Windows Server 2022 Series - Upgrading DC from 2016 to 2022
All right, folks. This is the moment you’ve all been waiting for. Ladies and Gentlemen, I’m kicking off my series to upgrade my Hyper-V lab running Active Directory Domain Services. I’ll be performing in-place upgrades from Windows Server 2016/2019 to Windows Server 2022! I’ll also have some posts on updating the other member servers, file servers, Server Core, Windows Admin Center servers, etc. to 2022. Now, if you think only a daredevil like Evil Knievel (or someone with a death wish) would try something like this, you may be right. What am I doing upgrading domain controllers to a brand-new operating system version (that’s essentially not generally available at the time of this writing)? Why are you doing an in-place upgrade of a domain controller? For that matter, why the hell are you performing an in-place upgrade of a Windows server, period? Good points. ;)
Table of Contents
However, I put it to you that those thoughts are traditional. Back in the day, no server admin in their right mind would have done an in-place upgrade of Windows NT Server 4.0 to Windows 2000 Server. It just didn’t happen. MOSTLY because it was infamously unreliable. The chances of Windows Server being OK, much less all the configuration, services, and applications working post-upgrade were near null. :) And am I suggesting or even recommending following these exact procedures on your production environment with physical servers? Probably not. The point of this post is to show you what can be done, how to do it, and to incorporate this knowledge into your plans at your organization to make things a little smoother when you upgrade your ADDS environment.
Environment & Plan
Let me start by describing what my Hyper-V lab environment looks like.
|Server Name||Operating System||RAM||CPUs|
|WS16-DC1||Windows Server 2016 Datacenter||4 GB||4 vCPU|
|WS16-DC2||Windows Server 2016 Datacenter||4 GB||4 vCPU|
|WS19-DC3||Windows Server 2019 Datacenter||4 GB||4 vCPU|
|WS16-FS01-Core||Windows Server 2016 Datacenter Core||3 GB||4 vCPU|
|WS16-WinAdminCe||Windows Server 2016 Datacenter||4 GB||2 vCPU|
|WS19-SQL01||Windows Server 2019 Datacenter||8 GB||4 vCPU|
|WS19-SSSE-01||Windows Server 2019 Datacenter||8 GB||4 vCPU|
|WS22-FS02||Windows Server 2022 Datacenter||3 GB||4 vCPU|
|WS22-FS03-Core||Windows Server 2022 Datacenter Core||3 GB||2 vCPU|
The memory and CPUs are for reference. You can use whatever specs work for you and your test environments. My plan is to mount the ISO for Windows Server 2022, perform an upgrade of the operating system, then verify everything is still working as expected. Here are some details of ‘WS16-DC1’ before the upgrade. As you can see, all patched up (as of August 2021 Patch Tuesday).
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
Let’s start this. I’ve mounted the Windows Server 2022 ISO in Hyper-V. I double-clicked on the D: drive and Windows Server Setup starts.
A few screens of checking for updates and entering our product key.
On the ‘Select Image’ screen, we’re going to maintain our Desktop Experience through the upgrade.
Another screen to agree to license terms…
And now, the beauty of the ‘in-place upgrade’!
After I clicked Next, it downloads the latest MCU (Monthly Cumulative Update) & SSU (Servicing Stack Update).
And, the point of no return…
Crossing fingers… ;)
And, it’s alive!!!
Well, look at that. Yes, I just ran an in-place upgrade of a Domain Controller running Windows Server 2016 and upgraded it to Windows Server 2022. Not a hitch along the way. One curiosity pops in my head…either the schema of Active Directory did NOT need to get updated to introduce a WS2022 domain controller, OR Setup took care of it behind the scenes. Personally, I am 99.9% sure that Windows Server 2022 does not include new forest and domain functional levels… which goes hand in hand with the outcome of the upgrade. There would have been some verbiage during Setup to confirm the schema was being updated. Anyway, that’s a good sign to IT Pros. Less complexity in this complex world is a nice touch. Instead of purchasing new physical servers, installing WS2022, adding the ADDS role, promoting the server to a domain controller, decommissioning your old DC…we’re done in one step. Plus, the system requirements for Windows Server 2022 are very close to Windows Server 2016. If you have an ancient server, sure, lifecycle management would recommend a new box. But if you have, for example, a Dell R640 or even R630 with a decent warranty, I would strongly recommend placing this option on the table.
All shiny, pretty, even patched up to August 2021 Patch Tuesday levels (20348.169). The fact that Windows is running is excellent news. You can see that Active Directory is looking good so far. I went over to Windows Update, to make sure Windows was up-to-date…nope… :)
It is fairly typical for there to be more patches to install after Windows Setup of any flavor. When Setup goes to Windows Update, as I said, it downloads the latest ‘Critical’ Updates. That’s the MCU. So, Windows Defender and .NET Framework updates are not critical. Even still, it’s a good practice to get fully patched before resuming your production workloads.
Conclusions, Recommendations, and Next Steps
Well, there you have it. Admittedly, this is a pretty basic environment. The servers I started out with were minimal, with no applications installed. And doing it on Hyper-V, the process is easier, less planning involved, thinking about physical hardware, and performing OS upgrades. But again, the driver model changes ever so slightly, even from 2016 to 2022.
I would make a strong recommendation along this front though before you run Setup – upgrade the server’s BIOS, firmware, chipset drivers, NIC firmware and drivers, etc. For example (Yes, I’m a Dell guy), Dell releases the Server Update Utility (SUU) every quarter. All you have to do is download the (large) ISO, extract it to a network share, then run ‘suulauncher.exe’. It will scan the system’s inventory, scan the repository of updates included in the ISO and give you an easy table with items recommended for an upgrade.
I’m planning on writing another post to upgrade my remaining DCs (WS16-DC2 & WS19-DC3). Stay tuned!