Copying AD Users and Computers from Windows Server 2012 and Adding it to Windows Server 2016

Copper Contributor



I'm trying to copy all the Users and Computers in Active Directory and paste into a new domain controller that is a new forest on the same network but not sure how to do that, is there an easy way to export and import from Windows Server 2012 to Windows Server 2016?


I did create a new domain forest and the server is attached to the same network as the old server running windows server 2012 and need to be able to copy all users and computers from 2012 to 2016. I check on using a Migration tool but afraid that i want to just copy the roles instead of migrate it to a new server running server 2016.


Please let me know what options there are and how to proceed with copying the information from the old server without changing anything on the active old server?



17 Replies

"just copy the roles"

What is meant here? To copy the users ADMT should be the tool to use. Something here may also help.




Do you know if it will copy all the user windows credentials? 



Will this need to be installed on the old server to copy all that data?


Thanks a lot for your help!

Thanks. Are these the same steps for windows server 2016 ? I'm trying to create a new forest domain for the windows server 2016 so i don't mess around with the 2012 server, they are on the same network with different static ip addresses.

Yes, basically the same steps.


so i don't mess around with the 2012 server


Wow, you're creating a ton of unnecessary work. If it were me I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting. Then I'd stand up the new 2016, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to verify health, when all is good you can decommission / demote old one.


Worst-case you don't move any roles right away. Then if for some odd reason the 2016 server went south you would simply power it off and do cleanup to be exactly where you are right now.





Thanks. I will definitely try that option out!

Sounds good, you're welcome. Also note if a stand-alone DC it is always recommended to have at least two DCs for high availability and disaster mitigation.



I think his meaning is that just copy Users and Computers in AD without FSMO or other information like GPO.

Yes, that's what my question was just to copy Users, Computers in AD without FSMO.



Then you can use ADMT as I linked above.



I followed all the steps in using admt 3.2 to migrate users and passwords but for some reason i'm stuck on the Password Options Migrate passwords screen in ADMT. I selected my migration source DC and when i press next it keeps showing me the "Unable to establish a session with the password export server. The local machine does not have an encryption key for source domain 'SERVER2012'. Please install a local encryption key. See the ADMT help for information on password migration."


I installed an encryption key on the SERFVER2012 under C:\FMP\FileMigPass.pes and that error keeps popping out and won't let me proceed?


Please help!

Do you have any recommendations in migrating the folder redirection to the new server? I tried using XCopy and it successfully copied all the user folders which included Desktop, Documents, Links, etc. I want to make sure the new server links to the correct users to the correct redirect folder and not using the old server redirect folders?


The problem that i'm facing is after Xcopying the Redirection folder for each user it's relating the old server redirect folder and whenver i loggin to the new server domain it keeps showing corrupt folder and with the old server domain name. 


Thanks a bunch!

1 best response