Well, if DNS is configured correctly, and AD is functioning properly all you do is join a new server to the domain, and make it a DC.
It replicates AD off in a few minutes typically, you make it a global catalog, and you transfer all the FSMO roles. Once that's done you demote the old one... and all of AD is now running somewhere else. This would include AD supporting DNS, and DHCP potentially. But each service needs migrated one at a time.
And this is not something you want to just wing.... If he's got a new platform that's capable of running VMs... well the easy answer is to P2V the entire DC from the breaking platform as a VM on the new one. Once that VM is online on the new server, the old server is powered down, and thrown away. The "working" environment is now on hardware that isn't dying in a fire so you have more time to work through the rest.
If that 2nd server is HyperV based, the tool you want is
https://docs.microsoft.com/en-us/sysinternals/downloads/disk2vhd
If that 2nd server is vSphere based, the tool you want is
https://www.vmware.com/products/converter.html
But I'm not sure how we're supposed to help here, because this is professional level stuff. You either know it, or you don't.
But it sounds to me like yet another Church that failed to migrate into 365 properly, and get the heck off that DC entirely. If they aren't going to invest, they need to divest. You can't have it both ways, but Microsoft gives it away to these places so they have software well beyond their ken to use, and because it cost them a pittance they don't put any value on it at all. (E3 is $4 / month / user for them for crying out loud)
What you're describing is at least 8 hours of work for me to sort out. The process would actually potentially take days.
