Re: Advice on Replacing First Domain Controller in Forest/Domain

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Hello Zoey,

See inline.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Danny,

Thanks for the info. This has been the most helpful info i've
received so far. Thanks to you, I almost have a plan :} I just have a
couple of more questions:

(1) At any point do I need to run the metabase cleanup function (From
this
link):
http://technet.microsoft.com/en-us/library/bb727062.aspx

Normally not. If the demoting fails, then you have to run metadata cleanup. If you got an error during the first try, check if the DC is still Global catalog server, if yes uncheck the GC and try again.

Here it is also for 2003:
http://support.microsoft.com/kb/216498

(2) This is our everything server (DNS, DHCP, WINS). Clients cannot
connect
when this server is down.

Make sure that all clients use more then one DNS server, so they should be aible to logon, even if the main DC is down.

I work at a private school that is a 24x7
type
environment. Downtime needs to be minimal. I realize you mention the
replication of the demotion of this server can take some time. This is
a LAN.

DNS replication, when usinf AD integrated zones can take up to 15 minutes, insite Active directory replication is normally really short. But you should think about to do the changes at close of business or at weekend times.

I'm guessing it shouldn't take too long. Just wanted to run that
thought by
you again.
Thanks again

"Danny Sanders" wrote:

Of course you should do this over the weekend or off hours and after
a confirmed good backup.

Setup the new server with a temp name and temp IP address as a member
server in the domain Point it to the "other" DNS server in the
domain, not the one you are going to remove.

Transfer the FSMO roles from the first DC to another DC in the
domain: How To View and transfer FSMO Roles in the Graphical User
Interface

http://support.microsoft.com/default.aspx?scid=kb;en-us;255690

How to view and transfer FSMO roles in Windows Server 2003

http://support.microsoft.com/default.aspx?scid=kb;en-us;324801

Run dcpromo on the server you want to remove to make it a member
server. At this point you can rename this server to servernameOLD and
change the IP address to an unused IP address. In my experience, at
this point you will have to wait and let the demoted DC replicate out
of AD. Depending on when you make the change and when replication
happens it may take a while. Usually at this point I go to bed and
finish in the morning.

Next step would be to rename the member server you gave a temp name
and IP address to it's final name and IP address and promote to DC,
install DNS and Change the server to point to itself for DNS, the DNS
info will replicate to the new DC. Setup DHCP if necessary and
robocopy files to the new server if
necessary.........................Test.

Done

hth
DDS
"Zoey" <Zoey@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BEE03922-F8F3-4ACA-95A5-448C0963B0DF@xxxxxxxxxxxxxxxx

Hi All,

We are planning to replace the original domain controller that was
the
first
dc when we upgraded our network to Windows2000 and then to
Windows2003. We
have a single Windows2003 native forest, single domain, with 3
domain
controllers all running Windows 2003 Server with Service Pack 1. The
server
to be replaced holds the all the FSMO roles, except for the PDC
Emulator.
We
are running Active Directory Integrated DNS on the server we are
replacing
and we have a secondary DNS server (integrated DNS) on one of the
other 2
DCS.
It is critical for us to keep the same server name and IP address
for the new server, because all domain controllers and member
servers (10 of them) are pointing to the server we are replacing, as
well as several devices on our network.

I have done some google searches, but I have not been able to nail
down
any
step by step instructions for how to keep the same server name and
IP
address. I can't find any documents or whitepapers from Microsoft
that
detail
the proper steps on doing this.
Thanks in advance for any tips or useful links

Zoey



.

Relevant Pages

  • Re: SBS 2003 and Replication Errors with Remote DC
    ... alpha server as soon as you can to get things going. ... A simple DNS replication test is to create a host record in the SBS server ... Domain Controller Diagnosis ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 and Replication Errors with Remote DC
    ... I did make the changes that you suggested on the DNS of my alpha server and rebooted. ... I did run the simple DNS test that you suggested by adding a host record to my SBS server. ... A simple DNS replication test is to create a host record in the SBS server and wait till it shows up in the remote server. ...
    (microsoft.public.windows.server.sbs)
  • Re: how do i move primary DC from one machine to another
    ... Test omitted by user request: DNS ... Connecting to directory service on server WIN2003DC. ... Replication Site Latency Check ...
    (microsoft.public.windows.server.general)
  • Re: error 8254 DNS Lookup failure
    ... FYI, I repointed the DNS to one server, deleted the contents of _MSDCS ... > in the same site, Replication has been fine up until yesterday, the ... > Starting test: CrossRefValidation ...
    (microsoft.public.win2000.dns)
  • Re: WINS and DNS issue
    ... When I said the that DNS server is configured to to replicate to all other ... Ive had a look at the options under replication, ... It says to set this if you want a 2000 server to load the zone. ...
    (microsoft.public.win2000.dns)