Migrating Active Directory to Windows Server 2012 R2



Similar documents
Active Directory Deployment and Management Enhancements

Introduction to DirectAccess in Windows Server 2012

Deploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide

ILTA HAND 6B. Upgrading and Deploying. Windows Server In the Legal Environment

Installing and Configuring Login PI

Deploying Remote Desktop IP Virtualization Step-by-Step Guide

Managing Linux Servers with System Center 2012 R2

Introduction to Hyper-V High- Availability with Failover Clustering

Customizing Remote Desktop Web Access by Using Windows SharePoint Services Stepby-Step

Windows Server 2012 R2 Storage Infrastructure

Windows Azure Pack Installation and Initial Configuration

How to install Small Business Server 2003 in an existing Active

Hyper-V Server 2008 Setup and Configuration Tool Guide

Lab Answer Key for Module 9: Active Directory Domain Services. Table of Contents Lab 1: Exploring Active Directory Domain Services 1

Deploying Remote Desktop Web Access with Remote Desktop Connection Broker Step-by- Step Guide

Step By Step Guide: Demonstrate DirectAccess in a Test Lab

LAB 1: Installing Active Directory Federation Services

Lab Answer Key for Module 1: Installing and Configuring Windows Server Table of Contents Lab 1: Configuring Windows Server

SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR EROOM

AD RMS Step-by-Step Guide

SharePoint Server for Business Intelligence

How to Test Out Backup & Replication 6.5 for Hyper-V

Active Directory integration with CloudByte ElastiStor

EventTracker: Support to Non English Systems

Deploying Microsoft RemoteFX for Personal Virtual Desktops Step-by-Step Guide

Installing Windows Rights Management Services with Service Pack 2 Step-by- Step Guide

In the Active Directory Domain Services Window, click Active Directory Domain Services.

Active Directory Restoration

Lab 05: Deploying Microsoft Office Web Apps Server

Step-by-Step Guide for Setting Up IPv6 in a Test Lab

How To Configure A Windows 8.1 On A Windows (Windows) With A Powerpoint (Windows 8) On A Blackberry) On An Ipad Or Ipad (Windows 7) On Your Blackberry Or Black

Microsoft Hyper-V Server 2008 R2 Getting Started Guide

During your session you will have access to the following lab configuration.

File and Printer Sharing with Microsoft Windows

Deploying Microsoft RemoteFX on a Single Remote Desktop Virtualization Host Server Step-by-Step Guide

How To Complete A Lab On Windows 7 From A Dvd

Microsoft Corporation. Status: Preliminary documentation

20487B: Developing Windows Azure and Web Services

Creating and Deploying Active Directory Rights Management Services Templates Step-by-Step Guide

Deploying System Center 2012 R2 Configuration Manager

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Troubleshooting File and Printer Sharing in Microsoft Windows XP

Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0

Test Lab Guide: Creating a Windows Azure AD and Windows Server AD Environment using Azure AD Sync

Contents Introduction... 3 Introduction to Active Directory Services... 4 Installing and Configuring Active Directory Services...

Lab Answer Key for Module 6: Configuring and Managing Windows SharePoint Services 3.0. Table of Contents Lab 1: Configuring and Managing WSS 3.

Deploy two-tier hierarchy of PKI

6421B: How to Install and Configure DirectAccess

Microsoft IT Camp Hands-On Lab

Using IIS Application Request Routing to Publish Lync Server 2013 Web Services

Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab

AD RMS Windows Server 2008 to Windows Server 2008 R2 Migration and Upgrade Guide... 2 About this guide... 2

Active Directory Installation on Windows Server 2012

Windows Server Update Services 3.0 SP2 Step By Step Guide

Appendix B Lab Setup Guide

Trial environment setup. Exchange Server Archiver - 3.0

Pipeliner CRM Phaenomena Guide Opportunity Management Pipelinersales Inc.

