I'm currently transitioning our domain controllers from Windows Server 2008 to Windows Server 2022. We originally had three DCs running 2008, but we'll be down to two with the new setup. I've successfully demoted two of the 2008 DCs, leaving just one—the original primary DC, DC-1. I've moved all FSMO roles from DC-1 to one of the new servers, DC-22.
While preparing to demote DC-1, I noticed it has an object labeled DNS Settings called msDNS-ServerSettings. This object is specific to Active Directory and seems to hold DNS information. I haven't seen this object on either new server, despite DC-22 having held the FSMO roles for weeks now. Both new servers have DNS set up correctly, and the DNS zones appear to be proper and replicated across all DCs.
I'm unsure what to do with that msDNS-ServerSettings object. Is it safe to just proceed with demoting the old 2008 DC-1 server, or do I need to recreate that object on one of the new servers first? Any advice would be greatly appreciated!
3 Answers
You seem to be handling this transition pretty well! It must be quite the relief to finally be moving away from those old servers once everything's done. Hang in there!
It's definitely a tricky upgrade path going from 2008 to 2022! Have you checked the replication health? Verify that you're not having issues with FRS to DFS migration for replication yet. Also, take a look at the Event Viewer logs for Directory Services and DNS—just to be safe!
I've run tests with repadmin and got zero errors, but I'll dig through the event logs as you suggested—thanks for the tip!
It sounds like you have it mostly under control, just keep an eye on things as you make the switch.
It sounds like your old 2008 DC is acting as a KeyMasterServer. You definitely need to transfer that role over to one of the new servers before you demote it. Here's a link that might help with this: [Removing a DNS Settings Container Under Demoted DC](https://learn.microsoft.com/en-us/answers/questions/338913/removing-a-dns-settings-container-under-demoted-dc). Good luck!
Thanks for the heads up! I appreciate it. I'll make sure to get the migration sorted.
Just be sure to check on the GateKeeperServer as well! That might be important.
Thanks! It's been a juggling act, but I'm learning a lot through this process.