Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users
Course Of The Month
2 days, 4 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
How to replace a primary Windows 2000 DC with a new Windows 2003 server?
Posted on 2006-11-27
We have a LAN with serveral servers. There are two domain controllers on the network: Server A is primary domain controller with Windows 2000 installed on it and as well as DHCP and DNS server. Server B is another domain controller with Windows 2003 Standard and MS Exchange 2003 running on it. I think AD is Windows 2000 AD not Windows 2003 because Server A was the first DC of Active Directory.
I'd like to get rid of Server A because of lower configuration and upgrade Active Directory to Windows 2003. We've purchased a robust Server C and have Windows 2003 installed. I'd like to have this new Server C become primary domain controller and transfer sheme master server from Server A to Server C. How can I replace Server A with this new Server C? Anything else I have to transfer from Server A? How will I do on Server A?
Thanks in advance!
Wilson
I'd like to get rid of Server A because of lower configuration and upgrade Active Directory to Windows 2003. We've purchased a robust Server C and have Windows 2003 installed. I'd like to have this new Server C become primary domain controller and transfer sheme master server from Server A to Server C. How can I replace Server A with this new Server C? Anything else I have to transfer from Server A? How will I do on Server A?
Thanks in advance!
Wilson
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
7
4-
4
17 Comments
can be done quite easily with a clean install of the new server
**Note - If introducing a 2003 R2 Server into the network as a DC you will need to run the ADPREP tools from the second cd
\CMPNENTS\R2\ADPREP
you can also download here
http://www.microsoft.com/downloads/details.aspx?familyid=5B73CF03-84DD-480F-98F9-526EC09E9BA8&displaylang=en
this boosts the schema up to cope with R2 functionality
http://www.microsoft.com/windowsserver2003/r2/whatsnewinr2.mspx
1) Promote your new machine as an additional domain controller in an already existing domain - this will allow AD to replicate to the new server
2) Make sure DNS is AD integrated on your old DC to allow all DNS replications also
3) Transfer the FSMO roles to the new server
http://www.petri.co.il/transferring_fsmo_roles.htm
http://support.microsoft.com/default.aspx?scid=kb;en-us;255690
4) Make the new DC a Global Catalog under Sites and Services
http://support.microsoft.com/?kbid=313994
5) Deactivate DHCP on the old DC (if used) and recreate the scope on the new DC, note if you have a fairly complex or Large DHCP scheme you may want to export and import the database
http://support.microsoft.com/kb/325473/
6) Run DCDIAG to make sure all is well and replication is fine
7) Demote the old DC if you dont intend to keep it as a backup
8) Recreate Shares etc on the new server
9) Reinstall printers and share them etc....
this will allow you to have the complete AD directory on the new DC and clients will barely be aware of any changes
**Note - If introducing a 2003 R2 Server into the network as a DC you will need to run the ADPREP tools from the second cd
\CMPNENTS\R2\ADPREP
you can also download here
http://www.microsoft.com/downloads/details.aspx?familyid=5B73CF03-84DD-480F-98F9-526EC09E9BA8&displaylang=en
this boosts the schema up to cope with R2 functionality
http://www.microsoft.com/windowsserver2003/r2/whatsnewinr2.mspx
1) Promote your new machine as an additional domain controller in an already existing domain - this will allow AD to replicate to the new server
2) Make sure DNS is AD integrated on your old DC to allow all DNS replications also
3) Transfer the FSMO roles to the new server
http://www.petri.co.il/transferring_fsmo_roles.htm
http://support.microsoft.com/default.aspx?scid=kb;en-us;255690
4) Make the new DC a Global Catalog under Sites and Services
http://support.microsoft.com/?kbid=313994
5) Deactivate DHCP on the old DC (if used) and recreate the scope on the new DC, note if you have a fairly complex or Large DHCP scheme you may want to export and import the database
http://support.microsoft.com/kb/325473/
6) Run DCDIAG to make sure all is well and replication is fine
7) Demote the old DC if you dont intend to keep it as a backup
8) Recreate Shares etc on the new server
9) Reinstall printers and share them etc....
this will allow you to have the complete AD directory on the new DC and clients will barely be aware of any changes
If your 2003 Exchange server is a DC (which you stated) then AD is up to 2003 specs.
If you're adding an R2 server, then what Jay states needs to be done with respect to adprep for R2 extensions.
Now, since the forest is already 2003, if the server you have now is NOT R2, then simply DCPROMO it, transfer the roles (5 of them) and make it a GC. DO NOT rush to remove the old one just yet because Exchange relies heavily on the GC role so you want to be certain the new server has time to build it and advertise.
Other than that, there is nothing much left to deal with.
Keep in mind - DO NOT change the role of the Exchange server now - DO NOT demote it or (if not a DC) promote it or you will break Exchange.
If you're adding an R2 server, then what Jay states needs to be done with respect to adprep for R2 extensions.
Now, since the forest is already 2003, if the server you have now is NOT R2, then simply DCPROMO it, transfer the roles (5 of them) and make it a GC. DO NOT rush to remove the old one just yet because Exchange relies heavily on the GC role so you want to be certain the new server has time to build it and advertise.