Special thanks to the following people for reviewing and providing invaluable feedback for this document: Joe Davies, Bill Mathers, Andreas Kjellman

How to Secure a Groove Manager Web Site

Module 1: Introduction to Active Directory Infrastructure

Installing Active Directory on Windows Server 2008 by Daniel Petri - January 8, 2009 Printer Friendly Version

Digipass Plug-In for IAS. IAS Plug-In IAS. Microsoft's Internet Authentication Service. Installation Guide

Windows Firewall with Advanced Security Step-by-Step Guide - Deploying Firewall Policies

Administering Group Policy with Group Policy Management Console

Managing SQL Server 2014 with System Center 2012 R2

Course: WIN310. Student Lab Setup Guide. Summer Microsoft Windows Server 2003 Network Infrastructure (70-291)

How To Install And Configure Windows Server 2003 On A Student Computer

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

Implementing and Supporting Windows Intune

NSi Mobile Installation Guide. Version 6.2

Hands-On Lab: WSUS. Lab Manual Expediting WSUS Service for XP Embedded OS

Secure IIS Web Server with SSL

Virtualizing your Datacenter

PHD Virtual Backup for Hyper-V

Managing Exchange Server 2013 with System Center 2012 R2

Hyper-V Server 2008 Getting Started Guide

Lab 00: Configuring the Microsoft Lync Ignite Environment Cloud Hosted Version

Windows Server 2003 Service Pack 1 (SP1) or later service packs Enhanced version of Ntdsutil.exe

SPHOL325: SharePoint Server 2013 Search Connectors and Using BCS

Technical Brief for Windows Home Server Remote Access

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014

Overview of Microsoft Office 365 Development

Module 3: Implementing an Organizational Unit Structure

Integrating idrac7 With Microsoft Active Directory

Implementing and Supporting Windows Intune

CRM to Exchange Synchronization

Microsoft Virtual Labs. Active Directory New User Interface

4cast Client Specification and Installation

Microsoft Dynamics GP. Workflow Installation Guide Release 10.0

Deploying the Workspace Application for Microsoft SharePoint Online

MicrosoftDynam ics GP TenantServices Installation and Adm inistration Guide

Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

Configuring File Servers and Active Directory with Domain Services for Windows-Lab

Module 4: Implementing User, Group, and Computer Accounts

Installation of MicroSoft Active Directory

NETWRIX ACCOUNT LOCKOUT EXAMINER

Sophos Anti-Virus for NetApp Storage Systems startup guide

Step-by-Step Secure Wireless for Home / Small Office and Small Organizations

Core Active Directory Administration

Transcription:

Migrating Active Directory to Windows Server 2012 R2 Windows Server 2012 R2 Hands-on lab In this lab, you will complete a migration of a Windows Server 2008 R2 domain environment to Windows Server 2012 R2 with no downtime to clients. All roles currently held including FSMO, DHCP and DNS will be transferred to enable the Windows Server 2008 R2 domain controller to be retired. Produced by HynesITe, Inc. Version 1.0 12/15/2013

This document supports a preliminary release of a software product that may be changed substantially prior to final commercial release. This document is provided for informational purposes only and Microsoft makes no warranties, either express or implied, in this document. Information in this document, including URL and other Internet Web site references, is subject to change without notice. The entire risk of the use or the results from the use of this document remains with the user. Unless otherwise noted, the companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted in examples herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Copyright 2013 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Hyper-V, Internet Explorer, Windows, Windows PowerShell, and Windows Server are trademarks of the Microsoft group of companies. All other trademarks are property of their respective owners.

Introduction Estimated time to complete this lab 90 minutes Objectives After completing this lab, you will be able to: Promote a Windows Server 2012 R2 member server to a domain controller. Complete the transfer of FSMO roles from a Windows Server 2008 R2 domain controller to a Windows Server 2012 R2 domain controller. Transfer DNS and DHCP roles to a Windows Server 2012 R2 server. Prerequisites Before working on this lab, you must have: Experience with Active Directory. Experience with DHCP and DNS. Overview of the lab In this lab, you will complete a migration of a Windows Server 2008 R2 domain environment to Windows Server 2012 R2 with no downtime to clients. All roles currently held including FSMO, DHCP and DNS will be transferred to enable the Windows Server 2008 R2 domain controller to be retired. Virtual machine technology This lab is completed using virtual machines that run on Windows Server 2012 Hyper-V technology. To log on to the virtual machines, press CTRL+ALT+END and enter your logon credentials. Computers in this lab This lab uses computers as described in the following table. Before you begin the lab, you must ensure that the virtual machines are started and then log on to the computers. Virtual Machine Role Configuration DC08 DC12 Windows Server 2008 R2 domain controller Windows Server 2012 R2 member server Windows Server 2008 R2 domain controller with DNS and DHCP roles installed and configured Windows Server 2012 R2 installed Client1 Windows 8.1 client Windows 8.1 client with the RSAT tools installed Credentials for all virtual machines are Contoso\Administrator with a password of Passw0rd! Note regarding pre-release software Portions of this lab may include software that is not yet released, and as such may still contain active or known issues. While every effort has been made to ensure this lab functions as written, unknown or unanticipated results may be encountered as a result of using pre-release software. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 3

