RE: Provide feedback to DC promotion/replacement

---

• From: agt <agt@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 16 Oct 2007 17:50:00 -0700

---

You might run into few problem there.
1. Once promote DC3 into DC. You can not rename.
2. Make sure DC3 has GC enable.

"tnt" wrote:

Guys,

I posted this question a while back, but never had time to run through the
test. Anyways, here is the info:

We have DC1 & DC2 (domain controller & DNS). My goal is to replace DC1 in
the near future since the raid 1 controller failed on us (no more raid). On
DC1, we also have the TS Licensing Server.

Part of the goal is to add DC3 (domain controller) into the domain and then
in the long run demote DC1 (retire for good) and rename DC3 to DC1. Right
now DC1 has all the master operation roles.

Here is what I like to do in different timeframe (the week sequence is just
an example that I like to do in different time):

Week 1

1) Join DC3 to domain.
2) Install DNS and do nothing since it will replicate from AD
3) Promote to DC
4) Netdiag/dcdiag tests

Week 2

1) Transfer FSMO roles from DC1 to DC2
2) Netdiag/dcdiag tests


Week 3

1) Demote DC1 and bring it offline.
2) Rename DC3 to DC1 and reuse old IP address of DC1 (using
netdomcomputername).
3) Reinstall TS Licensing Server on the new DC1 (Call MS to reactivate
licenses)
4) Netdiag/dcdiag tests
5) Pray (joke).


Questions:

1) What else do I have to do besides the FSMO roles transfer? Also, during
this procedure, would it affect live production-meaning any users/clients?

2) On week 1, client workstation still use DC1 & DC2 as their DNS, so
nothing will change with them.

Please provide feedback. I will post more questions as I go.

Thanks,
TNT

.

---

• Follow-Ups:
  • RE: Provide feedback to DC promotion/replacement
    • From: Masterplan

• Prev by Date: Re: Querying AD for Group information (type/scope)
• Next by Date: Re: Dedicated AD forest for external users?
• Previous by thread: Re: DNS issues on multi-homed DC's
• Next by thread: RE: Provide feedback to DC promotion/replacement
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Domain users cannot logon to domain ... is lost no domain users cannot logon anymore on DC3 and DC2. ... - Make sure that all servers are reachable by FQDN, using Dns Secondary ... DC1: Domain.net ... Primary DNS: DC1 and DNS Suffix Search List: Dc3 and DC2 ... (microsoft.public.windows.server.active_directory) Re: Logon Server ... Everyone was pointing to DC1 or DC2. ... All these user are having the LOGON server as DC3. ... (microsoft.public.win2000.active_directory) Re: AD replication thru firewall ... just one DC) in the DMZ!. ... DC1, DC2 are in the same network and are acting as domain controllers. ... Idea was to add a third one (DC3) which would be behind a firewall (in ... replicate within the tombstone lifetime. ... (microsoft.public.windows.server.active_directory) Re: Domain users cannot logon to domain ... DC2 forwarding to DC3 and DC1 ... make sure that each dns only point to itself under their NIC Properties ... (microsoft.public.windows.server.active_directory) Re: Migration to new DC ... DC2 Windows2000 GC ... I transfert this morning the roles from DC1 to DC3. ... to a DC in the child domain, ... (microsoft.public.exchange.connectivity)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)