward? Do you have the right number of DCs in the right place of the right capacity?
  • Decide the type of DC you have planned to deploy (Read-Only or Virtual / Physical Domain Controllers)?
  • Would the Dependencies of Active Directory be compatible with the new version of Domain Controllers?
  • Determine which application/client dependencies need to be tested against new DCs.
  • Please Backup the Active Directory on all your servers before you go ahead.
  • Plan to manage the behavior changes in the default configuration of the new the OS. Plan a rollback as well ( Please get in touch with me for the rollback procedure).
  • Plan the introduction of New DC’s with respect to the design and plan it with respect to the Assessed design?
  • Plan the retirement of old DCs from the domain and also plan the migration of  other services off of these DCs?
  • Also plan if you need to move IP addresses (or hostnames) from old DCs to new DCs?

Test

Ideally, you should test every proposed change. Practically, you need to determine what you must test and what you can test, and how you will test.

In some cases you will test in a lab, in other cases, you may test in production.

  • You really should test Schema extensions and other changes made to the Active Directory database (ADPREP), as these changes are irreversible.
  • Decide which applications or clients that depend on Active Directory need to be tested.
  • Test your migration plan for other services like DHCP, WINS, DNS that may be hosted on your current DCs.

Deploy

Now that you’re ready, plan your deployment into stages similar to milestones that you may set,

  • Preparing the Active Directory Schema.
  • Deploying the first 2012 Domain Controller.
  • Deploying additional Domain Controllers and demoting old DCs.
  • Upgrading Domain Functional Levels, Forest Functional Levels and implementing new features.