Note regarding user account control Some steps in this lab may be subject to user account control. User account control is a technology which provides additional security to computers by requesting that users confirm actions that require administrative rights. Tasks that generate a user account control confirmation are denoted using a shield icon. If you encounter a shield icon, confirm your action by selecting the appropriate button in the dialog box that is presented. Note on activation The virtual machines for these labs may have been built by using software that has not been activated. This is by design in the lab to prevent the redistribution of activated software. The unactivated state of software has been taken into account in the design of the lab. Consequently, the lab is in no way affected by this state. For operating systems other than Windows 8.1, please click Cancel or Close if prompted by an activation dialog box. If you are prompted by an Activate screen for Windows 8.1, press the Windows key to display the Start screen. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 4

Exercise 1: Prepare for Active Directory Migration In this exercise, you will first examine the current infrastructure to ensure that you are aware of how the Active Directory is currently configured. This is important in any environment to ensure that there is current documentation of the infrastructure. You will then begin the process of migration by preparing the domain controller for migration and by promoting a member server to be an additional domain controller in the current domain. Examine the current environment In this task, you will examine the current configuration of the contoso.com active directory infrastructure. Log on to Client1 as Contoso\Administrator using the password Passw0rd! 1. On the Start screen, type Server and then press ENTER to open Server Manager. 2. In Server Manager, click Tools, and then click Active Directory Users and Computers. 3. In Active Directory Users and Computers, click contoso.com, and then on the Action menu, click Operations Masters. 4. Click the PDC tab. 5. Click the Infrastructure tab. 6. Click the RID tab. Note that all the FSMO roles are currently held by the single domain controller. In a production environment this is more likely to be spread across multiple domain controllers. 7. Click Close. 8. In Active Directory Users and Computers, expand contoso.com, and then click Domain Controllers. Note that there is only a single domain controller currently in the domain. 9. Right-click DC08, and then then click Properties. Note that DC08 is a domain controller and located in the Default-First-Site-Name Active Directory site. 10. Click OK. 11. Right-click contoso.com, and then click Properties. The minimum domain functional level and forest functional level for the migration to Windows Server 2012 R2 is Windows Server 2003. 12. Click OK. 13. Minimize Active Directory Users and Computers. 14. In Server Manager, click Tools, and then click DHCP. 15. In DHCP, in the Actions pane, click More Actions, and then click Add Server. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 5

16. Select This authorized DHCP server, and then click OK. DC08 is currently the only authorized DHCP server in the network. 17. In DHCP, expand DC08, and then click IPv4. Note that there is a single DHCP scope named Internal. 18. Minimize the DHCP console. 19. In Server Manager, click Tools, and then click DNS. 20. In the Connect to DNS Server dialog box, click The following computer. 21. Type DC08, and then click OK. 22. In DNS, expand DC08, and then click Forward Lookup Zones.In DNS, expand DC08/Forward Lookup Zones, and then click Contoso.com DC08 is currently the only DNS server hosting the contoso.com zone. 23. Close the DNS console. 24. Switch to DC08, and then log on as Contoso\Administrator using the password Passw0rd! Prepare the Active Directory forest for migration In this task, you will prepare the existing Active Directory forest for migration to Windows Server 2012 R2. Ensure you are logged on to DC08 as Contoso\Administrator using the password Passw0rd! 1. On the Start menu, right-click Command Prompt, and then click Run as administrator. 2. At the command prompt, type the following command, and then press ENTER. C:\Lab Files\Win2012R2\support\adprep\adprep.exe /forestprep The contents of the Windows Server 2012 R2 ISO have been copied to C:\Lab Files\Win2012R2. 3. Type C and then press ENTER to confirm the schema change. Wait for the ADPREP command to complete before moving to the next task. 4. Close the Command Prompt. 5. Switch to Client1, and then log on as Contoso\Administrator using the password Passw0rd! Promote an additional domain controller In this task, you will promote DC12 to be an additional domain controller in the contoso.com domain. Ensure you are logged on to Client1 as Contoso\Administrator using the password Passw0rd! 1. In Server Manager, right-click All Servers, and then click Add Servers. 2. In Name (CN), type DC, and then click Find Now. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 6

