Announcement

Collapse
No announcement yet.

W2k+Exch2K : new DC in, old DC out and in again

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • W2k+Exch2K : new DC in, old DC out and in again

    Hi,
    I will really appreciate your advice on this issues:
    (btw, please donīt take my writing style as unpolite but as an attempt to make my post easier to read)

    * Current scenario:
    - Company budget: none.
    - Single box, domain, forest, controller.
    - SRV1 running W2k + Exchange 2000, also acting as DC and light-use fileserver.
    - SRV1 is also having some unexpected resets.

    * Goals
    - We are trying to set up a failover server and protocol.
    - Additionaly, we would like to take SRV1 offline and perform some thorough hardware tests.

    So, what we are planning to do is to set up a new box to replace the current one for a couple of weeks and then plug it back to the LAN as a "backup" server.
    Ideally, any drastic meassures in SRV1 will be performed only after about a month of having SRV2 running stable.

    But there many questions for which I find no clear answer:

    1. I have a fake/lab system resembling SRV1 (name, IP, etc). If I build SRV2 as an Additional Controller to it and then I place SRV2 in the real LAN, will SRV2 get the AD data from SRV1 or will SRV2 delete AD contentīs in SRV1?

    2. Considering that SRV1 will end up as a secondary/emergency server...
    - Can I wait some time before demoting SRV1?
    - If I take SRV1 offline after replicating AD to SRV2, will clients be able to log in to the domain trough SRV2?
    - Should I seize FSMOs to SRV2 just in case I decide to format SRV1?
    - What about some warnings I read regarding attaching seized DCs to the LAN?
    - Should I do any of this at all?? (considering I plan to re-establish SRV1 once itīs hardware is checked).

    About Exchange.
    3. Is it required to run forestprep+domainprep or /disasterrecovery before I install exchange in the new SRV2?
    4. I will have to create a CNAME in SRV2 emulating SRV1 name for the MX record to find the server name it expects, right?
    5. When the day comes when Iīll have to take one exchange down and fire up the other one, will clients pick up the new name automatically or will I have to change their configs by hand (mailbox restoration aside).


    Thanks a lot in advance.
    Cheers!

  • #2
    Re: W2k+Exch2K : new DC in, old DC out and in again

    Originally posted by siko View Post
    Hi,
    1. I have a fake/lab system resembling SRV1 (name, IP, etc). If I build SRV2 as an Additional Controller to it and then I place SRV2 in the real LAN, will SRV2 get the AD data from SRV1 or will SRV2 delete AD contentīs in SRV1?
    You should build SRV2, add it to the lan by giving it an IP address within the subnet and then use DCPROMO. This will promote the server to be a Domain Controller and it will replicate FROM SRV1. Basically all AD data will be copied onto SRV2. You may also want to make it a global catalogue server if this is the 2nd DC.

    Originally posted by siko View Post
    2. Considering that SRV1 will end up as a secondary/emergency server...
    - Can I wait some time before demoting SRV1?
    - If I take SRV1 offline after replicating AD to SRV2, will clients be able to log in to the domain trough SRV2?
    - Should I seize FSMOs to SRV2 just in case I decide to format SRV1?
    - What about some warnings I read regarding attaching seized DCs to the LAN?
    - Should I do any of this at all?? (considering I plan to re-establish SRV1 once itīs hardware is checked).
    Windows 2000 / 2003 is not like NT where you had a PDC and BDC. All servers promoted to Domain Controllers are equal (Apart from ones holding the FSMO roles) If they are both Global catalogues then users can authenticate agains anyone. If you are planning on formating SRV1 I would transfer the FSMO roles (http://www.petri.com/transferring_fsmo_roles.htm) Siezing the roles is only ever used when the DC is no longer online. If you sieze a role from SRV1 onto SRV2 then DONT bring the DC back online. If you transfer the FSMO roles then you will be OK bringing it back online.

