User Tools

Site Tools


Windows DC Migration


This page exists to detail the process of moving the server roles of AMADEUS to DVORAK.It will detail what has to be moved, how to do it, and any other steps that need to be taken to move all operations from a Windows Server 2008 machine to a different machine running Windows Server 2008 R2. However, the steps should be that same for moving between any 2 NT6 based systems.

Moving the Active Directory and Domain Controller Roles

This was done not with a straight migration, but by adding the new machine as an additional controller in the existing windows ADDC forest.

Notice, you should make sure to have set the external static ip for this machine before adding the controller

Step 1: Preparing the existing forest for an additional controller

You will need to run adprep.exe or adprep32.exe, for x86 systems, on the original server. Aprep can be found in \sources\adprep in the Windows Server 2008 install disk. Run an instance of the command line as admin and navigate to the folder containing adprep.exe, then in the command line run:

adprep.exe /forestprep
adprep.exe /domainprep

The current forest should now be prepared for an additional controller

Step 2: Adding the additional controller

Run dcpromo.exe. This will open up the GUI interface for adding domain controllers. Select the option for adding an additional domain controller to an existing forest. Use “acm.cs” as the domain. When you press next you should see an option to select the current (or one of) the controllers in the domain, select it and click next. You will need to enter your admin credentials for the original server on the next page, you may get an error saying that the login you are using is missing permissions and must be a member of certain groups. Log into the original server add add your account to the groups listed in the popup box for the error. Retry those permissions and make any necessary adjustments to the account of the original server. Make sure that the option to create a DNS server is checked and that the option for a “READ-ONLY” domain controller is NOT checked. All other options should remain the same. Click next until a progress window pops up for creating the AD DC. There may be a warning popup about the DNS server, click continue and ignore it. When it is done the controller should be up and running. Point the servers at the new AD server using this page ldap to AD/nss.

windows/server/migration.txt · Last modified: 2021/05/02 21:36 (external edit)