Migrating windows domain


I’m going to migrate our old SBS 2011 domain (small office) to a new server with Windows Server 2022. I already looked up some guides, considering this is my first migration. I’m just not sure on a couple of things.

  • I want to avoid/minimize downtime
    The guides i’ve found tell to promote the new server to DC then transfer FSMO roles etc.

  • What is unclear to me, at what point will there be downtime, if any. When I promote the new DC will people still be able to login as normal or does it change at that point?

  • So at what point do domain computers start using the new server, is this after demoting the old DC?

  • I assume I have to migrate group policy separately?

Another question I’m having is I’m unsure in which order I should do things.

  • Old server has a Exchange 2010, which we also want to migrate to 365
    Can we transfer this afterwards and also connect the local domain profiles to Office 365 afterwards?
    Will Exchange 2010 keep working with domain user profiles when the domain is transferred to the new server?

If anyone has answers or a guide including the following information, it’s greatly appreciated! Thanks.

This is always a good plan, but I would schedule downtime so that way you have time to revert back if things get out of control.

Promoting another server as a PDC should not create downtime. It may take a bit to replicate to all machines depending on when your update cycled is set. I think the MS Windows default is 59 minutes.
Basically, the machines will see multiple domain controllers and should be able to authenticate to either of them, as long as your DNS, DHCP, and Radius (if you use it) systems/roles have been configured on the new DC. if you are using external servers to host these services, then you will need to configure them to talked to the 2022 box once it has been promoted as the PDC. → Downtime should not happen as long as the other server is there as a fall back. Again this will also depend on how your network has been configured.

When you setup the new server as the PDC, you may have to force the update to propagate through your network so that they know there is another PDC ahead of their scheduled update time. With that said, see above about network. You would need to ensure that the order of lookup has been swapped with the new server being the primary DC (PDC) for lookup.

Yes. In most cases, but this is trivial. It may also be a good time to clean it up.

Do this after you have migrated to the new DC.


It should but it depends on network setup. You may have to also add delegation roles to the new PDC.

Do you only run one DC to begin with? It is always recommended to run two Domain controllers. Instead of demoting the other, you could just upgrade it to 2022 and use it as a secondary for fail-over purposes.


Thanks for your answers! I’ve had some external help yesterday and it’s actually already mostly done and was easier then I expected.

The domains are replicating, what’s left is migrating profiles which will be doing via robocopy in the coming week and when all’s done we’ll be making it the PDC on a friday, to prevent downtime.

We do only run one DC, have done so for years. But I will consider running the old server as a secondary, that seems like a good idea. Thanks for the input!

1 Like

No worries. I am glad that you were able to make short work of it. The First DC migration is always the scariest.

1 Like