Re: Advice on Replacing First Domain Controller in Forest/Domain
- From: Meinolf Weber <meiweb(nospam)@gmx.de>
- Date: Sat, 2 Aug 2008 14:18:06 +0000 (UTC)
Hello Zoey,
See inline.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Meinolf,
Couple of more questions for you.
(1) How much free disk space is needed during the dcpromo (demote)
process?
I have about 1.02 GIG of free space, and i've cleaned up as much as i
possibly can. Is this enough free space? I've googled and couldn't
find any
links. Do you have a link you can provide?
1 GB should be enough. I don't have a link.
(2) The new DC i'm installing to replace the DC I want to demote comes
with
Windows Server Standard 2003 (SP2). The other 2 DCs have Windows2003
Standard with SP1. I'm running low on space on the other 2 DCs as
well (I
know I need about 1.6GIG of free space to update to SP2) as I have
under a
GIG of free space on both. Will this cause problems if one DC in the
forest
has SP2 and the other 2 have SP1?
No, SP level is not important, they can run together. You talked about that you have cleaned up your drives. If you describe what you have done, maybe we find additional options to free some space.
(3) The new server we purchased will come with a RAID 1 mirror (73GIG
SAS
Drives) on the C partition and a RAID 16 (4x146 SAS Drives) on the 2nd
partition. It will also have 2 Quad core processors. Is this
overkill?
Not an overkill, powerful. I would choose this one for the main DNS and configure all clients to use it as preferred and another DNS as secondary.
Thx,
Zoey
"Meinolf Weber" wrote:
Hello Zoey,
Again inline.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hello again Menolf,Yes.
You have been so helpful, I appreciate your time. I hope you don't
mind a
few more questions.
(1) For the DHCP server, I have the DNS 015 option pointing to the
primary
dns server. Do I need to add the secondary DNS server as well?
(2) If my primary DHCP server goes down, should I have the dhcpIf you have a really short lease time, you should think about a
scope
restored to a 2nd server until this comes up (like during the
demotion
of the
one i'm replacing)?
second DHCP
server and split your scope 50/50 to both servers. Otherwise with the
default
lease time from 8 days, it should be enough for shorter outtage times
then
4 days. See here for split DHCP:
http://technet2.microsoft.com/windowsserver/en/library/75cd0e1f-f464-
40ea-ac88-2060e6769f331033.mspx?mfr=true
(3) Let me see if I understand the DNS correctly:Yes, unused NIC's on DC's should always be disabled. If you still
* On the 9 Member servers, I need to add the alternate (secondary
DNS)
* On the 3 DCs I need to add the alternate. I have problems
adding the
alternate (secondary DNS) because I get the following error
- alternate (secondary DNS) because I get the
following
error:
Warning - Mutiple default gateways are intended to provide
redundancy to
a single network. They will not function properly when the gateways
are on
two separate networks. Do you want to save the configuration. These
2
DCs use to server a 2nd subnet that is no longer in use, but I still
have an IP Address on the 2nd NICS. Should I disable this card and
then try to add the alternate DNS server again?
like to have it enabled, delete the old ip configuration. But better
disable it.
Sorry for the long noted email. I appreciate your feedback one last
time.
Zoey
"Meinolf Weber" wrote:
Hello Zoey,
See inline.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hello Meinolf,Ok.
Thanks so much for this info. This gives me a much better
guideline
to
follow. Let me give you a better description on my environment,
and
then i'll
hear your thoughts again:
(1) On our primary server I have the DNS server set as active
directory
integrated dns.
(2) On a second server I have dns configured with active directoryYou can do it this way, i prefer itself as preferred and the other
integrated. On the name servers tab I have the primary dns and
this
seondary
dns.
as secondary, also for the other DNS server. Also see here:
http://support.microsoft.com/kb/825036
(3) However, on all my servers everything is pointing to theIf you have more thee one DNS server, also configure all other
primary.
Question for you, do I need to go into the TCP/IP settings of each
server and
add the secondary dns server as the alternate dns server?
servers and also workstations to use both machines as DNS server.
(4) The primary server also is the DHCP server. I assume I justFollow this one for DHCP:
need
to
back up the c:\winnt\system32\dhbp\backup folder and then I export
it
to the
new server?
http://support.microsoft.com/kb/325473
(5) On this primary server I have 4 of the FSMO roles here. TheIn a single forest domain you can leave all 5 FSMO roles on one
PDC emulator role is on another DC. I will transfer all FSMO roles
here.
server. I would also make all DC's Global catalog server in this
case.
(6) One last question. Right now when I shut down the primaryThe reason is DNS, all machines needs a DNS server to connect to
server,
no
clients can connect. Can you figure out from reading my
description
of our
network, why is it no clients can connect? Is there something i'm
doing
wrong?
the domain. You said you use only one DNS server on all machines,
if this DNS server is down, nobody can connect. Configure a second
DNS server for all members.
I just want to make sure when I promote the new server, that
we don't
have this issue again.
Thanks so much for replying. I look forward to reading your reply
to
this latest post.
Thanks,
Zoey
"Meinolf Weber" wrote:
Hello Zoey,
Move the 5 FSMO roles to one of the other DC's, also make sure
that minimum one other DC is Global catalog server.
FSMO:
http://support.microsoft.com/kb/324801
GC:
http://support.microsoft.com/?id=313994
For DNS i would use Active directory integrated zones. So all
changes
replicate with AD and you are also have allways a writeable DNS
server instead of using a secondary, which stores a read-only
copy.
Run replmon, dcdiag and netdiag on all DC's to check for errors,
if
you have some post the complete output from the command here or
solve them first.
If all is fine, demote the old DC with dcpromo to remove it
correctly from AD. If it is now a member server, you can rename
it and also give it a new ip.
Now you can install the new server as member with the old name
and old ip address and then promote it to a DC. If needed you can
also make DNS server. If you have a single forest domain i would
also make all DC's Global catalog server.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
Hi All,
We are planning to replace the original domain controller that
was the first dc when we upgraded our network to Windows2000 and
then to Windows2003. We have a single Windows2003 native forest,
single domain, with 3 domain controllers all running Windows
2003 Server with Service Pack 1. The server to be replaced holds
the all the FSMO roles, except for the PDC Emulator. We are
running Active Directory Integrated DNS on the server we are
replacing and we have a secondary DNS server (integrated DNS) on
one of the other 2 DCS.
It is critical for us to keep the same server name and IP
address for the new server, because all domain controllers and
member servers (10 of them) are pointing to the server we are
replacing, as well as several devices on our network.
I have done some google searches, but I have not been able to
nail down any step by step instructions for how to keep the same
server name and IP address. I can't find any documents or
whitepapers from Microsoft that detail the proper steps on doing
this.
Thanks in advance for any tips or useful links
Zoey
.
- Follow-Ups:
- References:
- Prev by Date: Re: Advice on Replacing First Domain Controller in Forest/Domain
- Next by Date: Re: Not Creating Computer Accounts - Strange Issue
- Previous by thread: Re: Advice on Replacing First Domain Controller in Forest/Domain
- Next by thread: Re: Advice on Replacing First Domain Controller in Forest/Domain
- Index(es):
Relevant Pages
|
Loading