3. Select DC08 and DC12, and then click the arrow to add to the Selected list. 4. Click OK. Note that DC08 has had WMF 3.0 and the.net Framework 3.0 installed. In addition, Windows Remote Management has been configured using the QuickConfig command. 5. In Server Manager, in All Servers, scroll down to Roles and Features, and then in Roles and Features, click Tasks, and then click Add Roles and Features. 6. In the Add Roles and Features Wizard, on the Before you Begin page, click Next. 7. On the Installation Type page, ensure Role-based or feature-based installation is selected, and then click Next. 8. On the Server Selection page, ensure DC12 is selected, and then click Next. Note that only DC12 is listed as the Add Roles and Features wizard will only allow the management of Windows Server 2012 and above servers. 9. On the Select server roles page, select Active Directory Domain Services, and then in the Add Roles and Features Wizard dialog box, click Add Features. 10. Click Next. 11. On the Features page, click Next. 12. On the Active Directory Domain Services page, click Next. 13. On the Confirm installation selections page, check the Restart the destination server automatically if required check box, and then click Install. Wait for the installation to complete before proceeding to the next step. 14. Click Close. 15. In Server Manager, click on AD DS. Note the message that advises that further configuration is required for DC12. 16. Next to the message, Configuration required for Active Directory Domain Service at DC12, click More. 17. In the All Servers Task Details window, click Promote this server to a domain controller. 18. In the Active Directory Domain Service Configuration Wizard, on the Deployment Configuration page, ensure Add a domain controller to an existing domain is selected, and then click Change. 19. In the Windows Security dialog box, enter the username Administrator and the password Passw0rd!, and then click OK. 20. On the Deployment Configuration page, click Next. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 7

21. On the Domain Controller Options page, leave the default capabilities and site information settings, enter the DSRM password of Passw0rd!, and then click Next. 22. On the DNS Options page, click Next. 23. On the Additional Options page, click Next. 24. On the Paths page, click Next. 25. On the Preparation Options page, click Next. Note that the domain preparation would normally not be required in this step as you would have performed the preparation using the ADPREP /domainprep command on the Windows Server 2008 R2 domain controller. However, if this has not been performed then it can be performed as part of the addition of a Windows Server 2012 R2 domain controller. 26. On the Review Options page, click View script. Note the Windows PowerShell script that could be saved to quickly perform this same configuration on an additional server. 27. Close Notepad. 28. On the Review Options page, click Next. 29. On the Prerequisites Check page, click Install. 30. After the installation has completed, click Close. 31. Close the All Server Task Details window. 32. Maximize Active Directory Users and Computers. 33. Navigate to contoso.com/domain Controllers. 34. Click Refresh. Note that DC12 is now a domain controller in the contoso.com domain. Leave the Active Directory Users and Computers console open for the next exercise. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 8

