Modernizing Your Infrastructure with Hybrid Cloud – Server 2003 to Server 2012 R2 AD, DNS, and DHCP Migrations – Part 28

Just about every business on the planet has deployed Windows Server 2003 at some point in time and it was a great server operating system no doubt! Well, in today’s article we tackle migrating Active Directory, DNS, and DHCP services from those older 2003-based servers to Server 2012 R2.  Its funny, we think of 2003 as an old OS, because now-a-days we are starting to think of Server 2012 as an older operating system.  After all Server 2012 R2 came out in 2013, and we will surely see something newer come out in the next year or so if the trend continues.  July 14th, 2015 is the drop dead date for support, and as of today, there are roughly 300 days left of Server 2003 support left.  What does that mean?  To put the end of support into perspective, in 2013, 37 critical updates were released for 2003 Server, however when we pass that drop dead date for support, no further critical updates will be released.  Calling into Microsoft for technical issues will come at a premium. No support also means your server will be out of compliance.  For those in the medical or financial industry you know this term all too well.   No compliance means that if you were to be audited for government and private compliancy regulations, you would fail if a Server 2003 system exists in your data center.  A further meaning for out-of-support would be that most third party application vendors will end support for those applications currently running on these legacy hosts.  Therefore, your operating costs will go up as you try to figure out what may be wrong with the unsupported systems when issues arise.  So now that we understand what the no-support drop dead date means, lets look at our options.

 image

Migration versus Upgrade

At a high level, my opinion for migration versus upgrade is this:  just migrate.  Please.  If your system is working extremely fast on 32 bit Server 2003 10 years after the OS release, I would be quite surprised.    Your customers or end users deserve better plus chances are that those systems are on legacy hardware and have most likely experienced some type of hardware outage.  Be it a hard drive failure, system board, memory stick, you name it, something has most likely happened during the life of the server.  It’s time to let it go(queue the Frozen music).  It’s time to get some newer hardware or an Azure subscription then grab a Server 2012 R2 machine (physical or virtual) and migrate those critical workloads over.

In order to upgrade a server from 2003 to 2012 R2 you will need to evaluate the software and roles in which that server is running.  Fear not, if you are running Server 2003 64 bit, and you are running on hardware with specs at 2012 R2 levels, then feel free to go through the upgrade process to 2008 then 2012, but let’s look at what that means first.  Unless the server is a domain controller in which case you cannot directly upgrade the server, as it is unsupported.  See where I’m going there?  Just migrate, its better!

Migrating Active Directory

As we dig into the migration considerations understand that we need to now break this up into 3 conversations, really 3 and a half.  Each service (DNS, DHCP, AD) has a slightly different approach.  Perhaps the easiest of these to migrate is Active Directory itself.

On the target machine while in Server Manager, make sure that you have established your permanent IP addresses on the proper NICs then let’s run the Active Directory installation by jumping into the Add Roles and Features wizard.  Depending on your environment you may also choose to install the DHCP service on this machine as well at this time.  This article assumes this new target machine will be a domain controller with DNS and DHCP services configured.

 image

image

Select the target server, then select the roles you wish to have installed.   Notice that DNS and DHCP are shown on this page as well, so install them if they pertain to this migration project.

image image

Follow the prompts to complete the installation.  You will need to select for the wizard to reboot the server.  Once back into the console you will see the flag in the top ribbon has a warning.  Be sure that all services have completed their configurations by checking the yellow flag in the top ribbon of Server Manager.

image

From this point forward the wizard should look familiar as it is very similar to the previous dcpromo wizards, which forest, domain, etc.  Once you have walked through the wizard for your particular environment and AD is properly replicated to the new server then you are ready to move forward with migrating other services.

Migrating DNS

Now that we have AD, DHCP, and the DNS roles installed, let’s migrate our DNS workload.  DNS migrations can be done in one of two ways.  The first option comes into play if the DNS is Active Directory integrated as this is the simpler migration.  Just add the new 2012 R2 server to the domain, allow DNS to replicate to the new server, change the DNS pointers in the DHCP Server service and you’re good to go!
      However for standard monolithic DNS services the migration needs some manual work to be done.   First, we need to stop the DNS Server service on the Source machine, so this process is only recommended outside business hours.  From a command prompt opened as Administrator type in the following commands:

net stop “DNS Server” <enter>

reg export HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters %Windir%\System32\DNS\Dns-Service.REG <enter>

reg export “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server” %Windir%\System32\DNS\Dns-Software.REG <enter>

Investigate this last file and identify any zones that may not be needed any longer after migration.  Simply delete the sections that are no longer needed, this also includes deleting the Active Directory integrated zones as those will have already come over during the process of adding the Server 2012 machine to the Active Directory.

Take both the Dns-Service.REG and Dns-Software.REG files and place them on the share which is accessible by the target 2012 machine.

Now we need to keep the DNS service stopped and perform an xcopy the rest of the DNS information over to the migration share as well using the following command replacing the target server and directory shown below with your own:

xcopy %windir%\system32\dns <replace with your share \\server\share> <enter>

You can delete the sample files and backup directory from the share at this point as they are no longer needed.

