Upgrade Domain Controller – Server 2019 to Server 2022
The post covers the steps upgrade domain controller running on Windows Server 2019 to Windows Server 2022. We will perform an in-place upgrade of a domain controller running on Windows Server.
An in-place upgrade is the solution if you want to keep the same hardware and all the server roles without flattening the server.
When you upgrade domain controller, it allows you to go from an older operating system to a newer one, while keeping your settings, server roles, and data intact.
This article can be used to perform an in-place upgrade of a domain controller running on Windows Server 2019 to Windows Server 2022.
Table of Contents
Windows Server 2022 In-Place Upgrade Paths
When you plan to upgrade domain controller on Windows Server, it is important to check the upgrade paths. For example, when you want to do an in-place upgrade of Server 2109 to Server 2022, you first check if it’s a supported upgrade path.
I had published a guide listing all the Windows Server 2019 In-place upgrade paths. Microsoft hasn’t updated in-place upgrade paths for Windows Server 2022 yet. You don’t have to worry as upgrading a domain controller from Windows Server 2019 to Windows Server 2022 is supported.
Info – Windows Server can typically be upgraded through at least one, and sometimes even two, versions. For example, Windows Server 2016 and Windows Server 2019 can both be upgraded to Windows Server 2022.
Pre-requisites for Upgrading Domain Controller
The following list covers a few prerequisites before you upgrade domain controller from Windows Server 2019 to Windows Server 2022.
- Verify the target server meets system requirements – Most important, check the hardware requirements and confirm if your server after the upgrade can run smoothly.
- Verify Application compatibility – There is no easy shortcut for this, you have to manually test the working of applications on a test server.
- Connectivity – Check connectivity to the target server from the computer where you plan to run the in-place upgrade.
- Back up your Server before upgrade – Microsoft recommends that you back up your operating system, apps, and virtual machines before you upgrade domain controller.
- Download Windows Server 2022 – Windows Server 2022 is available for download in Microsoft Evaluation center. However, I recommend downloading the latest and a full version via Microsoft VLSC or Visual Studio subscriptions.
Check the AD Schema Version
When you plan for an in-place upgrade of a domain controller running on Windows Server, the Schema version requires an update to the latest version.
You can quickly open the PowerShell and run the following command to determine the current AD Schema version.
Get-ADObject (Get-ADRootDSE).schemaNamingContext -Property objectVersion
In a separate post, I have covered multiple methods to find the Active Directory Schema version on Windows Server. The post also lists all the AD Schema versions with objectVersion Value.
The AD Schema version of Windows Server 2022 and Windows Server 2019 is 88. So if you are upgrading the domain controller from Windows Server 2019 to Server 2022, you can skip the schema upgrade step as there are no changes with Schema version.
Run Adprep /ForestPrep
The adprep /forestprep prepares a forest for the introduction of a domain controller. You must run this command only once in the forest.
Ensure you run this command on the domain controller that holds the schema operations master role for the forest. You must be a member of all the following groups to run this command :-
- Enterprise Admins group
- Schema Admins group
- Domain Admins group of the domain that hosts the schema master
If you run the adprep /forestprep
to upgrade the schema on a domain controller running Windows Server 2019, you see this.
Forest-wide information has already been updated. The Adprep did not attempt to rerun this operation – This means you don’t need to upgrade the schema as it is on latest version.
Forest-wide information has already been updated.
[Status/Consequence]
Adprep did not attempt to rerun this operation
Run Adprep /DomainPrep
You run the adprep /domainprep command after the forestprep command finishes and after the changes replicate to all the domain controllers in the forest.
If you run the adprep /domain to upgrade the schema on a domain controller running Windows Server 2019, you see this.
Domain-wide information has already been updated. The Adprep did not attempt to rerun this operation – This means you don’t need to upgrade the schema as it is on latest version.
Upgrade Domain Controller from Windows Server 2016 to Server 2022
If you are running the AD domain controller on Windows Server 2016, and you want to upgrade to Windows Server 2022, the schema version differs.
Windows Server 2016 has Schema objectVersion Value 87 whereas the schema version of Windows Server 2022 is 88. Hence, you must run the adprep.exe /forestprep
to upgrade the schema to the latest version if you are upgrading from Server 2016 to Server 2019.
The adprep tool extends the Active Directory schema and updates permissions as necessary to prepare a forest and domain for a domain controller that runs the Windows Server 2016/2019 operating system.
Steps to Upgrade Domain Controller
To upgrade domain controller on Windows Server, you need the Windows Server media. Copy the Windows Server 2022 ISO media to the Windows Server and mount it.
From the Windows Server 2022 setup media, run the setup.exe as administrator.
On the Install Windows Server screen click Next.
To upgrade the operating system to Windows Server 2022, enter the product key and click Next.
On Select Image screen, select the correct operating system image. The Windows Server 2022 Datacenter (Desktop Experience) image is selected. Click Next.
For Applicable notices and license terms, click Accept.
On Choose what to keep screen, select Keep files, settings and apps. If you want to remove the settings, files and apps select Nothing. Click Next.
Note – Ideally, on a server running domain controller role, you should not install applications, especially the third-party software programs.
On Ready to install window, click Install. This begins the Windows Server domain controller upgrade.
Your server will restart several times during the upgrade. It is best to leave the server as it and let it complete the in-place upgrade.
The domain controller upgrade usually takes time to complete depending upon the size of your infrastructure. There are several factors that determine the time required to upgrade a domain controller.
After a couple of restarts, the Windows Server 2016 running the domain controller is upgraded to Windows Server 2022.
You can verify the Windows Server edition by opening About My PC. In the below screenshot, you see that the edition is Windows Server 2022 datacenter and version is 21H2.
And yes, the Windows.old folder is created on the C:\ drive after you perform domain controller upgrade.
Hi.
I have 2 DC’s synced together , the Schema version of the AD is 88 ( 2019)
The Operating System of the DC Servers are 2016 std and 2019 Std respectively.
I would like to upgrade the 2016 Server to 2019 so that both DC’s will be 2019.
Can I do in place upgrade ? Is it going to give any issues ?
As for as I know, the Inplace upgrade works well.
Suggestions ?
Hi,
in a domain with all DCs on WS 2019, do you think, I can add a new domain controller WS 2022 without a problem?
I’m wondering if new security features, it might compromise the domain or might have effects I should prepare the domain for in advannce.
Thank you for your input
Do you have Academic Lab Manual for System Center 2019
Dear,
In Place upgrade is one of the worst solutions that Microsoft ever made.
and specially it is not recommended for DC.
you need to create another Domain controller (additional domain)
then move the roles to it.
I started the upgrade on the DC with all the FSMO roles before I saw the comments… I looked a few more articles regarding upgrading DC’s and saw the same information/advice, so I was expecting it to fail and revert back. However I didn’t get any error messages during the upgrade and as far as I can tell its all working as it should be.
The source DC was running Windows Server 2019 Standard and had all the FSMO roles. I actually though upgrading this 1st was the correct path, looks like I’m definitely wrong, however its worked out OK.
I’ll be upgrading the 2nd DC next.
Hi,
Should you upgrade the DC with the FSMO roles first?
Or the other DCs with no roles?
I don’t believe you can upgrade a DC that holds the FSMO roles.