Announcement

Collapse
No announcement yet.

Sequence for replacing DC

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Sequence for replacing DC

    I am preparing to replace a domain controller on my Windows Server 2003/AD network and am having some trouble figuring out the correct sequence of steps. I will be installing Server 2003 fresh on new hardware (we'll call it "NewServer") to replace our second domain controller, we'll call it "OldServer".

    I will need to transfer DNS, WINS, and DHCP from the OldServer to the NewServer. I may also need to transfer FSMO Roles (see side question below). This server is also our main file server.

    I know that I will need to DCPromo, but what is the correct order for the other services, FSMO roles, and files - and when should I demote the other DC?

    Side Question: OldServer is currently holding the Schema and Infrastructure FSMO Roles. This Petri.co.il article (and this one) states that for a small network the main DC could/should hold all of the roles, should I try to transfer them back to our main DC?

    In summary:
    1. Can someone provide me with a logical set of steps to accomplish this replacement?
    2. Should I move the two FSMO roles back onto our main DC?

    Thanks in advance for your help!

    TW

  • #2
    Re: Sequence for replacing DC

    Steps after ADC (Newserver) installation

    1. Make Newserver as GC (u will be having 2 GC servers)
    2. Transfer FSMO
    Schema, Domain Naming Master, RID, PDC Emulator, Infrastructure Master.
    3. Make the Newserver is Secondary DNS of the primary DC.
    4. Install DHCP on newserver but don't activate the server.
    5. Take backup of DHCP database to a file from netsh command. (inbuilt command)
    DO NOT ACTIVATE THE SCOPE.
    6. U can do this for WINS also.
    7. Remove GC role from Old server and See the impact on the network.
    8. Copy the files to newserver in share with same permissions.
    You can do this by ROBOCOPY utility. Robocopy will retain the permissions also if
    they are copied in NTFS partition.
    9. See all the events and study it. You should not keep anything hanging.
    10. after that, Offline the oldserver and on the Newserver Activate DHCP Scope, Make DNS Server as primary DNS Server.
    11. See the logons are taking place.

    One thing, Do you have any Login Scripts Group Policy ? If yes, then change the server name with the newserver name in the script. So that , users can get the data.

    IMP:
    After each and every specified step, PLS. SEE THE EVENT LOGS on both the servers.
    Do you have any application which communicates through GC ? (E.g. Symantec ProxyServer)


    Best Luck.
    From,
    Amit
    [/EMAIL]

    Comment


    • #3
      Re: Sequence for replacing DC

      Additionally before taking the old server offline stop it's netlogon service for couple of days to insure that users are getting authenticated from the new DC.

      Regards,
      Kapil Sharma
      ~~~~~~~~~~~~~
      Life is too short, Enjoy It.

      Comment


      • #4
        Re: Sequence for replacing DC

        Thanks for the excellent information. I do have a few questions:

        7 - What do you mean about "see the impact on the network"
        8 - When you say "copy the files", do you mean the shared user files, system files?

        I do have login scripts, I will need to account for that when performing these steps.

        The only applications that I know of that communicate through GC are Exchange 2003.

        Also, Based upon my previous description would you think it better to transfer the two FSMO roles to the new server, or move them back onto the main DC where the other three are currently?

        Thanks again for all of the help!

        Comment


        • #5
          Re: Sequence for replacing DC

          Originally posted by thesysadmin View Post
          I am preparing to replace a domain controller on my Windows Server 2003/AD network and am having some trouble figuring out the correct sequence of steps. I will be installing Server 2003 fresh on new hardware (we'll call it "NewServer") to replace our second domain controller, we'll call it "OldServer".

          I will need to transfer DNS, WINS, and DHCP from the OldServer to the NewServer. I may also need to transfer FSMO Roles (see side question below). This server is also our main file server.

          I know that I will need to DCPromo, but what is the correct order for the other services, FSMO roles, and files - and when should I demote the other DC?

          Side Question: OldServer is currently holding the Schema and Infrastructure FSMO Roles. This Petri.co.il article (and this one) states that for a small network the main DC could/should hold all of the roles, should I try to transfer them back to our main DC?

          In summary:
          1. Can someone provide me with a logical set of steps to accomplish this replacement?
          2. Should I move the two FSMO roles back onto our main DC?

          Thanks in advance for your help!

          TW

          -Best practice is to leave both servers for full replication for 7 days. And then demote old server.
          - Making DC a file server is never a good option.
          -I suggest you to keep old server as a file server.
          All in 1
          Solaris,Linux & Windows admin + networking.

          Comment


          • #6
            Re: Sequence for replacing DC

            Thanks for your response Sco. I appreciate the info on leaving the servers to replicate, I was planning to leave the old one up for a while, but wasn't sure how long. We are fairly small so 7 days should be sufficient.

            Regarding the file server issue, I completely agree, if I could buy another server for dedicated file serving I certainly would. The old server has been having some hardware issues where it will intermittently (randomly) shuts down so keeping it as a file server is not an option. A decent NAS is next on my ToDo list...

            Thanks again!

            Comment


            • #7
              Re: Sequence for replacing DC

              Depending on the age, it may be worth using as a file server. The random shutdowns could be due to overheating (clean out the CPU fan & heatsink) or power supply problem, cleaners unplugging the server for their vaccumn. Run Memtest to see if you have a faulty RAM module. You could also run a HDD diagnostic to see if there is a fault there.

              The Event Viewer may also give you some clues as to what may be causing the shutdowns especially if they are happening at certain times or after certain apps or services have been run. Of course if the machine is 5 years old I am sure it will make a nice place for the fish to make a new home in. A PC reef can be a trendy place to live.
              1 1 was a racehorse.
              2 2 was 1 2.
              1 1 1 1 race 1 day,
              2 2 1 1 2

              Comment

              Working...
              X