Swapping IP of AD domain controllers with DNS integrated

Home Forums Microsoft Networking and Management Services Active Directory Swapping IP of AD domain controllers with DNS integrated

This topic contains 7 replies, has 3 voices, and was last updated by Avatar cruachan 4 years, 7 months ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • Avatar
    Albertwt
    Member
    #165140

    Hi,

    I’d like to know what is the steps involved in swapping the IP address of domain controller with AD-Integrated DNS ?

    From below:

    Win2k3 – 10.1.2.11 (oldDNS & oldDHCP)
    Win2k12R2 – 10.1.2.199 (NewDNS & NewDHCP and All FSMO Role holder)

    Into:
    Win2k3 – 10.1.2.199 (oldDNS & oldDHCP)
    Win2k12R2 – 10.1.2.11 (NewDNS & NewDHCP and All FSMO Role holder)

    is there any risk involved in doing the above task ?

    Avatar
    Ossian
    Moderator
    #190488

    Re: Swapping IP of AD domain controllers with DNS integrated

    No risk, although it is worth reducing length of DHCP leases in advance so clients pick up the “correct” details sooner

    Avatar
    cruachan
    Participant
    #330771

    Re: Swapping IP of AD domain controllers with DNS integrated

    Make sure you run ipconfig /registerdns and restart the NETLOGON service on each DC after the change. This will ensure the DNS records are all updated for the domain (SRV records, NS records etc, and not just the Host (A) Records.)

    Avatar
    Albertwt
    Member
    #318006

    Re: Swapping IP of AD domain controllers with DNS integrated

    Hi Cruachan and Ossian,

    Thanks for the response, so here’s what I’d like to do the changes during ones business day.

    Since I also have around 17 other AD Sites with Domain Controller & AD-Integrated DNS on each sites, do I also have to manually logon to each of the server and restart the NETLOGON service, and manually change the AD Name Server IP address as well ?

    Please correct me if that doesn’t make sense.

    Avatar
    Albertwt
    Member
    #318007

    Re: Swapping IP of AD domain controllers with DNS integrated

    cruachan;291167 wrote:
    Make sure you run ipconfig /registerdns and restart the NETLOGON service on each DC after the change. This will ensure the DNS records are all updated for the domain (SRV records, NS records etc, and not just the Host (A) Records.)

    So the process above, can I do it in the same day or do I need to wait until the AD is replicated all the way to the rest of my DC/GC & DNS servers ?

    Avatar
    Ossian
    Moderator
    #190492

    Re: Swapping IP of AD domain controllers with DNS integrated

    IMHO don’t do anything at the other sites unless they start having problems – their clients will look to the site DC, and DNS replication will eventually push the correct records around

    Avatar
    cruachan
    Participant
    #330772

    Re: Swapping IP of AD domain controllers with DNS integrated

    Albertwt;291195 wrote:
    So the process above, can I do it in the same day or do I need to wait until the AD is replicated all the way to the rest of my DC/GC & DNS servers ?

    Do it as soon as you’ve changed the IP, then AD replication should take care of the rest. As Ossian said, don’t do anything at the other sites unless you need to.

    https://technet.microsoft.com/en-gb/library/cc759550%28v=ws.10%29.aspx gives far more detail about AD and DNS than you would ever want to know, basically the process is that when the NETLOGON service starts on a DC it should check with DNS to ensure that it’s SRV records are correctly registered. Once AD has replicated the chnages I’d go in and manually check that all of the NS records are correct as sometimes I’ve seen the old ones remain.

    Avatar
    Albertwt
    Member
    #318008

    Re: Swapping IP of AD domain controllers with DNS integrated

    cruachan;291208 wrote:
    Do it as soon as you’ve changed the IP, then AD replication should take care of the rest. As Ossian said, don’t do anything at the other sites unless you need to.

    https://technet.microsoft.com/en-gb/library/cc759550%28v=ws.10%29.aspx gives far more detail about AD and DNS than you would ever want to know, basically the process is that when the NETLOGON service starts on a DC it should check with DNS to ensure that it’s SRV records are correctly registered. Once AD has replicated the chnages I’d go in and manually check that all of the NS records are correct as sometimes I’ve seen the old ones remain.

    ok, so the steps below can be executed in one day without having to turn off the other DC for one or more days ?

    Quote:
    Changing Win2k3 IP address:
    1. Turn off / shutdown the Win2k12R2 server & unplug the network cable.
    2. Change IP address (to match the Win2k12R2 IP).
    3. Open Command prompt and then run ipconfig /registerdns command.
    4. Restart the NETLOGON service on the current Win2k3 server.
    5. Open Command prompt and then run dcdiag /fix command.
    6. Check the AD/DNS replication and for any other error.
    Quote:
    Changing Win2k12R2 IP address:
    1. Turn on the Win2k12R2 server without the network cable connection.
    2. Change IP address (to match the Win2k3 IP).
    3. Connect the network cable to the Win2k12R2 server NIC.
    4. Open Command prompt and then run ipconfig /registerdns command.
    5. Restart the NETLOGON service on the current Win2k3 server.
    6. Open Command prompt and then run dcdiag /fix command.
    7. Check the AD/DNS replication and for any other error.

    is there anything that I need to be aware or I missed any important steps ?

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.