Although Domain Controller (DC) upgrade steps can stress some of us, there’s no need to panic. You can apply the following steps if there are multiple DCs in the environment.
Don’t worry, everything will go smoothly.
PRE-CHECKS BEFORE STARTING
Has a new server been set up?
Have the latest updates been applied to the new server?
Has antivirus been installed?
TASKS FOR THE OLD DC
Has it been verified that DC replications are performed correctly? If there is a problem and there are other DCs in the environment, this step can be skipped.
Have the server’s Name and IP, DNS, and if applicable, WINS information been noted down?
Have the CPU, RAM, and HDD capacity information been noted down?
Have the roles on the server been checked?
Are the FSMO roles on the server at the highest level according to your setup, and have the roles on the current server been migrated to another server?
If there is a DHCP role on the server, has a backup been taken?
Has a file backup been taken on the server?
Has an AD Backup been taken on the server?
Has a snapshot or full backup been taken of the server?
*If the server is a DC, has the DC role been removed?
Has a different IP been assigned after the server restart?
Has the ipconfig /registerdns command been executed by opening the command line?
Has the new IP been checked on the DNS side in AD?
Has the server been demoted from the domain and shut down?
Has it been verified that the domain controller role of the old server has been removed in AD?
Has replication been ensured on the other DCs? Is the information that the role has been removed the same on the other DCs? (same check as the previous step)
ASSIGNING DC ROLE TO THE NEW SERVER
Has the new server been given the name of the old DC? (The same name is not actually important, it’s only necessary if you have applications resolved by name; if not, a new name can be given)
Has the primary DNS suffix been assigned to the server?
Has the server been given the same IP, DNS, and if applicable, WINS information as the old DC?
Has the server been restarted?
Has the server been joined to the domain?
Has the ipconfig /registerdns command been executed by opening the command line as run as admin?
Has the IP information of this server been verified on the other AD and DNS server?
Have the DC and DNS roles been added to the server?
Has DHCP been installed and restored from backup?
Has RDP been opened and remote connection permission granted?
Has VMWare Tools been installed and the server restarted?
Have the event logs been reviewed?
If FSMO role distribution is necessary, has it been done?
Has the installation been successfully completed? (If not completed, you can specify the steps where errors were encountered as a note below…)
If the installation was successfully completed, give a high five 🙂
If there are checks you want to add to the article or find missing, you can help us improve by sending an email from the contact section.
