Windows Server 2022 Std migration

Copper Contributor

I need advice on migrating a Windows Server 2012R2 to Windows Server 2022 Standard.
The current configuration is as follows:
Windows 2012R2 host with Hyper-V
VM1 DC Windows 2012R2 (this Active Directory comes from an import of old Windows 2008 sbs and is therefore quite "dirty")
VM2, VM3, VM4 various applications
Then I have a NAS that acts as a file server and integrates with AD, a NAS that I replace with a new and more performing one

I would like to understand what is the optimal solution with Windows Server 2022 and these are my doubts:
1. Do you still need to create a VM that contains only AD?
2. Can I create a new AD and import only users and groups from the old one?
3. Is it okay to have the NAS as a File Server or is it better to have the new server manage it?

 

Thanks for help

8 Replies
1. It's always a good idea to have your Domain Controller (With perhaps DNS/DHCP) on a seperate VM
2. Migrating your AD and joining your clients to the new one and having to recreate/link/change a lot of things is not something you want to do. How many clients/users are we talking about here? Perhaps cleaning your AD with old groups/users/computer accounts is easier?
3. If it works for you and your users without performance issues and with a good backup system, why not?

But you do have a Windows 2012 R2 Hyper-V host, according to this list (https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn...)) Windows Server 2022 is not supported on that. So you will have to upgrade your Hyper-V server too to at least Server 2016, does your hardware support that?

@blondie63 

 

If what you're saying is that four virtual guests are hosted on the one Server 2012 R2 host then Server Standard is not going to work for you - at least not a single host.

 

Comparison of Standard, Datacenter, and Datacenter Azure Edition editions of Windows Server 2022 | M...

 

You'll need either two Server Standard hosts or one Datacenter host - keeping in mind that for both cases, you still need to licence the guests separately (which shouldn't be an issue since they ought to be licenced now, but may become an issue if you want to upgrade their operating systems as well as the virtualisation host's.)

 

In relation to the questions:

 

  1. Yes, this has always been and still is best practice. Nothing at all - not even additional built-in roles should be installed or enabled on a domain controller;
  2. You can but there's nothing preventing you from cleaning up the existing domain. You're going to have to do a lot of inspection and seek clarification on what to keep and what can go in either scenario and trying to achieve too much, too fast is a recipe for messing something up. If you are still intent on migrating the domain/forest then maybe do it after you've successfully gotten yourself off the old Server 2012 R2 hypervisor and onto the new 2022 one;
  3. This is subjective since there's a world of difference between a bottom-end NAS and a top, but my short answer - unless you're spending a small fortune - is that it's better to use the NAS configured as a pass-through disk (meaning the hypervisor doesn't see it) and run a Server 2022-based file server guest VM through which to present it to users. There's far more chance the Windows Server ecosystem will outlive anything cool about a middle-of-the-range (or lower) NAS system, making it a more future-proof strategy.

 

Cheers,

Lain

I mention this part only for completeness as it doesn't sound like it's in your budget and also doesn't make sense if you only have four virtual machines.

The document below speaks to a high-end licencing model referred to as "per core". Again, this is only for completeness.

If you were to licence a physical host for all cores you have unlimited guest rights (only applies to Datacenter, not Standard). For this reason, it's profoundly expensive and only makes sense when you can achieve a very high guest density on a single host.

https://docs.microsoft.com/answers/storage/attachments/52952-licensing-brief-plt-introduction-to-mic...

Cheers,
Lain

@Harm_Veenstra 

1. OK

2. we have 40 users but i need to create a new Domain and have previous users, as you can see on screenshot my users are now under domain/MyBusiness/SBSUsers

sbs-users.png

3. OK

 

The current host is a Windows 2012R2 and the new Host is a new server with Windows 2022 Std so i no need to upgrade it.

I'd like to create a new DC with new domain, imported users, then i'll move VM1,2,3

What do you think ?

I've this new NAS:
https://www.synology.com/it-it/products/RS1221+
Capacity 12Tb with 800Gb SSD Cache and 32 Gb ram

Ok, if you move the VM's to the new host then that problem is solved 🙂 But don't create a new domain and do a lot of work, you can create a new OU structure in your AD and move the users there (Beware of Group Policy's that might be linked to the My Business OU's . Afterwards you can change the default location for new computers and users by using redirusr and redircmp to point to your new OU where you keep your users and computers. (https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/redirect-users-computers-conta...)

Just create a new VM, promote it do additional domaincontroller in the same domain and when it has replicated everything and you changed the DNS/DHCP settings etc. The old Domaincontroller can then be removed. Or you can do a in-place upgrade, not always recommended... Have a good backup of your DC ready if needed

@blondie63 

 

Yeah, so it's a basic enterprise NAS and a very small domain.

 

If the NAS isn't running in a highly-available fibre channel storage and host configuration then we can skip that discussion entirely.

 

If I were in your position with a single hypervisor host, four guests and an basic NAS, I'd be doing what I mentioned above.

 

If you are actually running a highly available configuration (meaning separate hypervisors, which isn't described in the original question) and the NAS has dual controllers - or some other means of presenting to both hypervisors, then might cause me to change my answer for point 3 to suggesting you look at setting up clustering so that both hypervisors see the storage simultaneously.

 

Your screenshot shows and incredibly basic domain/forest. You're unlikely to get any benefit at all from migrating to a new forest/domain based on what that picture shows.

 

Just re-organise the organisational unit structure to your liking and that's probably all you need to do - assuming you don't have thousands, or tens of thousands of objects in those basic organisational units we can see in the picture.

 

Cheers,

Lain

Thanks a lot !!