Exercise 2: Migrate the Active Directory FSMO Roles In this exercise, you will migrate the roles currently held by the Windows 2008 R2 domain controller to the new Windows Server 2012 R2 domain controller. This will include all of the FSMO roles, such as RID Master and Operations Master. The goal is to have no impact on the end users while performing the steps for the migration and to ensure that once the Windows Server 2008 R2 domain controller is demoted there will be no ongoing disruption. Transfer the FMSO roles In this task, you will transfer all of the FSMO roles from their current location on DC08 to the new domain controller, DC12. Ensure you are logged on to Client1 as Contoso\Administrator using the password Passw0rd! with the Active Directory Users and Computers console open from the previous exercise. 1. In Active Directory Users and Computers, in the explorer pane, click Active Directory Users and Computers [DC08.contoso.com]. 2. On the Action menu, click Change Domain Controller. 3. In the Change Directory Server dialog box, click DC12.contoso.com, and then click OK. If DC12.contoso.com does not appear, this can be due to a refresh that has not completed. You can manually enter DC12.contoso.com and proceed. 4. In Active Directory Users and Computers, click contoso.com, and then in the Action menu, click Operations Masters. 5. On the RID tab, click Change. 6. In the Active Directory Domain Services dialog box, click Yes, and then click OK. 7. On the PDC tab, click Change. 8. In the Active Directory Domain Services dialog box, click Yes, and then click OK. 9. On the Infrastructure tab, click Change. 10. In the Active Directory Domain Services dialog box, click Yes and then click OK. 11. Click Close. 12. Close Active Directory Users and Computers. 13. In Server Manager, on the Tools menu, click Active Directory Domains and Trusts. 14. In the Active Directory Domains and Trusts dialog box, click OK. 15. On the Action menu, click Change Active Directory Domain Controller. 16. In the Change Directory Server dialog box, click DC12.contoso.com, and then click OK. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 9

If DC12.contoso.com does not appear, this can be due to a refresh that has not completed. You can manually enter DC12.contoso.com and proceed. 17. In Active Directory Domains and Trusts, on the Action menu, click Operations Master. 18. In the Operations Master dialog box, click Change. 19. In the Active Directory Domains and Trusts dialog box, click Yes, and then click OK. 20. Click Close. 21. Close Active Directory Domains and Trusts. 22. On the Start screen, type CMD, right-click Command Prompt, and then click Run As Administrator. 23. At the command prompt, type the following command, and then press ENTER. Regsvr32 schmmgmt.dll This command enables the Active Directory Schema management console snap-in. Leave the command prompt window open. 24. In the RegSvr32 dialog box, click OK. 25. On the Start screen, type MMC, and then select MMC from the results. 26. In Console1, on the File menu, click Add/Remove Snap-ins. 27. In Add or Remove Snap-ins, select Active Directory Schema, and then click Add. 28. Click OK. 29. In Console1, select Console Root/Active Directory Schema, and then on the Action menu, click Change Active Directory Domain Controller. 30. In the Change Directory Server dialog box, click DC12.contoso.com, and then click OK. If DC12.contoso.com does not appear, this can be due to a refresh that has not completed. You can manually enter DC12.contoso.com and proceed. 31. In the Active Directory Schema dialog box, click OK. 32. In Console1, on the Action menu, click Operations Master. 33. In the Operations Master dialog box, click Change. 34. In the Active Directory Schema dialog box, click Yes, and then click OK. 35. Click Close. 36. Close Console1 without saving settings. 37. At the command prompt, type the following command, and then press ENTER. Netdom query fsmo Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 10

This command will take some time to complete. You can move onto the next exercise and then come back. When it does complete you will note that all the FSMO roles are now on DC12.contoso.com. If you receive a notice that The parameter is incorrect, wait a few moments and try again. Leave the command prompt window open. 38. Switch to DC12, and then log on as Contoso\Administrator using the password Passw0rd! Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 11

Exercise 3: Migrate Infrastructure Roles In this exercise, you will migrate the DNS and DHCP roles currently held by the Windows 2008 R2 domain controller to the new Windows Server 2012 R2 domain controller. The goal is to have no impact on the end users while performing the steps for the migration and to ensure that once the Windows Server 2008 R2 domain controller is demoted then there will be no ongoing disruption. All existing DHCP leases and settings will be migrated. Transfer the DNS role In this task, you will transfer DNS from the current setting of DC08 to the new domain controller. As it is an Active Directory-integrated DNS, the DNS configuration will be removed when DC08 is demoted. In order to ensure that DNS resolution is not interrupted during the migration process, the DHCP configuration will also be updated. Ensure you are logged on to DC12 as Contoso\Administrator using the password Passw0rd! 1. On the Start screen, type IP, and then press ENTER. 2. In the Results for ip screen, click View network connections. 3. Right-click Ethernet, and then click Properties. 4. Select Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 5. Modify the Preferred DNS server address to 192.168.0.2, and then click OK. The promotion of DC12 to a domain controller also installed DNS. As you are going to migrate the DNS to the new server you need to ensure that it no longer has DC08 (192.168.0.1) as a DNS server entry. 6. Click CLOSE. 7. Switch to Client1, and then ensure you are logged on as Contoso\Administrator using the password Passw0rd! 8. Maximize the DHCP console. 9. Navigate to DHCP/DC08/IPv4/Server Options, and then click 006 DNS Servers. 10. On the Action menu, click Properties. 11. In Server Options, in Server name, type DC12, and then click Resolve. 12. Click Add. 13. In IP Address, click 192.168.0.1, and then click Remove. 14. Click OK. 15. At the command prompt, type the following commands, pressing ENTER after each line. Ipconfig /release Ipconfig /renew Ipconfig /all Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 12

