Solved

DC to PDC now or later -- that is the question

Posted on 2004-09-10
7
297 Views
Last Modified: 2010-04-14
I'm promoting a 2003 server to the PDC on my domain.
It's currently a DC.
I'd like to test an XP machine on the 2003 server as the PDC, but the users are pointing to and
using the data on the 2000 server that's currently the PDC (which will only be a DC, after I promote the 2003 server to the PDC).
So this is my question, should I make the 2003 server the PDC now, or will demoting the 2000 server while the users
are still using it adversely affect them by perhaps keeping them from accessing files.
Is it safe to make the 2003 server the PDC now - I'll be switching all of the FSMO roles over to the 2003 also.

Thanks in advance for your assistance.
0
Comment
Question by:AccessMaster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 16

Assisted Solution

by:JamesDS
JamesDS earned 20 total points
ID: 12024519
AccessMaster

Under Windows Active Directory the PDC does not exist. There is a FSMO role (1 of 5 roles) that is called the PDCEmulator, but this is not the same thing.

If you wish to transfer roles, then you can do that anytime you like without adverse effect, provided you maintain connectivity between the DCs and both DCs are GCs.

So to answer your questions: If you like, no, yes, great!

Hope this helps!

Cheers

JamesDS
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12026209
Thanks JamesDS,,, i write that exact same thing every day in this forum.. people are stuck in NT 4.0 PDC BDC mode still for some reason.... below are some good articles that explain the placement and movement of the five FSMO roles:


http://support.microsoft.com/default.aspx?scid=kb;EN-US;223346

http://support.microsoft.com/default.aspx?scid=kb;EN-US;255690

http://support.microsoft.com/default.aspx?scid=kb;en-us;255504
0
 

Author Comment

by:AccessMaster
ID: 12026559
Thanks for the responses.

O.K. take this into consideration - maybe I should have mentioned this but I didn't think it would have a impact but maybe so
with regards to whether or not I should have a GC.

My domain is a child domain in a giant forest. And I use the DNS server that belongs to the forest.
Prior to this 2003 addition, I only had a 2000 server, but now I have 3 DC's:
The original 2000 server
A test server,
and now the 2003 server.

My original 2000 server never was a GC - I was told that it didn't need to be.
But now that I'll have 2 servers on the domain, does the 2003 server (which will soon have all of the FSMO roles) need to be the
GC for the domain. Or do I need a GC at all?
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 25

Accepted Solution

by:
mikeleebrla earned 30 total points
ID: 12026629
I would say that you definetly need a GC somewhere.  I assume that you are in a different physical site from any other GC?  Besides that it doesn't hurt to have a DC a GC.  Also note that (as noted in article 255690) above that there is only one schema master and one Domain naming master per FORREST,,, which means that if you make your 2003 server a schema master and a domin naming master as you indicated in your above post, then this role will be REMOVED from where it is now,  which will probably piss whoever is in charge of the forrest off.  Also note that replication errors can occur if the infrastucture master is on a GC.  hope this helps
0
 

Author Comment

by:AccessMaster
ID: 12026919
O.K. I see the article where  I read to transfer the 5 roles was different from my setup - they
were updating their forest and domain. I only have administrative rights over my child domain.

So really all I need is to transfer the RID, PDC, and Infrastructure Master roles, right.


0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12027137
to be honest im not sure.. the MS article above says "RID master, PDC emulator, and infrastructure master, are per-domain roles",,, and im not sure if they count a child domain as a domain or not.  To test this i would run "netdom query fsmo" on a DC in your child domain and see where all 5 roles are now. Then run it on a DC in your parent domain. This will tell you if these roles are held in your parent domain only,, or once in the parent domain, and once in your child domain.
0
 
LVL 18

Assisted Solution

by:exx1976
exx1976 earned 30 total points
ID: 12027598
RID, PDC, and IM are in EVERY domain, regardless of it's location the forest.  They are required in order for the domain to function.

From the sounds of his post, he can't run anything on the parent domain, since he only has administrative rights over his child domain..

If there are no other domains in your site that have a GC in them, then yes, you most definitely should have a GC or even two in your site.  I have 5 domains spread across three sites, and I have 10 GCs...  Two per domain.  I did this because I chose to make EVERY DC a GC..  If you go this route you can ignore the IM role since it is not necessary anymore.  However, I would suggest checking with the guys who maintain your parent domain before you go screwing with any of this stuff...


HTH,
exx
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question