This is the first post in the new layout, personally I think I will change it again as the text frame is to small, but let me know your thoughts
When migration machines to Azure or to a different OS You will often face all kinds of errors and issues. that you think why and that is an old message and didn’t I do this already. Well In the AD there is also dfsrmig.exe yes the DFS migration tool in the old days you had only FRS for the sysvol folder replication. But If you have still a FRS than you can’t join a Windows server 2022 domain controller. In the following steps I’ll show you how to do this. I had to build a server 2003 domain again(painfull)
Joining a Windows server domain controller to a old 2000 domain it will fail.
Windows functional level and domain level are on windows 2000. We need to raise the DFL and the FFL .
Going to the new ADPrep and it fill be fixed, as I had a greenfield AD site some items maybe different in the production site.
Now that the DFL is 2008 we can go the the next phase.
Windows Server 2003 and 2003 R2 uses File Replication Service (FRS) to replicate SYSVOL folder content to other domain controllers. But Windows server 2008 and later are using Distributed File System (DFS) for the replication. DFS is better than FRS.
The dfsrmig.exe tool is supported only on domain controllers which are running in the Windows Server 2008 domain functional level DFL. This is because SYSVOL migration from FRS replication to the DFS Replication service is possible only on domain controllers running in the Windows Server 2008 domain functional level.
In the overview you can see all the options that can be used in the dfsrmig tool.
dfsrmig.exe /GetGlobalState
Now we can see the levels of the domain, and we raise the level , keep in mind a reboot is needed it is not mentioned but you need a reboot of the domain controllers.
PS C:\Users\Administrator> dfsrmig.exe /GetGlobalState
Running the tool will give you the required information
The current domain functional level is not at least Windows Server 2008.
DFSRMig is only supported on at least Windows Server 2008 level domains.
PS C:\Users\Administrator> dfsrmig.exe /GetGlobalState
DFSR migration has not yet initialized. To start migration please
set global state to desired value.PS C:\Users\Administrator>
| Global Migration States | |
|
0 |
‘START’ state |
|
1 |
‘PREPARED’ state |
|
2 |
‘REDIRECTED’ state |
|
3 |
‘ELIMINATED’ state |
In the 4 steps we gona transfer the FRS in DFS
dfsrmig.exe /setGlobalState 1
dfsrmig /getmigrationstate
When it is ready, we can check and go to the next step.
dfsrmig /setglobalstate 2
Type dfsrmig /getmigrationstate to confirm all domain controllers have reached redirected state. every step can be checked with the /getmigration state.
We can set the next step 3 dfsrmig /setglobalstate 3
After these steps we can check if all domain controllers are changed, remember this can take some time when you have multiple domain controllers and long replication schedules.
Checking the migration state is the best way to see if it has finished. dfsrmig /getmigrationstate to confirm all domain controllers have reached eliminated state
Checking the proper state can be done with the sysvol share. This completes the migration.
Here are the before and after status.
Also make sure in each domain controller FRS service is stopped and disabled.
Now it should all be good
Now the domain join should work.
Got another error warning.
Verification of replica failed. The forest functional level is not supported
Let me get the Ad info get-adforest
As you can see the forest mode is still windows2000forest so we need to raise this. In domain and trust we can set this.
Now that everything is fixed we can add a new Windows server 2022 domain controller to the existing domain.
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Share this:
Robert Smit MVP Blog 