Installation steps

Using the following steps, we can install the new domain controller and migrate FSMO roles to it:

  1. Log in to the server as a member of the local administrator's group.
  2. Add the server to the existing domain as a member.
  3. Log in to the domain controller as an Enterprise Admin.
  4. Verify the static IP address' allocation by using ipconfig /all.
  5. Launch the PowerShell console as an administrator.
  6. Before the configuration process, we need to install the AD DS role in the given server. In order to do that, we can use the following command:
        Install-WindowsFeature -Name AD-Domain-Services
         -IncludeManagementTools
  1. Configure the new server as an additional domain controller (these steps were covered under Setting up an additional domain controller section).
  2. Migrate all five FSMO roles to the new domain controller by using the following command:
        Move-ADDirectoryServerOperationMasterRole -Identity 
          REBEL-SDC01 -OperationMasterRole SchemaMaster, 
          DomainNamingMaster, PDCEmulator, RIDMaster, 
          InfrastructureMaster

In the preceding command, REBEL-SDC01 is the domain controller running Windows Server 2016.

  1. Once we're done, we can verify the new FSMO role holder using the following command:
        netdom query fsmo
  1. The next stepĀ is to decommission the old Windows domain controllers running on Windows Server 2012 R2. To do that, execute the following command as an Enterprise Admin from the relevant domain controller:
        Uninstall-ADDSDomainController -DemoteOperationMasterRole
         -RemoveApplicationPartition
  1. After executing the preceding command, you will be asked to define a password for the local administrator account:

Once this has been completed, new server will be a member server of the rebeladmin.com domain.

  1. The next step is to raise the domain and forest functional levels to Windows Server 2016. To do that, you can use the following commands. To upgrade domain functional levels, use the following command:
        Set-ADDomainMode -identity rebeladmin.com
         -DomainMode Windows2016Domain

To upgrade forest functional levels, use the following command:

        Set-ADForestMode -Identity rebeladmin.com
         -ForestMode Windows2016Forest

Now, we have completed the migration from AD DS 2012 R2 to AD DS 2016. The same steps apply when you're migrating from Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012.