Other than that, there is nothing much left to deal with.
Keep in mind - DO NOT change the role of the Exchange server now - DO NOT demote it or (if not a DC) promote it or you will break Exchange.
Jay_Jay70:
Thanks for your prompt and valuable reply. The awnser is quite useful.
I've checked AD and noticed that Domain Function Level remains Windows 2000 native and Forest Function level is Windows 2000. Is that the purpose I need to run ADPREP tools?
I only have one DNS server on Server 1 with Windows 2000, the first lower-configuration server I'd like to get rid of. There are several zones in Forward Lookup Zones. All of them are Primary Standard. How can I check that DNS server is Active Directory intergrated?
I will setup Server 3 with Windows 2003 R2 and install DNS on that. How can I replicate DNS information with primary DNS on Server 1?
Netman66:
Thank you very much for your comment and reminding.
Wilson
Thanks for your prompt and valuable reply. The awnser is quite useful.
I've checked AD and noticed that Domain Function Level remains Windows 2000 native and Forest Function level is Windows 2000. Is that the purpose I need to run ADPREP tools?
I only have one DNS server on Server 1 with Windows 2000, the first lower-configuration server I'd like to get rid of. There are several zones in Forward Lookup Zones. All of them are Primary Standard. How can I check that DNS server is Active Directory intergrated?
I will setup Server 3 with Windows 2003 R2 and install DNS on that. How can I replicate DNS information with primary DNS on Server 1?
Netman66:
Thank you very much for your comment and reminding.
Wilson
Functional levels have nothing to do with Adprep for R2. You run Adprep to extend the Schema for the new R2 features.
If you expand each DNS zone, then right-click and select Properties you'll see if they're AD Integrated (and be able to change them) there.
Once the zones are AD Integrated and accept Dynamic Updates, then simply installing DNS on the server should be all that's necessary. If replication and DNS are functioning properly the zones will automatically create and populate using Replication.
If you expand each DNS zone, then right-click and select Properties you'll see if they're AD Integrated (and be able to change them) there.
Once the zones are AD Integrated and accept Dynamic Updates, then simply installing DNS on the server should be all that's necessary. If replication and DNS are functioning properly the zones will automatically create and populate using Replication.
Thanks a lot Netman66,
I've checked all zones in Forward Lookup Zones and all of the are Primary Standard including our local domain xyz.local and a reverse zone 172.20.0.x matches domain xyz.local is AD Intergrated. Is that possible to transer Primary Standard to AD Ingrated? Otherwise, do I need to create a new zone?
TIA,
Wilson
I've checked all zones in Forward Lookup Zones and all of the are Primary Standard including our local domain xyz.local and a reverse zone 172.20.0.x matches domain xyz.local is AD Intergrated. Is that possible to transer Primary Standard to AD Ingrated? Otherwise, do I need to create a new zone?
TIA,
Wilson
You don't need to transfer - just go into the Properties of the zone and press the button for Change on the zone type. At this point you can select Active Directory Integrated - nothing to it.
Thanks a lot!
If I setup secondary DNS on new Server 3 which running Windows 2003/R2. Is that possible it become primary DNS server if I get rid of current primary DNS server Server 1 which is primary DC, glabal catalog and FSMO role server? For sure I will get rid of it after I successfully transfer glabal catalog and FSMO role to the new Server 3.
If I setup secondary DNS on new Server 3 which running Windows 2003/R2. Is that possible it become primary DNS server if I get rid of current primary DNS server Server 1 which is primary DC, glabal catalog and FSMO role server? For sure I will get rid of it after I successfully transfer glabal catalog and FSMO role to the new Server 3.
There are no such things as Primary and Secondary once the zone is AD Integrated - they all contain the same info and are updated via replication. You can have a Preferred and Secondary DNS server - but that relates totally to your preference.
You can make it Authoritative fairly easily by changing the SOA record to the new server. You can then make it the Preferred server via DHCP.
If you want to remove the original server, that's easy to do. Simply uninstall DNS and restart. Everything should get removed from DNS cleanly provided the two servers can communicate properly.
You can make it Authoritative fairly easily by changing the SOA record to the new server. You can then make it the Preferred server via DHCP.
If you want to remove the original server, that's easy to do. Simply uninstall DNS and restart. Everything should get removed from DNS cleanly provided the two servers can communicate properly.
Thanks guys. I've splited points already. Glad and peasured I got answers from Top 2 Pro.
I haven't planed with http://www.experts-exchange.com for a quite while.
I haven't planed with http://www.experts-exchange.com for a quite while.
Featured Post
Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Scenerio:
You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses. You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special.
It's completely agentless, but does let you create an agent, if you desire.
It offers powerful scalability …
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash"
After Shake : http://www.videocopilot.net/presets/after_shake/
All lightning effects with instructions : http://www.mediaf…
Suggested Courses
Course of the Month2 days, 4 hours left to enroll
717 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.