• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1485
  • Last Modified:

Change Network address from 192.1.1.0/24 to 192.168.15.0/24 on W2K SP4 Single domain network (Inherited problem)

What is involved if I change the IP addressing on a AD domain.  What will break.  I understand I must update the router etc. and need no help there.

Must I delete the DHCP scopes or can I edit them?  

Must AD integrated  DNS zone be deleted and readded.

I am moving the network to W2K3 R2 by adding a second server.  Do I do that first and then correct IPs or correct IP issue and then move.  This is currently a single Server with all AD functions and 25 desktops.  

The previous techs must have believed that 192.1.1.0/24 was private.  They did not understand this is actually a public address space so currently if anyone of this network needed to visit any site using 192.1.1..X they would be unable to since they call it home  <G>.

This is nothin.  You should see some of the other stuff.

Thanks

Doug
0
dcohn
Asked:
dcohn
  • 4
  • 2
2 Solutions
 
rafael_accCommented:
That's funny :)) Now u made me curious!! wot other stuff ??  :D:D

To be honest, i've never done this before. But considering how AD works, I think you should follow a similar path as bellow:

. temporary discconect clients from the network
. change the static addresses first (the servers, dhcp, dns ...)
. repair you AD related DNS records (see bellow how to do this)
. create another scope (a valid one) in the dhcp server
. exclude the first one (do not just delete it)
. update client pointing them to the right services (like DNS).
. setup a logon script for all users: "ipconfig /release and ipconfig /renew"
. reconnect your clients


Basically, you must reconfigure DNS - remember AD is dead withouth DNS working properly. You should also make sure there are no static bad ip assignements in the dhcp


===========================
How to repair the DNS record registration
===========================
To repair the Active Directory DNS record registration:

Check for the existence of a Root Zone entry. View the Forward Lookup zones in the DNS Management console. There should be an entry for the domain. Other zone entries may exist. There should not be a dot (".") zone. If the dot (".") zone exists, delete the dot (".") zone. The dot (".") zone identifies the DNS server as a root server. Typically, an Active Directory domain that needs external (Internet) access should not be configured as a root DNS server.

The server probably needs to reregister its IP configuration (by using Ipconfig) after you delete the dot ("."). The Netlogon service may also need to be restarted. Further details about this step are listed later in this article.
Manually repopulate the Active Directory DNS entries. You can use the Windows 2000 Netdiag tool to repopulate the Active Directory DNS entries. Netdiag is included with the Windows 2000 Support tools. At a command prompt, type netdiag /fix.

To install the Windows 2000 Support tools:
Insert the Windows 2000 CD-ROM.
Browse to Support\Tools.
Run Setup.exe in this folder.
Select a typical installation. The default installation path is Systemdrive:\Program Files\Support Tools.
After you run the Netdiag utility, refresh the view in the DNS Management console. The Active Directory DNS records should then be listed.

.: The server may need to reregister its IP configuration (by using Ipconfig) after you run Netdiag. The Netlogon service may also need to be restarted.

.: If the Active Directory DNS records do not appear, you may need to manually re-create the DNS zone.

.: After you run the Netdiag utility, refresh the view in the DNS Management console. The Active Directory DNS records should then be listed. Manually re-create the DNS zone:

source: http://www.howtonetworking.com/server/dns.htm#How to reinstall the dynamic DNS in a Windows 2000 Active Directory



I must admit this may  not be 100% accurate. As I said, I've never done this. Hope this info is of some help though.

cheers
0
 
dcohnAuthor Commented:
Well considering this is their only server I cannot do this based on your honest answer.  THANK YOU!!

But I will have to add my W2K3 server first maybe and MAYBE create a new AD forest etc.  I just hate the idea.

ANyone else????
0
 
rafael_accCommented:
It is not a "honest" answer but a answer according to the knowledge I have and research I have done, which of course, you can accept or not. Additionally, I'm sure you have heard about backups or of any other means of minimizing risks of such network changes (for example, Ghost). And I'm also sure that you are aware that some changes, must be done off woking hours...

If you want to create a new forest ... go for it.... Make sure the actual network is not using a changed AD schema first.
And also, I don't see how this operation (of adding a new forest) is less risky comparing to what I have suggested.

I do understand your concerns about what I suggested! I just think there are many other ways one could appreciate someone who is trying to help you - like thinking first about it, and then, considering his own knowledge, judge accordingly.

Now ... what you are going to do ... it is really a matter of choice.

good luck.
0
[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

 
dcohnAuthor Commented:
If I sounded unappreciative them I apologize as it was the furthest thing from my intent.

I respect your answer as one coming from a sound technician and know it has merit.

The issues, which I did not explain, are that I really wanted to hear some magic answer that would have been basically very little work with almost no risk.

I have an image of his system from some Acronis Server backup he has running BUT it uses a built in IOMEGA REV drive which the owner, who deals with the daily drive removal, said was stuck today. (THe tape/disk was stuck in the machine)

I mean their backup was installed on the same server they backup.  While I have seen people do this before in small companies a $10 million dollar business with 25 plus employees deserves better IMO.

I am not sure that a new forest is as risky.   A New seperate server is what I mean. But I am not sure is the key here.  While your response is very professional I probably got thrown by the last line.  I also answered too quickly and while I was in the middle of assisting my guys with another remote server recovery from another resellers mess that we recently took over.

We are slow movers sometimes as we believe in redundancy first and foremost but that surely does not change the validity of your suggestion.

Let me get through this day and loook at it again when I am not so stressed.

And again I said THANK YOU because I really meant I appreciated your help very much.  But again I wanted the Magic most likely non existent solution,.

Thanks

Doug
0
 
rafael_accCommented:
Ok. I would like that someone come with a magic solution as I'm always keen to learn from other's experience - as I said, I never came through a similar situation like this one.

I hope someone turns up...

I will still make some research and if I find something of interest, I'll post it here

regards,
0
 
MikeeMiracleCommented:
I think you might be overcomlicating this.  If you reboot the box after you have changed the IP address then Windows will re register it's services with the DNS server using the apprpriate new IP address.

I have a testbed with a single server setup of Windows 2k3 and Exchange 2k3 and I can changed it's IP address twice without breaking anything.  If you think about it, what if you wanted to relocate the server to another location, MS can't force you to do a full re-installation each time.  

If your really paranoid then an alternative is possibly to have two network cards in the server with one on the existing network and one on the new network.  This allows you to migrate clients at will between the networks but maintain the link to the main server throughout.
0
 
rafael_accCommented:
Changing locations, doeesn't necessariliy imply changing the internal ip address space ...
But I agree that this may be sim[pler than it looks.... I'll keep checking this aas I'm curious how this goes on

cheers
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now