Syed Jahanzaib Personal Blog to Share Knowledge !

June 12, 2012

Windows 2003 (x86) Active Directory Migration to Windows 2008 (x64)

Recently I upgraded my company Active Directory infra structure from 2003 32bit to AD 2008 64bit. As we all know that direct upgrade from 2003 x86 to 2008 x64 is not possible, so it was a bit lengthy process , therefore I saved all the procedure in this small howto. I first tested the whole scenario in a VM environment, and then implemented it on our Live Production Servers. This guide was written so that it may be helpful for others and also it will be reference guide to me for future retrieval.

My Current Scenario:

  • Windows 2003 (x86) Domain Controller
  • Windows 2003 (x86) Additional Domain Controller

Upgrade Scenario:

  • Windows 2008 (x64) Domain Controller
  • Windows 2008 (x64) Additional Domain Controller

I first uninstalled the ADC to make things simpler. Then I installed Windows 2008 x64 on VM and configure it as ADC of Windows 2003 DC.



# Raise Windows 2003 Domain Functional Level to NATIVE Mode,
# Run ADPREP32.exe from Windows 2008 (x64) DVD on Windows 2003 DC,
# Install DNS Server Role [Primary or Secondary DNS Role] on Windows 2008,
# Configure Windows 2008 as ADC, Create Forward/Reverse Lookup Zone with same domain name, Replication from 2003 DNS to 2008 DNS will auto occur
# Transfer all FSMO roles from 2003 to 2008
# Run dcpromo on Windows 2003 to remove AD, after reboot, unjoin it from domain.
# Clear Win2003 old DC records from Windows 2008 DNS / Sites / Domain controller.

In this article, following naming schemes were used.

Domain Name =
Windows 2003 DC = xyz
Windows 2008 ADC/DC = WIN-71R3LJBPRK

Windows 2003 AD 32bit migration to windows 2008 AD 64bit


1) On Windows 2003 Domain Controller, Raise Domain Functional Level from mixed mode to to NATIVE mode by going to
START / Admin Tools / ADUC

Right Click on domain name (e.g and select RAISE Domain Functional Level

Now here you will see Windows 2000 Native is currently selected as default, change it to
Windows server 2003
and click on RAISE. It will give you a warning ,
Click on OK to continue.
As showed in the image below . . .

Preparing Windows 2003 (x86) AD for the Windows 2008 (x64) Joining

On your Windows 2003 DC, Insert Windows 2008 x64 DVD,
Open command prompt
Change dir to \support\adprep

cd \support\adprep

& issue following command

adprepr32.exe /forestprep

It will give you warning , Type C and and press ENTER to continue
As showed in the image below . . .

After its completion, issue following command

adprep32.exe /domainprep

After its completion, issue following command

adprep32.exe /rodcprep

Ok, Windows 2003 section is done, Now moving to Windows 2008 Server to configure it as ADC [Additional Domain Controller]

Configuring WINDOWS 2008 (x64) as Additional Domain Controller

Start Active Directory Installation Wizard using dcpromo:

Goto Start / Run and type


AD Wizard will start, Click on Next, Next
As showed in the image below . . .

When it asks for Choose a Deployment Configuration,
& Click NEXT to continue.
As showed in the image below . . .

– On Network Credentials Screen, Type your Fully Qualified Domain Name e.g: ,
in Alternate Credentials, click on SET , and enter your Domain Administrator ID & Password. and Click NEXT to continue.
As showed in the image below . . .

– On Select a Domain screen, click on your domain name e.g and Click NEXT to continue.
As showed in the image below . . .

On Select a Site, Click on Default First Site-name, and Click NEXT to continue.
As showed in the image below . . .

On Additional Domain Controller Options. Click NEXT to continue.
 [Make sure you tick on DNS server]

Another warning screen may popup, telling you about DNS warning, Click YES to continue.
As showed in the image below . . .

in Next screen, it will inform you about the locations where AD Database will be copied.
Click NEXT to continue.
As showed in the image below . . .

in Next Screen, it will ask you to enter DSRM password, this is the password required when you run Windows in Directory Services Restore Mode to restore /troubleshoot AD, Enter your desired password and Click NEXT to continue.
As showed in the image below . . .

on Summary Window, It will show you all the info , Click on NEXT to continue.
As showed in the image below . . .

After it completes, simply Reboot.


Ok its time to transfer FIVE FSMO ROLES from Windows 2003 to Windows 2008 Server.
Lets Begin.

On Windows 2008 Server, Open ADUC and transfer following 3 roles.

1) RID
2) PDC
3) InfraStructure

on ADUC, Right click on domain name e.g: and select OPERATION MASTERS

Now you will see something like below image.

On RID, click CHANGE , it will ask your confirmation, Click on YES, & the role will be transfer to windows 2008 ADC.
As showed in the image below . . .

Repeat this process for PDC and Infra roles.

Now we will transfer 4th role , which is called SCHEMA MASTER.

From your Windows 2003 DC,
Open Command Prompt and issue following command

regsvr32.exe schmmgmt.dll

Now open management console by issuing following command


on MMC, goto file / ADD Remove Snapin

From the List , double click on ACTIVE DIRECTORY SCHEMA
and click Ok to close this window.

Now Right click on Active Directory Schema and select
Change Active Directory Domain Controller

Select your ADC Server and click on OK

Click on Change, and select YES when asked, it will transfer the OM role to your ADC.
As showed in the image below . . .


Now we will transfer Domain Naming Master role to ADC
Open AD Domains and Trusts,
Right click and click on Change Domain Controller,
Select Your ADC Server and click on Ok

Now right click and select OPERATION MASTER as showed in the image below
Click on CHANGE
As showed in the image below . . .

For better explaination of roles transfer, pelase see following guide.

All Done !!! Your ADC is now fully functional Domain Controller.

# Now remove AD from your Old Windows 2003 DC by running dcpromo. At end it will give you error that it fails to remove AD, Don’t worry, re-run the dcpromo again, and this time it will smoothly remove AD from 2003 server.

If it somehow failed to remove , you can use /forceRemoaval switch alongwith dcpromo to forcefully remove it.

# Make sure you UNCHECK option “This is the last DC in your domain

# Also don’t forget to remove the of W2003 DC DNS Entry on Windows 2008 DNS Server.

# Also remove 2003 DC Entry from AD Sites. You can also use metadata to clean the old entries.

# If Windows 2008 DNS server fail to replicate dns entries from 2003 dns, make sure ZONE TRANSFER is selected in Windows 2003 DC‘s DNS Server.

# So far we have manage to transfer all FSMO roles from Windows 2003 to Windows 2008, Now we want to move this Newly DC back to old machine so that IP address should remain same as previous old DC and also we will add ADC for this new DC.

Install Windows 2008  (x64) , configure it as ADC , transfer all FSMO roles from Windows 2008 (x64 DC) to this ADC, remove old 2008 DC,

Now remove AD from old 2008 DC, and again run dcpromo to make it ADC of 2008 x64.

I will write more data on this with some upgraded screenshots . . .

HOWTO verify DC’s are performing FSMO roles properly

Open Command promtp, and run

netdom query fsmo

dcdiag /test:fsmocheck

Syed Jahanzaib


  1. It can be the only you, who can post this type of post:p how typical topic you have easily covered here:p:p:p when i will come on this lecture in my class i will just give the link of this post to my students, if you don’t mind:P:d

    Comment by Shery — June 17, 2012 @ 7:24 PM

  2. It’s so resourceful. Excellent way of putting it together. Thanks

    Comment by Bijoy — December 26, 2012 @ 4:39 PM

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at

%d bloggers like this: