Windows 2000 - replacing domain controller

Posted on 2004-11-04
Last Modified: 2012-05-05
Looking at the best method of  windows 2000 server replacement.  The question is, current platform windows 2000 server running as domain controller. Want to replace with new server running windows 2003 - need to keep server name \domain the same and transfer active directory. Network in question has over 200 workstations running XP. Want options as to best method of completing the changeover with the least problems. Aware of using third temporary server to transfer roles as one option but would like other options.

Question by:iamgod
    LVL 70

    Expert Comment

    by:Chris Dent

    For the least problems the use of a temporary server is highly recommended (although I realise you want other options). If an inplace upgrade fails then you would have to restore AD from backup and start again. The potential for client connectivity problems or general domain problems in that scenario is high. Of course if the backup fails to recover then the domain is lost as well.

    Alternatively, if you can live without the same server name (everything remaining the same) then the following procedure would work:

    1. Perform from the Windows 2003 CD run the following on your current Domain Controller:

    ADPrep /forestprep
    ADPrep /domainprep

    These prepare Active Directory for the 2003 Server by expanding the schema.

    2. Build and add the Windows 2003 Server. Use DCPromo to make it a Domain Controller

    3. Transfer the FSMO Roles onto the Windows 2003 Server and make it a Global Catalog

    4. Set-up DNS and any other network services on the Windows 2003 Server, ensure that clients and any other servers are pointing at them.

    5. Turn off the old server and confirm that everything works correctly (run for a few days with that server down).

    6. Turn the old server back on and run DCPromo again to remove it from the domain.

    The only difference between this and the temporary server method are repeating the procedure, building a server back onto the old server name. Is there any particular reason the old server name is required?
    LVL 6

    Expert Comment

    I agree with Chris-dent, that although a temporary server is not the most time economical is certainly going to allow for a MUCH cleaner upgrade, and will enable you to use the same DC name (even though, I also want to understand why computer name matters....if you are sharing files, just change the server UNC path in login scripts etc).
    LVL 6

    Expert Comment


    I would install 2000 on the new server and then promote it to the PDC.  After the new box is the PDC force sync to make sure that your old and new server are in sync.  Then just upgrade the new box running 2000 to 2003 :)
    LVL 1

    Author Comment

    thanks for comments , chris dent , rustrpage and tmwisy. Keeping the same server name is not essential but it can overcome some issues. The home folder path for each account needs to be changed if using a different server name, also virus scanners reference server by name.  Essentially, the transfer of computer and user accounts and related shares between servers (methods of)  is what i really want looking at exploring.
    I'll leave question open for a few more days and then i award points.
    LVL 70

    Accepted Solution


    The Computer and User accounts will travel with the Domain Controller role, the FSMO roles would have to be reassigned prior to decommisioning the old server of course though.

    The Shares are a little more difficult, but depending on the number of them probably wouldn't take long to recreate.

    For Files there are programs such as Robocopy (part of the Server Resource Kit) that will allow you to copy and preserve permissions on files and folders between servers. You can find a command reference for that one at

    As far as I remember the Folder Path for the computer accounts can be changed in one step by selecting all accounts and altering that, however, if the path isn't based around an environmental variable like %username% that can be more difficult.

    I don't have an answer for the AV Software, it depends which it is and what kind of management for it you have in place.

    Even with all of the above I still recommend adding a second server to the domain, nice and safe.

    Featured Post

    Courses: Start Training Online With Pros, Today

    Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

    Join & Write a Comment

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    Read about the 3 stages of the buyer's journey: awareness, consideration, and decision.
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    This video discusses moving either the default database or any database to a new volume.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now