win2k domain advice on AD roles, need to retire a DC, what is best practice?

Hello,

I have 2 domain controllers in my domain, setup like this;

Domain Owner = SRVDC01
Infrastructure Owner= SRVDC02
PDC Owner= SRVDC02
Rid Owner= SRVDC02
Schema Owner= SRVDC01

Now, my SRVDC02 server is having intermitterant hardware problems, and is also my exchange server. I am setting up a new server to take its place. I will need to demote it with dcpromo firstly.

Will demoting it then assign the Infrastructure Owner, PDC Owner and Rid owner to SRVDC01? or will i manually have to do this??

How do i succussfully remove this Domain controller and push all its roles back onto SRVDC01?

Thanks,
93darksideAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
Transfer the roles manually before demoting the machine. The run dcpromo to promote it down. After the demotion, you might have to remove the machine from AD Sites and Services as well.

How to view and transfer FSMO roles in the graphical user interface
http://support.microsoft.com/?kbid=255690

If something goes wrong during the demotion, try this article:
How to remove data in Active Directory after an unsuccessful domain controller demotion
http://support.microsoft.com/?kbid=216498

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
BrianIT ManagerCommented:
oBdA is right on with his answer.

If you want to learn some more about FSMO roles and actually see someone transfer and seize them take a look at this.  http://www.adminprep.com/articles/default.asp?action=show&articleid=80

Brian
93darksideAuthor Commented:
Hello,

Im trying to perform the first part of the FSMO role transfers, i have used netiq adcheck to confirm which Dc is doing which role. Im on the DC i want to remove roles from and i go into AD users and computers and select itself by going to 'connect to domain controller' and selecting itself.

then when i go to operations masters and click change, it says 'the current domain controller is the operations master. to transfer the operations master role, you must first connect to it'

but when im in the default AD users and computers screen, i can see im connected to the server i want to move.

any thoughtS?
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

93darksideAuthor Commented:
its ok, i connected to the computer i want to change to and it works! i was connecting to the DC i wanted to change from

BrianIT ManagerCommented:
Hey you must have not watched the link I sent you.  You have to be connected to the new server that you want to transfer the role too!!!

Glad to see it works.  Do you need any other help with this?

Brian
93darksideAuthor Commented:
i did read it, jsut got confused!

no, all i have to do now is move 3 roles and all good!

i will do it after hours jsut in case.

how long should i let the DCs 'settle' before doing any more work?
BrianIT ManagerCommented:
It should take no longer the 15 minutes due to replication within a site.  You may want to force replication through Active Directory Sites and Services to any other domain controllers in other sites.

Brian
93darksideAuthor Commented:
sweet, i'll force it with ad site and services
davidt67Commented:
I would also suggest that you follow Microsoft recommendations and do not place MS Exchange on a Domain Controller.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.