Solved

Introduced '03 Standard and '03 Standard R2 Domain Controller into our network

Posted on 2007-04-11
4
366 Views
Last Modified: 2010-04-20
I recently introduced a Windows 2003 domain controller on to our network. Let's pretend that my 2000 domain controller I retired was named "dc2000", and my 2003 domain controllers I introduced into my network are called; "2003dc1" and "2003dc2". Before introducing the 2003 domain controller(s) on to my network I followed this kb to take the proper steps in introducing a '03 DC into a 2000 native mode network: http://support.microsoft.com/?id=325379. I transferred all FSMO roles from the "2000dc" DC  to the new "2003dc1" server. I moved dns, and dhcp to "2003dc1". I de-promoted the "2000dc" from being a DC. I removed it from the network, and re-imaged it with Windows Server 2003 R2. I ran an adprep.exe /forestprep to prepare the domain controller for the upgrade.  I ran it on the server that is the schema operations manager with the Adprep tool that comes on the R2 product CD in the \Cmpnents\r2\adprep directory. After this was complete I promoted "2003dc2" to a DC.

Now that I have established the history of how I got to this point I am getting ready to raise the Forest and Domain Functional level to Windows 2003. I am not getting any relevant errors in event viewer on my DC's. I was doing some research to look for any possible issues before I raise the Domain and Forest Functional levels. I noticed a couple of things that I wanted to verify I could delete or edit with the correct domain controller.
In ASDI edit when I right click on my domain and then left click on properties and  then scroll down in my attribute editor, I see that my "domainreplica" is being listed as my old 2000 DC named "2000dc". I believe this should be the "2003dc1" server. Can I edit this to the "2003dc1" server or what is your recommendation? In Active Directory Domain and Trusts when I scroll down to "Sites", "Services", and "Netservices" I see that the "2003DC1" is listed by IP address. The "2000DC" is listed by name in "Netservices" as well. I want to verify that I can simply delete the "2000dc" entry. I also would like to know if this is normal that the old 2000 server was left in these places. If it is not normal please give me a suggestion why this could have not been removed.

Thanks in advance.
0
Comment
Question by:Natldiag
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Accepted Solution

by:
strongline earned 250 total points
ID: 18893293
follow  support.microsoft.com/kb/216498 to see if you have anything to delete about 2000dc. don't remove anything else.

 if all event logs are clean, and repadmin /showrepl * is clean, I won't worry too much.
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 250 total points
ID: 18893302
First thing:  Did you make your first 2003 server a Global Catalog?

Next, when you DCPROMO the server you need to go into AD Sites and Services and delete the old server from there.

Next, remove all entries from DNS (Forward and Reverse zones) for the old servername.

Lastly, it may be necessary to do a Metadata cleanup if the old DC wasn't cleanly DCPROMO'd.
http://support.microsoft.com/kb/216498/en-us

BTW: You didn't need to run Adprep after the first 2003 server was added.  It needed to be run on the old 2000 DC before you added it.  
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 250 total points
ID: 18893312
Sorry, I think I misread something.  You used the R2 Adprep - which is fine if your original 2003 DC was not an R2 build.

0
 

Author Comment

by:Natldiag
ID: 18908508
I followed the kb article; "support.microsoft.com/kb/216498", and made sure that everything was successful when I ran the repadmin /showrepl command. When attempting a metadata cleanup I verified that the retired doman controller was not present. Since I am content that the old domain controller was removed completely, I went ahead and raised my domain and forest functional level. Thank you both for the feedback.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Let's recap what we learned from yesterday's Skyport Systems webinar.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question