3

I have a Windows Server 2012 Essentials server at home I am about to update to 2012 R2. According to MS it is not possible to do an in-place upgrade and I am required to make a clean installation of R2. That is not really a problem except I would like to "keep my users" to avoid the troubles of giving new passwords to all my familiy members and a few friends with remote access...

So I thought there would be an easy way to back up the users from the AD, but I did not find any...

Does someone know a tool to back up and restore users from an AD-Domain?

P.S.: I have a VMWare ESXi box here so if there is a way with a second temporary VM that would also work for me, but AFAIK does WS2k12 Essentials allways create a new AD on installation or only can update an old WS2k12E (which I can't do, as I want to install it on the same HW)...

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
Christoph Fink
  • 206
  • 1
  • 4
  • 10
  • 2
    Even though the usage in this question is for SU, the core question itself is definitely SF material. – Thor Dec 26 '13 at 22:58
  • I honestly was not shure where to put it, but as I though "no fault yet" and I think it is more a "task for a tool" I put it here... – Christoph Fink Dec 26 '13 at 23:05
  • IDEAL Migration 5.4? ADMT? `ldifde` ? `csvde` ? `dsadd`, `dsmodify`, `dsget`, `dsquery`, `dsmod`, `dsmove` ... +1 good question – STTR Dec 27 '13 at 00:08
  • @dsmove: `ldifde` di nearly work, except exactly the part I wanted: exporting passwords... – Christoph Fink Dec 28 '13 at 18:41

1 Answers1

3

I haven't done an installation of Windows Server 2012 R2 Essentials into an existing Windows Server 2012 AD domain, but I just did an install into a Windows Server 2003 AD domain last week and it worked fine. I was able to join the existing domain, promote my W2K12 R2 Essentials machine to a DC, and then retire the existing Windows Server 2003 DC. It worked out just fine.

Were I in your situation I'd:

  • Join a temporary virtual machine to the domain (running W2K12 Standard in evaluation mode if nothing else)

  • Demote the current W2K12 Essentials DC back to being a member server

  • Move any files off the "C:" volume of the W2K12 Essentials machine you need to save

  • Reformat the "C:" volume and install the new W2K12 R2 Essentials software as a replica domain controller on that machine

  • Migrate files back to the new W2K12 R2 Essentials machine

  • Complete the installation process ending with demotion and removal of the temporary VM

I'd mock this up with VMs before I actually did it, just to be sure it all worked smoothly in real life. It looks like a solid plan to me.

I wouldn't do any kind of "backup / restore" of AD, or any type of AD migration. Using AD's existing replication functionality is the way to handle this problem.

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
  • I think I would fail at step 2, as WSE must be the main DC in the AD... In the end I did just delete the users and will send everyone a new PW. – Christoph Fink Dec 28 '13 at 18:40
  • You can demote a Windows Server 2012 Essentials machine to a member server. There is grade period functionality to allow you to perform migrations. If memory serves it allows you to run 21 days in that mode. You'd have only needed in that mode a few hours, though. Had you had a more conventional deployment with machines that are domain members, roaming user profiles, etc, you would have been better off with a migration. For your application, which is arguably different than the typical business deployment scenario, getting by with leveling the domain was probably easier. – Evan Anderson Dec 29 '13 at 02:31