AD migration checklist and procedure:
Technet Thread: "Migrating from AD 2003 to AD 2008 R2:"
Here’s a quick summary from:
Transitioning your Active Directory to Windows Server 2008 R2
Run adprep with the following switches.
If you are running it on a 32 bit machine, use the adprep32.exe version.
adprep /domainprep /gpprep Run after the foresprep and in each domain on the IM Role (enable Resultant Set of Policy (RSOP) Planning Mode functionality)
adprep /domainprep Run after the forestprep and in each domain
adprep /rodcprep Run on the DNM Role. Optional only if you expect to install an RODC.
You can also use the /wssg switch so you can get a detailed result code instead of a 0 for success, or 1 for an error.
Alllow replication time. Go get a cup of coffee, cold refreshment, or a beer.
Then check your schema version:
repadmin /showattr * "cn=schema,cn=configuration,dc=domain,dc=tld" /atts:objectVersion
Run it on all DCs. You can use PSEXEC – Microsoft Technet to remotely run it in a command prompt, or create a script.
When all your Domain Controllers report Schema version 47, you’re good to go. If not, check the event logs and the C:\Windows\Debug\Adprep\Logs\adprep.log.
More info if needed:
Troubleshooting ADPREP Errors
Then raise the Domain Functional Level.
This adds two features:
1. Authentication Mechanism Assurance – Type of authentication is added to the user’s Kerb ticket.
2. Automatic SPN Management – Allows the use of Managed Service Accounts (MSAs) instead of Domain User accounts to run a service under.
Allow a bit of time to replicate. Go get a cup of coffee, a beer, whatever.
Then raise the Forest Functional Level.
This basically adds one thing:
1. The ability to enable the new Active Directory Recycle Bin feature.
If you want to enable it, go to Start, Programs AD Powershell, then run:
Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, DC=domain,DC=tld’ -Scope ForestOrConfigurationSet -Target ‘domain.local’
Allow replication time, too. Go get another beer.
Run the AD BPA
1. Server Manager, expand the Roles node
2. Select the Active Directory Domain Services role.
3. Scroll down to the Best Practice Analyzer section.
4. Click on the Scan This Role link on the right hand side.
Windows Server 2008 R2 Upgrade Paths
How to upgrade Windows Server 2003 R2 to Windows Server 2008 on a computer that includes a Baseboard Management Controller and a root-enumerated IPMI device
Corrections, suggestions, & comments are welcomed