Implementing new servers in an outdated environment ?

Hi guys.

It's surprisingly hard to find information on this... so it might be no problem at all, but as I am fairly new to network management (still working on my education), and quite curious, I wish to ask some questions on the topic.

I'm going to keep it real. I'm currently managing a really bad and outdated system, where the errors are just.. everywhere, and overflowing. All the servers are running on Windows Server 2008R2 or older software, with waaay less amounts of RAM than required, and CPUs that phones these days only laugh at. You get the picture, I hope.

Finally I've managed to find some licenses for Windows Server 2012, and I really wish to get this system up and running again.

So the real question to ask is then: what are the possible complications of implementing 2012 Servers in an environment where all servers are 2008R2. First off, I'm thinking the Domain Controller is critical to update.. It's kind of a crucial gathering point of a lot of traffic. So let's go there.

Updating the Domain Controller from 2008 to 2012. Is this a complicated matter, or do they just want me to think so? It needs to be done, preferably 3 years ago!

The current DC is a virtual server in VM-Ware, so I am not sure how much specs I have to work with there.. I will check up on that and get back to the thread with some info. Maybe if you could recommend a physical server to buy, or some solution that you think would work out good. If you have any solutions, info on prices as well is highly appreciated! It's nice to have something to present to the upper boss-man, if it gets to that.

Thank you in advance, guys!
Mr.Moseng

Support for 2k8r2 goes out into 2020, so it might not be as bad as you think.

I'd take a look at all of the applications you use and see if there are any dependencies that don't play well with 2k12r2. I had a similar issue installing Cisco ISE in my lab where it completely refused to join a 2k12r2 domain until it was patched.

Since you have a VM it'd be easy to make a backup of the existing instance. Also, make a case to add more RAM/CPU to the VMware/ESXi instances so you can spec out the boxes a little better. 'Official recommendation' documents from the vendor are pretty helpful for that.

You didn't specify any hardware specs. My environment is mostly PowerEdge 2950's and the occasional PowerEdge R720. Our environment is all Server 2012 R2 with two machines running 2008 (one 2008 and one R2). They all have anywhere between 8-16GB of RAM and 1-2 Xeon's that aren't any older than 2007.

If you want a new DC, you can just install Server 2012 (on a separate machine) and promote it to a domain controller in an existing forest. You'll need to transfer FSMO roles and then just keep the old DC as a backup (we have one main DC and a virtual backup).

Yes, the support is going to be around for a while.. but when all the installations are very sketchy, nothing is documented, and they are aiming for use of application that clearly state that best practice is 2k12 or above, it's not optimal. I know it can work the way it is, but everything is so unstable it's just horrible.

Applications that don't play well with 2k12 would for starters be IBM Lotus iNotes 8.5.3... My boss is trying to get a transition into Microsoft Exchange, and get our 365 up and running as a new mail system, but it's all just a mess.

As for VMware, I'm not familiar with the process of just adding more cpu etc. It's currently listed with a Xeon x5650 2.6GHz CPU, and 4GB RAM. I believe the only server we have with more than 4GB RAM is the SCCM server, which I recently had them upgrade. They gave it 4 more GB.. best practice is 12GB.

I'm aiming for best practice on everything, so the basis of the network is working properly without doubt. Now it's all unstable, and nobody knows if anything really is working. It frankly feels like the network is a split second away from collapsing on itself. lol.

I don't know what kind of hardware the servers are running on, but I can probably figure that out next week. As I am still not a full employee I don't have access to everything.

Concerning the DC, I think it's the most critical server at the moment. The mail server is not working anyway now, because of some weird errors no-one's ever seen before, and the SCCM server would have a much better time with a 2k12 DC to communicate with. We currently have a DC1 and a DC2(backup) that are mirrored, in case of trouble.

When promoting the new DC, would it pick up all users etc. from the previous DC? I'm a bit concerned about errors like users not getting the correct policies, and not getting the access they need. It's a risky thing to do when everyone is already stressed out because of a crappy network.

The best way to go about it is to deploy a new server, join it to the domain, and then promote it to a domain controller. It will make a copy of the current AD catalog and use it. You can then copy the flexible single master operations rolls (FSMO) from the old DC to the new one (see how to do that HERE.)

Once the new DC is up and running, deploy another Server 2012 server and promote it to a DC to act as a backup (it can be virtual or physical). Then demote the old DC.