Note that the DNS server is now 192.168.0.2. In a production environment, an administrator would make the change in DHCP, wait until the lease expired, and then proceed to remove the DNS service. Ideally, in the days prior to the migration, modify the DHCP lease value to be shorter. 16. Switch to DC08, and then ensure you logged on as Contoso\Administrator using the password Passw0rd! 17. On the Start menu, in Start Search, type IP, and then press ENTER. 18. Right-click Local Area Connection, and then click Properties. 19. Select Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 20. Modify the Preferred DNS server address to 192.168.0.2, and then click OK. 21. Click Close. 22. Switch to Client1, and then ensure you are logged on as Contoso\Administrator using the password Passw0rd! Transfer the DHCP role In this task, you will transfer DHCP from the current setting of DC08 to the new domain controller. First, you will install the DHCP role on DC12, and then transfer the DHCP database. So as to ensure that there is as little disruption as possible, you will ensure that the current leases are transferred as well as the configuration. Ensure you are logged on to Client1 as Contoso\Administrator using the password Passw0rd! 1. In Server Manager, in All Servers, scroll down to Roles and Features, and then in Roles and Features, click Tasks, and then click Add Roles and Features. 2. In the Add Roles and Features Wizard, on the Before you Begin page, click Next. 3. On the Installation Type page, ensure Role-based or feature-based installation is selected, and then click Next. 4. On the Server Selection page, ensure DC12 is selected, and then click Next. Note that only DC12 is listed, as the Add Roles and Features wizard will only allow the management of Windows Server 2012 and above servers. 5. On the Select server roles page, select DHCP Server, and then in the Add Roles and Features Wizard dialog box, click Add Features. 6. Click Next. 7. On the Features page, click Next. 8. On the DHCP Server page, click Next. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 13

9. On the Confirmation page, click Install. 10. After the installation has completed, click Close. 11. On the Start menu, type powershell and click on the Windows PowerShell icon to Oopen a Windows PowerShell session. 12. At the Windows PowerShell prompt, type in the following commands, pressing ENTER after each line. MD c:\export MD c:\dhcpbackup Export-DhcpServer ComputerName dc08.contoso.com -Leases -File C:\export\dhcpexp.xml verbose The export command exports the DHCP configuration of DC08 to a file named dhcpexp.xml. 13. At the Windows PowerShell prompt, type the following command, and then press ENTER. Import-DhcpServer ComputerName DC12.contoso.com -Leases File C:\export\dhcpexp.xml -BackupPath C:\dhcpbackup\ -Verbose The import command imports the previously exported configuration to DC12. 14. Type Y, and then press ENTER. Wait until the import completes prior to moving to the next step. 15. Maximize the DHCP console. 16. In the Explorer pane, select DHCP. 17. On the Action menu, click Add server. 18. In the Add server window, in This server, type DC12, and then click OK. 19. In the Explorer pane, expand DHCP/DC12. Note that there is a scope named Internal created. DC12 is not authorized as yet to service requests for addresses. 20. In the Explorer pane, select DC08, and then on the Action menu, click Unauthorize. 21. In the DHCP dialog box, click Yes. 22. In the Explorer pane, select DC12, and then on the Action menu, click Authorize. 23. Click Refresh. It will take several minutes for the unauthorization of DC08 and the authorization of DC12 to complete. To monitor the progress, click Refresh until the arrows next to DC12/IPv4 and DC12/IPv6 are showing as green. If the process is taking a long time for DC12 to show as authorized after DC08 has been unauthorized, right-click DC12, select All tasks, and then click Restart. Wait until DC12 is authorized before proceeding to the next step. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 14

