Re: Migrate 2003 domain to 2008 domain

Hello. So, it is basically not a recommended approach to reuse the IP address
of the seized domain controller even it is being replaced with a new box, new
name and all. Am I correct? Thank you.

"Isaac Oben [MCITP,MCSE]" wrote:

Hello KC,
You can use a simple script in powershell or vbscript to accomplished this.

--
Isaac Oben [MCTIP:EA, MCSE]
"KC" <KC@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:05D5D1CE-17B4-4B16-B69C-678AC31C7785@xxxxxxxxxxxxxxxx
Hi Meinolf, thank you for the response. If the environment has over
thousand
of clients, changing the DNS settings per client might not be very
practical
if you have limited staff. Is there a way where you still do the
replacement
with new server hardware and with new server name but you reuse the old IP
address for DNS sake? Thanks again.

"Meinolf Weber [MVP-DS]" wrote:

Hello KC,

See inline

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


Thank you Isaac for the quick response. If I understood you correctly,
the migration procedures/steps should be as follows:

1) Install Win2003 SP1 or SP2 on all three Win2003 DCs.

SP2 and all latest patches to make sure the OS is complete for the
upgrade
to 2008.

2) Run repadmin /showrepl, dcdiag and netdiag on the DC then check for
any
error.

Check any DC for errors.

3) Run adprep.exe /domainprep /gpprep then run adprep.exe /rodcprep on
the
infrastructure master role holder DC.

You have to start with adprep /forestprep and then /domainprep, /gpprep
is
not needed when upgrading from 2003 (you can run it if you like). Also
run
adprep /rodcprep to prepare for Read-only domain controllers, maybe you
like
to have them in the future and so this is done. If you have split the
FSMO
roles you have to choose the correct FSMO DC, thats fine.

4) Run adprep.exe /forestprep on the schema master role holder DC.

See above.

5) Join the two new Win2008 servers on the domain as member server.

Ok, make sure to point the preferred DNS only to one acting DC/DNS server
until replication after promoting later is done.

6) Add the AD DS role without DNS server and GC on to the two Win2008
servers.

Why? Do it direct during promotion, no problem and all is replicated
complete
AD, DNS and GC.

7) Verify all DC replications are fully functional and check for any
error.

To use netdiag on 2008 you have to copy the netdiag.exe from 2003 to the
2008 windows\system32 folder, not included as the others. Works also
without
any problem on 2008.

8) Add DNS server and GC to the newly Win2008 servers.

See above.

9) Move AD-integrated DNS zones to the newly created partitions on the
new
Win2008 servers.

See above.

10) Change the client's DNS entry on LAN settings to point to the new
Win2008 DCs one client at a time and make sure the name resolution is
working. Check the DNS event log.

Ok.

11) Use the NTDSUTIL to move the forestwide OM roles to one of the
Win2008 DC.

You can also use the AD management consoles.
http://support.microsoft.com/kb/324801

12) Use the NTDSUTIL to move the domainwide OM roles to the Win2008 DC
chosen on step (11).

You can also use the AD management consoles.
http://support.microsoft.com/kb/324801

13) Run dcpromo to demote the two old Win2003 DCs.

WAIT until you have really tested all functionality for some days. For
the
test just remove the network cable form the old DC's so that all must run
with the new ones. If every service/application/role is working as
expected,
reconnect, let them replicate again, check replication and then start
with
demotion.

14) Use ADSIEdit from Win2008 DC to retire "phantom" domain
controller.

If demotion is succesful, you have only to remove the old DC names from
AD
sites and services. Also DNS has to be cleaned up from the old servers
and
record's.

15) Turn off the two Win2003 servers.

After demotion the servers will move in AD UC to the computers container,
so you have to delete them there if you will not longer use the servers
as
member servers in the domain.

Thanks again.
KC




.

Relevant Pages

  • Re: 5 test failures on my other DC when running DCdiag
    ... I would start to check if the DNS configuration is OK in AD ... The replication generated an error: ... Cornerstone is not registered on one or more DNS servers. ... (Event String could not be retrieved) ...
    (microsoft.public.windows.server.active_directory)
  • RE: Strange Irregular DNS/Networking Problems
    ... Never heard about this kind of problem with IPv6, but think this is because it is not used so much until now. ... What i heard is that firefox or some other not MS browsers and addons make problems with DNS resolving after changing DNS servers. ... After resetting the domain controller and booting up things are back ...
    (microsoft.public.windows.server.dns)
  • Re: Replication Problems
    ... I can successfully ping the FQDN of all servers from any subnet. ... pulled up the Active Directory Replication Monitor and it shows me the x ... >> am sort of thinking that it may be a DNS problem but I am not really ... >> Event Type: Error ...
    (microsoft.public.win2000.active_directory)
  • Re: 2008 replication
    ... led me back to network setup - and I realized that under DNS we DID ... the box that said "Register connections asddess in DNS". ... I have question on the replication problems - yesterday late ... The other 2 servers were already listed there. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Migrate 2003 domain to 2008 domain
    ... Assume there is another DC with DNS and GC on the domain. ... reconnect and allow replication to occur. ... You can reuse IP addresses of seized domain controllers. ... Win2008 servers. ...
    (microsoft.public.windows.server.migration)
Loading