Move from Windows Server 2003 to more recent version

we have a DC who is running in Windows Server 2003 and i want to migrate that to a more recent version, the thing is there is no path at microsoft to do that.

if i install a new DC on let’s say Windows Server 2019 i’m afraid that my users will lose their profile on their system to a new one, is there something to do to keep user profile after joining a new domain ?

the server is used only to log users, dns and dhcp .

The migration path would be Server 2003 → Server 2012 R2 → Server 2019 to upgrade your existing domain. Essentially you’ll need to perform two separate DC migrations and use Server 2012 R2 as a bridge between 2003 and 2019.

I’d avoid this route at all costs. Things will get messy with NTFS permissions and trying to migrate profiles between the two domains. This is the equivalent to an unrecoverable DC failure and a worse case scenario you don’t want to be in.

Can you provide a little more info on your environment?

  • How many DCs? Are any visualized?
  • How many other servers are joined to the domain? What is the oldest OS?
  • Number of Workstations? Oldest OS?

Is your current AD domain using a “.local” domain? If so you might want to consider migrating to a new domain use a proper subdomain. There are ways to migrate users/groups/computers to a new domain, but it can be slow and tedious work.

1 Like

That Microsoft certification material that recommended .local domains probably ruined many people’s days.

OP doesn’t need to migrate the server. Join the new servers to the domain as additional domain controllers, promote the new guys FSMO roles and decommission the old servers. Worst it can happen is that you need to change DNS settings.

Of cours backup everything first.


there is only one domain controler, it share no data, only authenticate users, dns and dhcp, the server is 2003 server, de 20 workstations are windows 10 pro

if i do that will i lose my user profiles on their workstation or it will follow ?
and yes it’s a .local

My personal opinion, this is the correct answer for the easiest upgrade path. Once the new DCs have been promoted and the last of the 2003 DCs removed, it’s a simple process to upgrade AD to the latest version.



You have two routes:

  • upgrade from one version to another along a supported path
  • add new DC(s) to the domain, migrate roles and decommission the old one

I’d suggest adding a second server running a more recent OS as a secondary DC, then upgrade the existing one.

I haven’t done upgrades from 2003 before (i’ve retired them and added newer DCs) but i have done upgrades from 2008r2 → 2012r2 without any issues to speak of.

I’ve been running the same AD domain here since 2002.

As always, have backups.