24. At the command prompt, type the following command, and then press ENTER. Ipconfig /all Note that the DHCP server address is 192.168.0.1 and the IP address is 192.168.0.100. 25. At the command prompt, type the following command, pressing ENTER after each line. Ipconfig /release Ipconfig /renew Ipconfig /all Note that the DHCP server is now 192.168.0.2 and the leased IP address is still 192.168.0.100. 26. Switch to DC08, and then ensure that you are logged on as Contoso\Administrator using the password Passw0rd! Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 15

Exercise 4: Remove the Windows Server 2008 R2 Domain Controller In this exercise, you will demote DC08 from the contoso.com domain. As all the roles have been migrated to DC12 this will have no impact on the domain or the users. This is the final step required to ensure that the domain controller will be able to be safely removed from the environment. Demote the Windows Server 2008 domain controller In this task, you will demote DC08 from being a domain controller in the domain. For the time being it will still retain the DHCP and DNS roles, however now that you have transferred all the Active Directory FSMO roles you can remove Active Directory Domain Services. Ensure you are logged on to DC08 as Contoso\Administrator using the password Passw0rd! 1. On the Start menu, in Start Search, type dcpromo, and then press ENTER. 2. In the Active Directory Domain Services Installation Wizard, click Next. 3. In the Active Directory Domain Services Installation Wizard dialog box, click OK. You can ignore the warning regarding the global catalog server as you have configured DC12 to be a Global Catalog server. 4. On the Delete the Domain page, click Next. There is a momentary pause between step 4 and 5. 5. On the Administrator Password page, in password and confirm password, type Passw0rd!, and then click Next. 6. On the Summary page, click Next. 7. After completing the removal, click Finish. 8. Click Restart Now. 9. Wait for DC08 to finish restarting, and then log on as ContosoDC08\Administrator using the password Passw0rd! Wait for the restart and log on to complete before moving onto the next task. If you receive a prompt to restart the computer, click Restart Later. If you receive an Activation prompt, selectclick Activate laterask me later, and then click OK. At this point, DC08 is now a member server in the contoso.com domain. To complete the removal you will remove it from the domain. 10. Open Server Manager. 11. In Computer Information, click Change System Properties. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 16

12. In the System Properties dialog box, on the Computer Name tab, click Change. 13. In the Computer Name/Domain Changes dialog box, click Workgroup. 14. In Workgroup, type Workgroup, and then click OK. 15. In the Computer Name/Domain Changes dialog box, click OK. 15.16. If prompted for credentials, enter Contoso\Administrator withusing the a password of 16.17. In the Computer Name/Domain Changes dialog box, click OK. 17.18. In the Computer Name/Domain Changes dialog box, click OK. 18.19. In the System Properties dialog box, click Close. 19.20. In the Microsoft Windows dialog box, click Restart Now. Wait for the restart to complete before moving onto the next task. 20.21. Switch to Client1, and then ensure you are logged on as Contoso\Administrator using the password Passw0rd! 21.22. In Server Manager, click Tools, and then click Active Directory Users and Computers. 22.23. In Active Directory Users and Computers, navigate to contoso.com/domain Controllers. DC12 is now the only domain controller in the domain. 23.24. Close Active Directory Users and Computers. 24.25. In Server Manager, click Tools, and then click DNS. 25.26. In the Explorer pane, right-click DC08, and then click Delete. 26.27. In the DNS dialog box, click Yes. 27.28. On the Action menu, click Connect to DNS Server. 28.29. In the Connect to DNS Server dialog box, click The following computer. 29.30. Type DC12, and then click OK. 30.31. In DNS, expand DC1208/Forward Lookup Zones, and then click Contoso.com. Note that there is no entry for DC08. The removal of DC08 from the domain automatically deleted any entries in DNS for the server. This is the end of the lab. Lab created by HynesITe, Inc. For questions or comments, send an e-mail message to labs@holsystems.com Page 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information