You can migrate Active Directory (AD) from Windows Server 2008 to a newer Windows Server OS using a Domain Controller Upgrade and Transfer process. Microsoft provides a smooth transition path, but there are a few steps to follow carefully.

active directory

Step 1: Prepare Your Environment

  1. Check Current AD Health on the 2008 Server
    • Run: 
      dcdiag /v
    • Fix any errors before proceeding.
  2. Check AD Functional Level
    • Open Active Directory Users and Computers (ADUC) (dsa.msc).
    • Right-click the domain > Raise Domain Functional Level.
    • Ensure it’s at Windows Server 2008 or higher (Required for migrating to newer versions).
  3. Ensure You Have a New Server Ready
    • Install Windows Server 2016, 2019, or 2022 on a new machine.
    • Assign a static IP address in the same network as the old server.
    • Set Primary DNS to the Windows Server 2008 DC.

Step 2: Install AD DS on the New Server

  1. Join the new server to the existing domain.
  2. Open Server Manager on the new server.
  3. Click Manage > Add Roles and Features.
  4. Select Active Directory Domain Services (AD DS).
  5. Follow the prompts and install.

Step 3: Promote the New Server as an Additional Domain Controller

  1. Open Run (Win + R), type: 
    dcpromo

    (If using Windows Server 2016/2019/2022, use Server Manager instead.)

  2. Choose “Add a domain controller to an existing domain”.
  3. Enter Domain Admin credentials.
  4. Ensure Global Catalog (GC) and DNS are selected.
  5. Complete the setup and restart the new server.

Step 4: Transfer FSMO (Flexible Single Master Operations) Roles

Your old server holds 5 FSMO roles that must be moved.

  1. On the new server, open Command Prompt (Admin) and run: 
    netdom query fsmo

    This shows which server holds the FSMO roles.

  2. Transfer roles using PowerShell on the new server: 
    Move-ADDirectoryServerOperationMasterRole -Identity "NewServerName" -OperationMasterRole 0,1,2,3,4
  3. Verify the new server holds all roles: 
    netdom query fsmo

Step 5: Decommission the Old Windows Server 2008 DC

  1. On the old server, open Command Prompt and run: 
    dcpromo
  2. Follow the Uninstall AD DS Wizard.
  3. Reboot the old server.
  4. Remove the old DC from Active Directory Sites and Services (dssite.msc).

Step 6: Update Client Computers & DNS

  1. Update DHCP and DNS settings to point to the new DC.
  2. Run: 
    ipconfig /flushdns
ipconfig /registerdns
gpupdate /force
  3. Test logins and AD functionality.

Migration Completed!

  • Your Active Directory is now on the new server.
  • The old Windows Server 2008 is safely removed.
  • You can now upgrade to future Windows Server versions more easily.
SHARE

LEAVE A REPLY

This site uses Akismet to reduce spam. Learn how your comment data is processed.