Announcement

Collapse
No announcement yet.

Advice on Replacing First Domain Controller in Forest/Domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Advice on Replacing First Domain Controller in Forest/Domain

    Hi All,

    We are planning to replace the original domain controller that was the first dc when we upgraded our network to Windows2000 and then to Windows2003. We have a single forest, single domain, with 3 domain controllers all running Windows 2003 Server with Service Pack 1. The server to be replaced holds the all the FSMO roles, except for the PDC Emulator. We are running Active Directory Integrated DNS on the server we are replacing and we have a secondary DNS server (integrated DNS) on one of the other 2 DCS.

    It is critical for us to keep the same server name and IP address for the new server, because all domain controllers and member servers (10 of them) are pointing to the server we are replacing.

    I have done some google searches, but I have not been able to nail down any step by step instructions for how to keep the same server name and IP address.

    Thanks in advance for any tips or useful links

    Zoey

  • #2
    Re: Advice on Replacing First Domain Controller in Forest/Domain

    Why do you need the name the same specifically?

    One way I did this was one evening add in 2 new 2003 (with schema updates etc) and sync everything. Set this 2003 server as the primary DNS for the 2000 box. Change the IP of the 2000 box and reboot it so it re-registers. Add its old IP address as a secondary on the 2003 box and make sure DNS is set to a work on both IP addresses. The name is irrelevant unelss you have shares etc from it (and I suspect you could always demote the 2000 box, change its name and then add in a cname for its old name that points to the 2003 box and then use KB281308).

    Your other option is just to add in a spare 2003 DC, demote the old server, change its name and then add in a new server as 2003 DC with that name. Generally I prefer to kill of old DCs along with their names to save issues down the line though.

    Make sure DCDiag, Netdiag etc all run clean before you start anything and get backups too!
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: Advice on Replacing First Domain Controller in Forest/Domain

      Andy,

      Thanks for the reply. The reason I need to keep the server name the same, is because all servers are pointing to this iP Address and DNS name. I'll call this server (for example's sake) server1.test.org with ip address of 10.100.0.2. We have 11 additional servers in our server farm (total 12 servers, 3 DCS, 9 member servers). We also have many other devices on our network that point to this FQDN and ip address. It would just make it so much easier to keep the same FQDN for the new server. Also, I don't have any 2000 servers. The domain is Windows2003 Native, so I don't know if this changes my routine. One article I researched points to just do the "clean up metabase" function from this article:
      http://technet.microsoft.com/en-us/l...).aspx#E0EE0AA

      What would your thoughts be on this?

      Again, thanks for the excellent reply. Looking forward to your feedback.



      Comment


      • #4
        Re: Advice on Replacing First Domain Controller in Forest/Domain

        Originally posted by zoeythecat View Post
        Hi All,

        We are planning to replace the original domain controller that was the first dc when we upgraded our network to Windows2000 and then to Windows2003. We have a single forest, single domain, with 3 domain controllers all running Windows 2003 Server with Service Pack 1. The server to be replaced holds the all the FSMO roles, except for the PDC Emulator. We are running Active Directory Integrated DNS on the server we are replacing and we have a secondary DNS server (integrated DNS) on one of the other 2 DCS.

        It is critical for us to keep the same server name and IP address for the new server, because all domain controllers and member servers (10 of them) are pointing to the server we are replacing.

        I have done some google searches, but I have not been able to nail down any step by step instructions for how to keep the same server name and IP address.

        Thanks in advance for any tips or useful links

        Zoey
        Backup the server and ensre that the backups are good.

        My advice would be to transfer the FSMO roles from the server.

        Remove all other roles that are curerntly on the server.

        Remove the server as a dc from the domain, DCPROMO.

        Remove the server from the domain.

        Install the new server and give it the name and IP address of the old server.

        Comment


        • #5
          Re: Advice on Replacing First Domain Controller in Forest/Domain

          Wullie,

          For backups, are you talking Systemstate backup? What about DNS and DHCP during this process? Everything points to this server. If I dcpromo the server, and build the new server, do I install this as the first server in the domain again? I'm wondering if I should just shutdown the server (not run DCPROMO) and do the "metabase" cleanup process instead? All of your steps sound good, just trying to understand what will happen with AD during the DCPROMO of this server If I did that... I assume I do these steps, but please confirm if you think i'm missing any steps:

          (1) Transfer FSMO roles to another DC.
          (2) Backup Systemstate
          (2A) Backup DHCP
          (3) Remove this server from Global Catalog.
          (4) Shutdown server.
          (5) Run Metabase cleanup process
          * Or would my best bet be to run dcpromo instead?
          (6) DCPROMO new server with same name and IP Address
          (7) Configure DNS
          ( Restore DHCP.
          (9) Transfer FMSO roles back


          Please let me know what you (or others from this forum) think? Will this process work in your opinion?

          Thanks again for the reply.

          Comment


          • #6
            Re: Advice on Replacing First Domain Controller in Forest/Domain

            Originally posted by zoeythecat View Post
            Wullie,

            For backups, are you talking Systemstate backup? What about DNS and DHCP during this process? Everything points to this server. If I dcpromo the server, and build the new server, do I install this as the first server in the domain again? I'm wondering if I should just shutdown the server (not run DCPROMO) and do the "metabase" cleanup process instead? All of your steps sound good, just trying to understand what will happen with AD during the DCPROMO of this server If I did that... I assume I do these steps, but please confirm if you think i'm missing any steps:

            (1) Transfer FSMO roles to another DC.
            (2) Backup Systemstate
            (2A) Backup DHCP
            (3) Remove this server from Global Catalog.
            (4) Shutdown server.
            (5) Run Metabase cleanup process
            * Or would my best bet be to run dcpromo instead?
            (6) DCPROMO new server with same name and IP Address
            (7) Configure DNS
            ( Restore DHCP.
            (9) Transfer FMSO roles back


            Please let me know what you (or others from this forum) think? Will this process work in your opinion?

            Thanks again for the reply.
            I would backup the entire server including system state.

            Personally i would use DCPROMO to remove the server as a DC and NOT jsut do a metadata cleanup. The only time i ever go near metadata cleanup is if something goes wrong with either promotion or demotion.

            You also don't need to transfer the FSMO roles back but if it makes you feel better then please do.

            As you already hae integrated DNS and presumably a new back DHDP server you should be good to go.

            Might be worthwhile unauthorising the DHCP server as well before you remove the service.

            Comment


            • #7
              Re: Advice on Replacing First Domain Controller in Forest/Domain

              Speaking of removing Global Catalog... be careful to move your Global Catalog on the server that is not Infrastructure master, except all DC are GC.

              Comment


              • #8
                Re: Advice on Replacing First Domain Controller in Forest/Domain

                Originally posted by alien_ri View Post
                Speaking of removing Global Catalog... be careful to move your Global Catalog on the server that is not Infrastructure master, except all DC are GC.
                Although its not recommended you cans till have this short term. It won't do any damage to your AD infrastructure if you do.

                Comment

                Working...
                X