RODC support for upgraded Domains

Copper Contributor

Hello,

 

We are deploying new Server 2016 domain controllers in our environment.  Our old domain controllers are based on Server 2008 R2.  We have several RODC's deployed.  My question is:  Can a 2008 R2 based RODC function in an environment with only Server 2016 RW domain controllers?  Or, do we need to demote the 2008 R2 RODC's prior to demoting all of our 2008 R2 RW domain controllers?

 

Your help is appreciated.

2 Replies

I didn't test this case, but it wasn't the case before, and I don't see any reason why you'd have to demote (RO)DCs in order to upgrade.

 

Attempting to promote a WS2016 VM to DC would give you the answer in less than 5 minutes. If it's not supported, the wizard would block you during the pre-installation check-up.

 

In case your DFL/FFL is still Windows 2003, you should raise that to at least 2008 before you introduce  WS2016 DCs in your environment. The documentation said should, not must, so even that is supported. But I hope it's not the case, anyway, as you'd be missing on a lot of features.

More info at https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels

 

Cheers. Emanuel

I apologize, I don't think I explained well.  Let me try again.

 

Our current domain controller environment is Server 2008 R2.  We have RWDC in major locations, with RODC in remote locations.

 

We have installed new Server 2016 domain controllers.  We have RWDC in the major locations, with new RODC's in remote locations.  This is brand new hardware, side by side with the old Server 2008 R2 domain controllers.

 

We are ready to start demoting the old environment (Server 2008 R2).  Now the question:  If we demote the RWDC Server 2008 R2 systems, do we need to demote the RODC Server 2008 R2 systems prior to this step?  Or, can the Server 2008 R2 RODC system function when only Server 2016 RWDC systems exist in the environment?

 

Thank you for your time.