Forum Discussion

Saad_Farooq's avatar
Saad_Farooq
MCT
Aug 17, 2025

Migrate 2012 R2 to Server 2022

Hi

I have Server 2012 R2 configured on a physical server that acts as a Domain Controller, along with Certificate Authority, DHCP, Single site, Also 2* Additional DC 2016.

Below is the scope that I need to execute. Please share any steps if anyone do that, also what is best recommended steps to perform this deployment, also first what action i need to perform after review AD health check?? Should I follow same steps as mentioned as per scope?? Any issues or challenges faced while doing tranisiton?

  • Review and validate existing Active directory health status across all sites.
  • Promoting a new AD 2022 for root domain (3xDC -1 Physical and 2 virtual).
  • Transferring the Flexible Single Master Operations (FSMO) Role.
  • Test Domain functionality after upgrade all domain controllers and Ensure high availability and redundancy.
  • Migrate existing Certificate Authority to a new dedicated CA Sever.
  • Migrate existing DHCP to a new two highly available DHCP Servers (two Virtual Machines).
  • Decommission the old three domain controllers in HQ site.
  • Decommission Azure-DR site (two DCs).
community

2 Replies

  • kyazaferr's avatar
    kyazaferr
    MCT
    Oct 08, 2025

    Check AD health →  Add new 2022 DCs →  Transfer FSMO →  Test →  Migrate CA & DHCP →  Demote old DCs.
    Always fix replication issues before promoting or demoting any Domain Controller.

  • kyazaferr's avatar
    kyazaferr
    MCT
    Oct 08, 2025

    Health Check (first step)

    Run dcdiag, repadmin /replsummary, and check DNS, replication, and SYSVOL status.

    Fix any replication or DNS errors before starting the migration.

    Add New 2022 Domain Controllers

    Join the new Server 2022 machines to the domain.

    Promote them to Domain Controllers using Server Manager or PowerShell.

    Verify replication with existing 2012 R2 and 2016 DCs.

    Transfer FSMO Roles

    Move all FSMO roles (Schema, Domain Naming, RID, PDC, Infrastructure) to one of the new 2022 DCs:
    Move-ADDirectoryServerOperationMasterRole -Identity "NewDC" -OperationMasterRole 0,1,2,3,4

    Validate Domain Functionality

    Run health checks again (dcdiag, repadmin, netdom query fsmo).

    Confirm login, GPOs, DNS, and replication all work normally.

    Migrate Other Roles

    CA Migration: install Certificate Services on the new server, back up and restore CA database, private key, and configuration.

    DHCP Migration: export the DHCP configuration from old servers and import to the new 2022 DHCP servers.

    Configure DHCP failover for high availability.

    Decommission Old DCs

    Once everything is tested and stable, demote the 2012 R2 and 2016 DCs.

    Remove them from AD Sites and Services.

    Azure DR or Other Sites

    Clean up any old DR or remote DCs after confirming replication and authentication work properly on new 2022 DCs.

Resources