Windows 2003 - Promote and Demote


My domain controller is about ready to die so I setup a new Windows 2003 server. How do make sure the new server has all of the Active Directory accounts before I demote the failing domain controller? What is the easiest and safest way to make the new server the domain controller so that I can work on the other server?

Who is Participating?
Jay_Jay70Connect With a Mentor Commented:
Hi jhieb,

can be done quite easily with a clean install of the new server

**Note - If introducing a 2003 R2 Server into the network as a DC you will need to run the ADPREP tools from the second cd


you can also download here

this boosts the schema up to cope with R2 functionality

1) Promote your new machine as an additional domain controller in an already existing domain - this will allow AD to replicate to the new server
2) Make sure DNS is AD integrated on your old DC to allow all DNS replications also
3) Transfer the FSMO roles to the new server;en-us;255690
4) Make the new DC a Global Catalog under Sites and Services
5) Deactivate DHCP on the old DC (if used) and recreate the scope on the new DC
6) Run DCDIAG to make sure all is well and replication is fine
7) Demote the old DC if you dont intend to keep it as a backup
8) Recreate Shares etc on the new server
9) Reinstall printers and share them etc....
10)Take over any DHCP roles etc that the old DC held

this will allow you to have the complete AD directory on the new DC and clients will barely be aware of any changes
jhiebAuthor Commented:

Thanks. I've tried something similar to this once before and I ran dcpromo. When I did that my new server kept giving me errors. I can't remember what those errors were.

Please elaborate on Step#1: How should I promote the new workstation to be an additional controller? Can I do this in the wizard?

Yes, DNS and DHCP is on the old server.

Please elaborate on Step#3:  What is and how do I transfer teh FSMO roles to the new server? Do I need to do this?

Please elaborate on Step#4: How do I do this and is this necessary?

Is there anything I need to be cautious of? I don't mind if I have to redo the new server but I don't want to take down or screw up the old server until the new one is working properly.

1) Step 1 is simply running dcpromo and adding and adittional Domain controller

2) Step 3, FSMO roles are crucial to domain functions, the answer is yes, especially if your domain controller is dying, dont wait until it dies!

3) Step 4 is once again a yes, you open up AD sites and services under admin tools, scroll down till you find your new DC, expand down to the NTDS setting, right click, properties, tick the GC box

as long as you follow the links above with FSMO roles, then you should be fine, i have done this who knows how many times using that exact procedure
jhiebAuthor Commented:
Thanks your all your help!
no problem

all the best
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.