Need to move a 2003 server to a new IP address.

Posted on 2007-08-04
Last Modified: 2010-04-18
I am no expert but I have set up a network in the small primary school where I work as a teacher.  It works very well at the moment.  It has a Windows Enterprise 2003 Server which runs accounts for staff and children.

The staff use VPN to access their accounts from home on terminal services.  

I plan to extend the use of terminal services and so I have bought a second server which I plan to have take over the role of terminal server on the network.

I have ONE single IP address which is set up by my internet service provider as the access from outside to my network on the vpn.  It is This is the IP address of the server on the network.

I need to know which is the best approach to bringing in the new terminal server.

Can I just move the main server, which is the domain controller, dhcp server and runs active directory to a new IP address, ideally and then put the new terminal server on

Can anyone foresee any problems, if I just change the IP address of the original server to Can you think of anything else that I need to change to compensate for the server having moved to the new IP address?

Or .... is there a better way of doing the whole thing?


Question by:fjnorman
    LVL 70

    Accepted Solution

    Oh dear - you mean you have the server connected directly to the internet through a public IP address?
    You need to sort this out immediately - you may as well put a big neon sign on your server saying please hack me?

    You need a decent router/firewall between your internal network and the intenet, your server and clients should be on a private IPs behind the router firewall and the router/firewall should provide routing with NAT or simialr in order that all of your servers and clients can access the internet through the public IP address without themselves being exposed. See the diagram on Network and hardware requirements at to see what I mean.

    Get this sorted first - then you can add the new server and confgure Terminal Services on the new server and you can give ir any IP you like and configure the firewall to allow TS Sessions.

    LVL 13

    Assisted Solution

    Let's hope that you don't have a Public IP address configured on your server.  But let's verify.  What are the first three numbers of your IP address  I'm going to guess and hope that your server IP address is  If this is the case then this is a private IP address and everything is OK.

    Now to setup the Terminal Server.  I would recommend setting up the Terminal Server with the IP address.  If you change the IP address of the server you will need to correct settings for the VPN, DNS, DHCP and any other services that you may have running.  

    Once you have setup the new Terminal Server you will need to reconfigure your router to forward port 3389 to the IP address.  

    Author Comment

    Thank you for both answers.  I have just realised what is going on.  The vpn is organised through our internet supplier, who specially manages schools and provides the access to the internet.  The actual IP address is only referred to when you set up the remote desktop connection to logon to accounts.

    Now that I have realised that.  I should be able to set up the terminal server on and then try to connect to it.  If I can connect, then I can leave the origianl terminal server working until I have changed over all of the remote desktops and then remove the role.

    Can't I?
    LVL 70

    Expert Comment

    OK I hope that is the case. Putting Terminal Server on a machine other than the DC is a very good idea. Terminal Services on a DC is a big security risk since you are effectivly granting remote users permission to log on locally to the DC where they could reak havoc. Microsoft always advise against putting Terminal Services on A DC (other than for remote admin), and its actually prohibited in SBS.

    On a more general point you can chnage the IP addresses of machines as you want but don't do it on a regular basis. When you change a DCs IP address you may need to wait a wile while the new IP addresses are propogated properly and a reboot is not a bad idea since it will clear all cached infomation and and force the re-registration of any dynamic DNS entries etc.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Join & Write a Comment

    Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
    For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now