Active Directory Migration from Server 2008 to Server 2019

by Anup Chhetri · Published April 3, 2020 · Updated April 8, 2024

In this blog, we will migrate Active Directory ( Server 2008 ) to Active Directory ( Server 2022). Before starting the actual migration, we will first setup windows server 2019 and join in the domain as domain computer.

Install Server 2019 , rename it and set the static IP.

	Old Server	New Server
Name	SRV2008AD1 (not real name)	SRV2019AD1 (not real name)
Domain	....-tech.local	….-tech.local
IP	192.168.11.128/24	192.168.11.130/24
DNS Server	192.168.11.128	192.168.11.128

We have now a old domain controller ( Server 2008 ) and a fresh installed Windows server 2019, which will be later promoted to a new Domain controller.

Raise the forest functional & domain functional level if needed. Open Active Directory Domains and Trusts

Since our forest & domain functional level are already at the highest possible levels, we will check now which server has installed FSMO roles. In our case, there is only one DC server, so we will see only a single server entry. If you have more than one Domain Controller, you may see multiple Servers there.

Type netdom query fsmo command to check

Now it is time to install, configure & promote new windows server 2019.

Open Server Manager and install Active Directory Domain Services

Time to promote new server 2019 to a domain controller. After this we will have two domain controllers; one old 2008 Server and a new 2019 Server.

Click Next. Type the directory services restore mode (DSRM) password and click Next. If you have multiple Sites, choose the right one. In my case, I have only default-site, so no need to change anything. Leave others as it is.

Click Next. Since we want to replicate the old server 2008 configurations to the new server 2019, we will choose to replicate from "Any Domain Controller" option.

Once the DNS Server role is installed, it may take some time to replicate all the settings from old 2008 server to the new 2019 server.

Now have a look at Active Diretory Users and Computers . We can see that new 2019 Server also listed as the domain controller. That means, we have now fully functional 2 domain controllers, replicating with each others.

Time to transfer the flexible single master operations (FSMO) role. As we have previously seen, all FSMO roles are currently with the old 2008 Server DC.

On the new 2019 Server, open Active Directory Users and Computers, right-click domain ...-tech.local and click Operations Masters... .

Now if you check FSMO roles, you will see that some roles are already transfered to the new server.

The remaining 2 roles, Schema Master & Domain Naming Master are still pointing to the old server. So, time to move them to the new 2019 Server.

We will start with Domain Naming Master role.

Right-click Active Directory Domains and Trusts and then select Operations Master.

Changing Domain Naming Master Role to new 2019 Server

Now open Powershell as administrator ( Server 2019 ) and register Active Directory Schema snap-in using regsvr32 schmmgmt.dll

Now open Microsoft Management Console (MMC) and Cick Add/Remove Snap-in...

Right Click Active Directory Schema and select Change Active Directory Domain Controller.

Change Domain Controller to the new 2019 Server

Click ok for any warning.

Now back to console, right-click Active Directory Schema ( Server 2019 ) and select Operations Master.

Changing Schema Master role to new 2019 Server

We have now moved all five FSMO roles to the new server. To verify, open cmd/PowerShell in any domain controller ( in 2008 or 2019 doesn't matter ) and type netdom query fsmo .

Now change the preferred DNS Server in both servers with the IP address of Server 2019. That means, we will point all our DNS request to the new server 2019.

If we now see in the domain controller list, we will still see two domain controllers ; both with global catalogs. So, we will remove the old 2008 Server from global catalog type.