RE: Provide feedback to DC promotion/replacement

Masterplan,

Can you elaborate what the functinal level must be set to Windows Server
2003 mean?

I read it in the article too.

Are you saying all servers should be windows 2003 or just that server cannot
provide any more services than it needs?

By default, does the CA intalled?

Thanks,
Tnt

"Masterplan" wrote:

To rename a domain controller using the Netdom.exe tool, the domain
functional level must be set to Windows Server 2003. Take care if you have
certificate authority on a dc, because domain controllers running Certificate
Authority services (CA) can never be renamed.

Good luck!

"agt" wrote:

You might run into few problem there.
1. Once promote DC3 into DC. You can not rename.
2. Make sure DC3 has GC enable.

"tnt" wrote:

Guys,

I posted this question a while back, but never had time to run through the
test. Anyways, here is the info:

We have DC1 & DC2 (domain controller & DNS). My goal is to replace DC1 in
the near future since the raid 1 controller failed on us (no more raid). On
DC1, we also have the TS Licensing Server.

Part of the goal is to add DC3 (domain controller) into the domain and then
in the long run demote DC1 (retire for good) and rename DC3 to DC1. Right
now DC1 has all the master operation roles.

Here is what I like to do in different timeframe (the week sequence is just
an example that I like to do in different time):

Week 1

1) Join DC3 to domain.
2) Install DNS and do nothing since it will replicate from AD
3) Promote to DC
4) Netdiag/dcdiag tests

Week 2

1) Transfer FSMO roles from DC1 to DC2
2) Netdiag/dcdiag tests


Week 3

1) Demote DC1 and bring it offline.
2) Rename DC3 to DC1 and reuse old IP address of DC1 (using
netdomcomputername).
3) Reinstall TS Licensing Server on the new DC1 (Call MS to reactivate
licenses)
4) Netdiag/dcdiag tests
5) Pray (joke).


Questions:

1) What else do I have to do besides the FSMO roles transfer? Also, during
this procedure, would it affect live production-meaning any users/clients?

2) On week 1, client workstation still use DC1 & DC2 as their DNS, so
nothing will change with them.

Please provide feedback. I will post more questions as I go.

Thanks,
TNT



.

Relevant Pages

  • RE: Firewall Rule Set not allowing access to DNS servers?
    ... # Allow out access to my ISP's Domain name server. ... Firewall Rule Set not allowing access to DNS servers? ... but I never said dc1 was my inside nic. ...
    (freebsd-questions)
  • Re: 2k3 keep hanging?
    ... Verifying that the local machine DC1, ... Connecting to directory service on server DC1. ... Latency information for 1 entries in the vector were ignored. ... The File Replication Service SYSVOL ready test ...
    (microsoft.public.windows.server.general)
  • Re: how to find "step by step" articles to learn windows 2003 AD?
    ... Sites by Using ISA Server in Windows 2000 and Windows 2003" ... Additional Help Files for Windows Server 2003" ... http://support.microsoft.com?kbid=323360 "How to install and configure a DHCP ... http://support.microsoft.com?kbid=323381 "HOW TO Allow Remote Users to Access ...
    (microsoft.public.win2000.advanced_server)
  • Re: Netlogon not working when one DC is down..
    ... Verifying that the local machine dc1, ... Connecting to directory service on server dc1. ... Latency information for 6 entries in the vector were ignored. ... The File Replication Service SYSVOL ready test ...
    (microsoft.public.windows.server.active_directory)
  • Re: Installation Failure - Error Code 0x80244018
    ... You experience problems when you access the Windows Update Version 6 Web site through a server that is running ISA Server ... .101 is pruned out due to potential supersedence ... [CallerId = MicrosoftUpdate] ...
    (microsoft.public.windowsupdate)