We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now


Swapping out Domain Controller hardware (need to make sure all bases are covered)

deh5 asked
Medium Priority
Last Modified: 2008-01-09
We are getting ready to swap out or domain controller hardware and want to make sure we do this right. Right now we have 2 domain controllers, one is Windows 2003 and one is Windows 2000. We are going to keep the same names and ip addresses on these servers. I have a few questions reguaring this process.

1. Is there any certain order we should swap out the servers? Should we do the 2000 DC first?
2. Is there any reason to do an inplace upgrade on the 2000 DC before we swap out the hardware?
3. FSMO roles are spread out betwen the two DCs. We should transfer all of the roles before swapping out a server, transfer them to the new one before swapping out the remaining DC. Is this correct?
4. When we swap out the first DC is it as simple as running dcpromo and the AD info will be synchronised onto the new server? I'm assuming there will be some manual work involved.
5. What are we missing? My colleague and I have both built several domain controllers but have not done as hardware swap. This will be a learning experience for both of us.

Thanks in advance for your input.
Watch Question

I would upgrade the Windows 2000 DC to Windows 2003 just so that all DC's are Windows 2003.

This is how I would do it...but there are several ways:

1) inplace upgrade the Windows 2000 server to Windows 2003
2) Add the two new servers to the network as member servers.  
3) Run DCPROMO on both and join the existing domain
4) transfew the FSMO roles to the new servers. (http://support.microsoft.com/default.aspx?kbid=324801&product=winsvr2003 )
5) Make the new DC's GC's... and remove the GC from the old servers:  http://technet2.microsoft.com/WindowsServer/en/Library/7b1c3e1c-ef32-4b8e-b4c4-e73910575f611033.mspx
6) wait and make sure DCDIAG and DNS looks right..  Also run Netdiag ... Use replemon to verify replication...  And validate that you can create new user accounts ...and that these show up on the new DC's.
7) Add the DNS role to each DC...and any other roles that your existing DC's might have ...like DHCP or WINS.
8) point your environment to use the NEW DNS servers....including your old DC server... point these to your new DNS servers...
9) run DCPROMO on the old DC's and choose to remove the domain controller roles.

At this point, your old DC's are out of AD.  Now, delete the computer accounts for these DC's in the domain (us AD users and computers).

Now...if you want to rename these computers, you can.

Now ... if you want to change the ip of these computers, you can... but make sure that you plan for the updates of DNS, WINS, etc for you clients.  If you are using DCHP, this is very easy to accomplish.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.