Announcement

Collapse
No announcement yet.

Final steps after AD migration

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Final steps after AD migration

    Hi all,

    I have migrated my AD from a win2003 server to win2008, the new AD is, of course, on a new IP address.

    The migration went fine, and I can join new machines to the new DC.

    My question is, after decommissioning the original DC (proper demotion worked of course), what do I need to do on the member servers, besides changing the first DNS IP to the IP of the new DC?
    Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

    BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

  • #2
    Re: Final steps after AD migration

    Your member servers are just domain computers. As long as they know where to look when they need something, they are happy.

    So as long as the only thing you have changed is the DC, then nothing else is required.

    I wish I could give a more drawn out answer, but you nailed it in your statement

    Ste
    Steven Roberts
    IT Mercenary

    MCITP:EA|MCTS|MCSE 2003 (Messaging and Security)|MCSA 2003 (Messaging and Security)|MCP|Prince2 Practitioner

    Don't forget to click on the Yin-Yang icon to leave reputation points if you think my advice has been worthwhile!

    Comment


    • #3
      Re: Final steps after AD migration

      Thing is, after the changes, I am getting authentication errors, so I am wondering is there is something else that needs changing, besides the DNS field.
      Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

      BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

      Comment


      • #4
        Re: Final steps after AD migration

        There shouldn't be. I have migrated to 2008 before without error. Is your DHCP server just pointing at the 2008 DC now and is this the only DNS server?

        What errors are you getting in your event logs? Unable to find a suitable domain controller for domain xxx.domain.com?

        Are there any remnants of the old DC in AD? Are the clients still trying to look for the old DC for authentication? Have you flushed the network cards on the client machines just in case? What happens when you do?

        Have you ran a dcdiag on the server?

        The first key to this is to have a look in the event logs server and client side and see what the error is.

        Ste
        Steven Roberts
        IT Mercenary

        MCITP:EA|MCTS|MCSE 2003 (Messaging and Security)|MCSA 2003 (Messaging and Security)|MCP|Prince2 Practitioner

        Don't forget to click on the Yin-Yang icon to leave reputation points if you think my advice has been worthwhile!

        Comment


        • #5
          Re: Final steps after AD migration

          I don't have a DHCP atm, that's why I set the IPs on member servers manually
          Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

          BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

          Comment


          • #6
            Re: Final steps after AD migration

            No problem, same applies, just ignore the DHCP bit
            Steven Roberts
            IT Mercenary

            MCITP:EA|MCTS|MCSE 2003 (Messaging and Security)|MCSA 2003 (Messaging and Security)|MCP|Prince2 Practitioner

            Don't forget to click on the Yin-Yang icon to leave reputation points if you think my advice has been worthwhile!

            Comment


            • #7
              Re: Final steps after AD migration

              You would normally only use DHCP for clients and assign static IPs to member servers, printers etc anyway.

              Before demoting the old DC, remember to make sure the new one is a DNS and GC and holds the FSMO roles.
              Gareth Howells

              BSc (Hons), MBCS, MCP, MCDST, ICCE

              Any advice is given in good faith and without warranty.

              Please give reputation points if somebody has helped you.

              "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

              "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

              Comment


              • #8
                Re: Final steps after AD migration

                I am starting to wonder whether I did something wrong - most of my machines start refusing authentication...
                is there a checklist to go over somewhere, and an example of a typical DNS config for an internal network DC on 2008R2?
                Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

                BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

                Comment


                • #9
                  Re: Final steps after AD migration

                  Did everything replicate over to the new DC?
                  Are you sure it has the FSMOs?

                  Again, what errors are you getting?
                  Tom Jones
                  MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                  PhD, MSc, FIAP, MIITT
                  IT Trainer / Consultant
                  Ossian Ltd
                  Scotland

                  ** Remember to give credit where credit is due and leave reputation points where appropriate **

                  Comment


                  • #10
                    Re: Final steps after AD migration

                    Is you new server a Global Catalog???

                    Comment


                    • #11
                      Re: Final steps after AD migration

                      It should be the GC and everything else

                      at least according to the MS KB articles I've followed. Now, with 2008 my AD-fu is rather rusty, any clues as to how I can diagnose this?
                      Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

                      BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

                      Comment


                      • #12
                        Re: Final steps after AD migration

                        ADSS, open site then server, right click NTDS settings, check Properties

                        Can you please give us an error number to work with
                        Tom Jones
                        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                        PhD, MSc, FIAP, MIITT
                        IT Trainer / Consultant
                        Ossian Ltd
                        Scotland

                        ** Remember to give credit where credit is due and leave reputation points where appropriate **

                        Comment


                        • #13
                          Re: Final steps after AD migration

                          GC checkbox ticked in NTDS settings properties
                          Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

                          BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

                          Comment

                          Working...
                          X