Solved

should we create a new domain or transfer the existing domain..........?

Posted on 2006-07-10
3
163 Views
Last Modified: 2010-04-18
Hi there, I would be very grateful if I could have some advice on this as we are in the middle of two scenarios and we are unsure which one to take!!

Within this school we have two old clone servers running Windows 2003 server, one a domain controller and the other a secondary (called HW and HW1). The two clone servers are about 4 years old and we have never been comfortable with the server hardware and we have had issues where the HW server has gone down apparently due to dns and hardware related.  As a result there is little confidence in the current Active directory/dns.  There are appx 120 users.

In addition to these two servers there are various other member servers plus 3 clustered terminal servers.  Terminal services is mainly used on this domain and within group policy there is a ts lockdown policy which restricts all ts users.  This is fine.  

We are going to replace the two old clone servers with fresh new HP dl380 servers but we are unsure whether to transfer the existing active directory across and making one of the two new servers a global catalogue and then demote the old servers or create a new domain from scratch.  I know if we did it from a afresh we would not inherit any issues but we would create alot more work for ourselves by then having to add all the users in again and then re-create all the policies.  

Is there a way for us to transfer what we have but to make sure that what does come across will work without any inherited dns problems..??  Could it be that it was the hardware that cuased these issues and by simply moving at all over to new equipment it will get resolved anyway..???

The main problems were dns and authenticating, any advice here would be gratefully received.

Thanks

Phil


0
Comment
Question by:philipgecko
3 Comments
 
LVL 33

Accepted Solution

by:
NJComputerNetworks earned 250 total points
ID: 17073751
I would attempt to fix the domain now.  If you can fix the domain and get things working without errors, then there will be no need to recreate the domain from scratch.

1) make sure that your DNS servers are ACTIVE Directory INTEGRATED...  (go into the DNS Console...  Highlight - one a t a time- your Forward lookup zones...  Click PRoPERTIES from the drop down box.  On the General tab, make sure that the type = Active directory integrated.

2) All clients and servers should be pointed to internal DNS servers ONLY.  for example:

DNSServer1 Settings
Server NAme:  DNSServer1
IP: 10.10.10.5
Subnet: 255.255.255.0
Gateway: 10.10.10.1
DNS1: 10.10.10.5 or <127.0.0.1>     <--- Server must point to itself for DNS
DNS2: 10.10.10.6

DNSServer2 Settings
Server Name:   DNSServer2
IP:  10.10.10.6
Subnet:  255.255.255.0
Gateway:  10.10.10.1
DNS1:  10.10.10.5
DNS 2: 10.10.10.6

Clients Settings
Client Name:  Workstation1
IP:  10.10.10.25
Subnet:  255.255.255.0
Gateway:  10.10.10.1
DNS1:  10.10.10.5
DNS2:  10.10.10.6

0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question