On the target server, assuming the DNS service has already been installed via either PowerShell, the AD setup, or the Roles and Features wizard, let’s now stop the DNS service while we being our import process, by opening a command prompt as Administrator:

Ping the server that holds the share to make sure it resolves properly, this also caches the IP information so that the following commands will work properly.

net stop “DNS Server” <enter>

Now lets copy everything from that share to the local drive:

xcopy <replace with your share \\server\share> %windir%\system32\dns /s <enter>

Now we need to import the registry information from both of the .REG files we created earlier, but first make sure to change to the directory that holds the registry files copied previously:

reg Import HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters %windir%\system32\DNS\Dns-Service.REG <enter>

reg Import “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server” %windir%\System32\DNS\Dns-Software <enter>

And now we are ready to start the DNS service again:

net start “DNS Server”

Open up the DNS Manager and take a look to make sure all of the proper zones are correct.   Wait we aren’t done just yet!  We need to go into the DHCP Manager and make sure that you have added the new server’s IP information as a target for DNS resolution on the proper scopes.  As a more robust and recommended method, we would also call for migrating the IP information from the old server to the new server in order to eliminate any of those hardcoded instances on the application servers out there on the network from failing down the road.  We will get to that later ion the article as we migrate DHCP.   Now that we have migrated DNS, let’s move on to DHCP.

Server Migration Tools Installation

Before we step through migrating applications, services, and data from 2003 to 2012 we need to dig into the options that Server 2012 brings to the table.  Server 2012 comes with a feature named Server Migration Tools which automates a good bit of the migration for the standard foundation services like DHCP, and other services.   The Server Migration tools that come with Server 2012 provide support for the following previous OS scenarios, while we are zeroing in on Server 2003 it is important to note that many other scenarios are covered:

image

So we have a 2012 R2 server accessible on the network, and we are ready to migrate some workloads.  First we need to prepare the source 2003 server with the following items completed prior to beginning the migration.  Since this is a domain controller source machine that might require some downtime to get ready for the migration tools installation so plan accordingly.

1) Minimum 23 Megabytes of disk space available for the Migration Tools package. 

2) Microsoft .Net Framework 2.0 needs to be installed

3) Windows PowerShell 1.0 or later installed. 

On the 2012 R2 box, lets install the feature called Server Migration Tools.  This can be done via the Add Roles and Features wizard, or via PowerShell commands.  To save time, open up a PowerShell prompt as Administrator, then enter the following command, noting that the server name listed in this example should be replaced with your target machine’s name:

Install-WindowsFeature Migration –ComputerName server2012r2 <enter>

You should see that this installs successfully.  Now lets open up a command prompt as Administrator and enter in the following command, and change the directory to the Migration Tools directory:

cd \Windows\System32\ServerMigrationTools <enter>

In the next line, substitute the architecture(Amd64 or X86) and OS type(WS03 or WS08) as applicable as well as the path to a share already made with proper permissions for copying over the migration tools package:

smigdeploy /package /architecture Amd64 /OS WS03 /Path <replace with your share \\servername2003\public\migtools> <enter>

Now on the 2003 source machine let’s copy or cut that package over to the C: drive where it must be run from locally.  The folder you are looking to copy from the share is most likely named  SMT_ws03_amd64 unless you chose a different OS and architecture type.  Open a command prompt and change directory to the SMT_ws03_amd64 directory.  Execute the following command:

smigdeploy.exe <enter>

Now you should see a PowerShell window launch.

DHCP Migration

On the source server in the newly launched PowerShell window we will be running the following command:

Export-SmigServerSetting –featureID DHCP -User All -Group -IPConfig -path <replace with your share \\server\share\DHCP> -Verbose <enter>

It will prompt you for a password as this data will be encrypted.  Enter a password at the prompt and press <enter>

This process created a .MIG file which we will be using for the migration process, as it contains all of the DHCP and network information.

Important to note that this process requires the same amount of network cards in the source and target servers as the IP and other network information is going to be migrated at this time as well. 

Now we shift our focus back to the target server.  Open a PowerShell prompt as Administrator, and enter the following command:

Import-SmigServerSetting -featureid DHCP -User All -Group -IPConfig All -SourcePhysicalAddress <replace with source server NIC MAC address here> -TargetPhysicalAddress <replace with target server NIC MAC Address> -Force -path <replace with your share \\server\share\DHCP> -Verbose <enter>

You will be prompted for the password you supplied during the original export process, so enter in the password and press <enter>.

Notice that the users and groups, DHCP information, and if you investigate the IP Address information on the target server you will see that the IP address has now changed to match the original source DHCP server IP Address.  At this point change the DHCP scope to reflect only the final IP address for DNS resolution.  On the source DHCP server let’s make sure we stop the DHCP service, and unauthorized it from the domain.  Shutdown the original server or change the IP address so as not to conflict with the new server.

On the new target server, we need to start the DHCP service, so from an elevated PowerShell prompt enter the following command:

Start-Service DHCPServer <enter>

At this point we need to make sure that DHCP is running properly by testing a local computer on the network to make sure that it gets the proper network information via the DHCP protocol.

In summary, we hope you found this step-by-step migration article helpful.  Remember to check out all of the great articles in  the series here:

image

And for more information on this particular topic check out the latest Microsoft Virtual Academy Jumpstart about migration here: 

https://www.microsoftvirtualacademy.com/training-courses/migrate-legacy-windows-server-to-2012-r2-and-microsoft-azure