2

I have the following active directory structure: 

       +------+ Forest +------+
       |                      |
       |                      |
       v                      v
domain1.example.com  domain2.example.com
     (root)                   +
       +                      |
       |                      |
       |                      |
       v                      v
      DC1                    DC2
  (WinSrv2003)           (WinSrv2008R2)
  • DC1 died a long time ago without any backup and was the only domain controller for Domain1.example.com
  • I think we transferred all of the FSMO roles to DC2 before DC1 died
  • All of the company users & computers are on domain2.example.com

I tried to add a new domain controller for domain2.example.com, but as its OS is Windows Server 2019, I receive an error saying that the forest functional level is Windows 2000.

I would like to have a clean active directory structure (with replication DC etc..) to avoid this kind of mess in the future, what is the best way to proceed?

All is currently working and I would like to avoid re-creating all user accounts if possible.

Gilles V.
  • 121
  • 2

1 Answers1

1

Upgrade the forest functional level. Change to DFS replication for SYSVOL. 2008 R2 as an interim step just came up on on Server Fault again yesterday.

Add additional domain controllers with an OS with more life left, Server 2019.

Verify replication. You now have multiple servers for AD DS.

Remove all pre 2019 domain controllers, always leaving at least two. Raise the forest functional level again.

John Mahowald
  • 32,050
  • 2
  • 19
  • 34
  • Thanks for your answer, I managed to raise the forest functional level, but what can I do about domain1 as the only domain controller is dead and it's the forest's root domain? – Gilles V. Oct 31 '19 at 14:46