How to upgrade Donain Controller from functional level 2003

Copper Contributor

Hello,
I am new to this forum and could use some help.
In my company, I have found myself managing the IT part although I am not a systems engineer

I have a windows 2008 R2 virtual machine that acts as domain controller (Domain functional level 2003, forest functional level 2000).
This vm has corrupted sectors and the backup (with veeam) fails.
I would need to understand how I can replace this domain controller with an updated one with minimal disruption.

Thanks in advance
Best regards
Davide

6 Replies
I recommend adding another virtual machine next to this one as an additional Domain Controller for the existing domain. This way, you will have a copy of the current Active Directory database and DNS zones. (If the current Domain Controller has other roles, like DHCP, make sure you add that on the other Domain Controller too) But... If the current Domain Controller is a Certificate Authority or some other role... And if you're not comfortable with doing these migrations, then just hire an IT consultant to do it for you before it all starts to fail completely.

Or... Do you have multiple Domain Controllers?

Hi Harm,
thank you for your answer. Yes, I have a second virtual DC in sync with the primary.
These DC also acts as DNS and DHCP, and it seems to be also thre Certificate Authority. I don't know how to check if there are other services configured.

2024-04-11_083639.jpg

 

 

Ok, that's a good thing that you have another.. :smiling_face_with_smiling_eyes: Steps would be to move all FSMO roles to the other DC, move the Certificate Authority to the other DC, remove DHCP fail over (I presume that it's in faillover / replication?), switch all DFS root configurations over to the other DC, remove all roles and demote the DC.

You can find how to do all steps on Microsoft Learn or blogs, but.. If you're not comfortable with the subject... Hire a company to do this for you

Hello,

No news at the moment. I think the network will die with this domain controller.

And your Certificate Authority too :(