    Originally posted by siko View Post
    About Exchange.
    3. Is it required to run forestprep+domainprep or /disasterrecovery before I install exchange in the new SRV2?
    4. I will have to create a CNAME in SRV2 emulating SRV1 name for the MX record to find the server name it expects, right?
    5. When the day comes when Iīll have to take one exchange down and fire up the other one, will clients pick up the new name automatically or will I have to change their configs by hand (mailbox restoration aside).
    If you are moving from 2000 to 2003 then you need to run forestprep and domainprep (http://www.petri.com/windows_2003_adprep.htm) If you plan on bringing one exchange server down you will have to migrate all mailboxes and PF's from the server going down to the new server. If possible - try not to install exchange on a Domain Controller. I would set-up a brand new member server for exchange. Try not to run anything else on the DC's i.e. File and print etc. DNS and DHCP is fine.

    Hope this helps

    Michael
    Michael Armstrong
    www.m80arm.co.uk
    MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

    Comment


    • #3
      Re: W2k+Exch2K : new DC in, old DC out and in again

      Hi m80arm, thanks for your time

      You should build SRV2, add it to the lan by giving it an IP address within the subnet and then use DCPROMO. This will promote the server to be a Domain Controller and it will replicate FROM SRV1. Basically all AD data will be copied onto SRV2. You may also want to make it a global catalogue server if this is the 2nd DC.
      I intended to have the 2nd server as advanced as possible before I plugged it to the "real" LAN, for that I wanted to have it dcpromo-ted and having exchange already installed (taking the exch org from the "lab" server). Thatīs why I wonder in which way the info will pass from one server to the other.

      If they are both Global catalogues then users can authenticate agains anyone.
      Great, thatīs the tip I was looking for

      Should I demote SRV1 immediately? it feels safer to have it around (offline) for a while but I donīt know if that will cause problems being the LANīs original DC.

      If you are moving from 2000 to 2003 then you need to run forestprep and domainprep
      We are keeping Exch 2000.

      If you plan on bringing one exchange server down you will have to migrate all mailboxes and PF's from the server going down to the new server.
      So I read, I made a question about that a couple of hours ago in a new thread, since it seems a topic on itīs own.

      If possible - try not to install exchange on a Domain Controller.
      Honestly, there is no budget nor room space to reasonably hold a third box, cheesy as that might sound, I actually forced managment to add this second box and it took me 9 month to get them to approve it.

      Thanks again.
      siko.

      Comment


      • #4
        Re: W2k+Exch2K : new DC in, old DC out and in again

        You could consider Swing Migrating (www.sbsmigration.com) the boxes each time. I know you are not SBS but Exchange and Windows Server, but it is the same technique. True you say you don't have room for another server but your TempDC could be a virtual machine in a desktop/laptop.
        The advantage here is you preserve your old server for testing and preserve your SID, user profiles, shares and printers for your users and forklift your Exchange files so no mailboxes, PF's to transfer.
        YMMV.
        TIA

        Steven Teiger [SBS-MVP(2003-2009)]
        http://www.wintra.co.il/
        sigpic
        I’m honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

        We don’t stop playing because we grow old, we grow old because we stop playing.

        Comment


        • #5
          Re: W2k+Exch2K : new DC in, old DC out and in again

          hmm... we canīt afford the swing migration kit. Too bad as it looks very useful .
          Thanks for the tip anyway.

          To the first three questions I made in my previous post I need to add something.
          I just made a lab test:
          -> Dummy-SRV1 online
          -> SRV2 promoted to DC
          -> w2k client logged to the domain , then shut down
          -> Dummy-SRV1 shut down
          -> restart w2k-client... it was able to log on the dummy-lan with only SRV2 (not a global catalog) running.
          -> shut everything down for 30 minutes and start only Client and SRV2
          -> Again, I am able to log on the network without Dummy-SRV1 online



          I thought I would be unable to log untill I made SRV2 a CG?

          Comment

          Working...
          X