For this post I just wanted to note down my thoughts and plan that I recently used to migrate a client from Active Directory 2008 R2 to Active Directory 2016. For this work the servers involved were four Windows 2008 R2 servers which all ran AD, DNS, DHCP and NPS. These roles were being migrated to four Windows 2016 servers. The servers are spread out geographically and are on different networks but are all part of a single AD domain. All of the servers are Global Catalog servers. This is not designed to be low-level guide with all the intricate details but more of an overview (with some useful commands thrown in).
I wanted to enable full network access to company users via the existing Cisco Meraki wireless access points. The problem is that these traditionally have only been used for guest Wi-Fi access and I need to be 100% certain that it will be secure.