Tuesday, March 24, 2015

Migrating Active Directory to new hardware in a hosted environment

I recently had a requirement to move our existing Active Directory server to completely brand new hardware.

Unfortunately, we were moving to a hosted environment where support costs a significant amount of money.  Therefore, asking them to have them do the migration for us would be pretty much out of the question.

Therefore, I began to research available options for performing an Active Directory migration.

Well, the first article I came across was this one: https://technet.microsoft.com/en-us/library/cc771290%28v=ws.10%29.aspx

Well, unfortunately, they don't provide much guidance or information specifically on migrating Active Directory to new hardware.  Therefore, I pretty much had to read between the lines and try and figure out what would and would not work.

 Well, I went ahead and tried a System State backup and that would not restore to dissimilar hardware.

The other recommended option was a Full Server Recovery of the Domain Controller: https://technet.microsoft.com/en-us/library/cc772519%28v=ws.10%29.aspx

Unfortunately, it requires access to the underlying Console of the environment as well as the Windows media to perform the recovery.  Neither of these would work in a hosted environment.

The next thing I found was the Active Directory Migration Tool: http://www.microsoft.com/en-us/download/details.aspx?id=19188


Unfortunately, it required a SQL Server database and quite a bit of setup time as well as installation on a server outside of the Active Directory environment.

Therefore, I had to start search for solutions that would not require as much setup time and could be done pretty much on our own.

That is when I came across Easeus ToDo Backup Advanced Server/Backup Technician:



These tools would allow us to take System Backups from one server and move them to another server without all of the headaches and hassles of the other solutions.

I can simply install Easeus ToDo Backup on the underlying Server OS and after going through a backup on one server, perform a Recovery/Restore on the other server.

 Unfortunately, it seems to require Console Access during the restoration period, so we were forced to do a restoration into a Hyper-V environment that we owned, but perhaps Easeus will soon be able to provide a solution that does not require underlying Console Access, thus making it ideal for hosted environments!!

In any case, after I restored my Domain Controller to the Hyper-V Virtual Machine, I changed the IP Address and DNS Server entries to point to itself.

Everything seemed to be working properly when I attempted to join another server to the domain.

I then encountered this error message: "Cannot complete this function" as described in this article: http://blog.mpecsinc.ca/2013/08/domain-join-error-cannot-complete-this.html

Well, as it turns out, I had migrated only 1 of the Domain Controllers in the Forest.  There were originally 2 DCs in the Forest, so when I attempted to join a domain with 1 of the DCs missing, the error was being thrown!

Therefore, I ended up migrating the 2nd DC in the Forest as well and after making the appropriate IP Address and DNS Server changes, I could then successfully join another server to the domain!  Woo hoo!!

No comments:

Post a Comment