Solved

Migration of active directory from x32  server to x64 server

Posted on 2007-11-27
5
831 Views
Last Modified: 2013-11-29
Question:
We need to know, how we can migrate active directory from x32 platform DC server to x64 platform DC server. We would like to ask you about compatibility and pross and cons of this solution. Thanks for quick answer in advance.
0
Comment
Question by:soitron
5 Comments
 
LVL 10

Assisted Solution

by:kevin_uk05
kevin_uk05 earned 100 total points
Comment Utility
As far as i am aware there isn't much to this. You will leave your x32 DC running, whilst you build your x64. Both DC's can run side by side.  When your ready to remove the x32 DC, move all the FSMO roles onto the x64. I would at this point shutdown the x32 DC and test everything.  You will then be required run DCPROMO on the x32 DC to demote it from a DC to a member server. This should remove all relevant DNS Entries, etc.

Anyone else offer anything further?
0
 
LVL 70

Accepted Solution

by:
KCTS earned 400 total points
Comment Utility
32 Bit and 64 bit DCs talk to each other with no issues so you can have both on your domain. If you want to migrate your DCs to 64 bit then just add the 64bit machine as an additional DC and then move the FSMO roles etc in exactly the same way as you would if replacing a 32bit DC with another 32bit DC

in detail:

Install Windows 2003 on the new machine
Assign the new computer an IP address and subnet mask on the existing network
Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

If the new Windows 2003 server is the ‘R2’ version and the existing set-up is not then you need to run Adprep  from CD2 of the R2 disks on the existing Domain controller. Adprep is in the \CMPNENTS\R2\ folder on CD2 (if this is necessary you may need to get a 32bit version on Adprep to run on the existing machines - you can use an evaluation version)

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line
Select ‘Additional Domain Controller in an existing Domain’

Once Active Directory is installed then to make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the ‘Global Catalog’ checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

Assuming that you were using Active Directory Integrated DNS on the first Domain Controller, DNS will have replicated to the new domain controller along with Active Directory.

If you are using DHCP you should spread this across the domain controllers, In a simple single domain this is easiest done by Setting up DHCP on the second Domain controller and using a scope on the same network that does not overlap with the existing scope on the other Domain Controller. Don’t forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set to one domain controller, and the Alternate DNS to the other, that way if one of the DNS Servers fails, the clients will automatically use the other,

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and DHCP. and the domain could function for a while at least should any one of them fail.

Before removing the 32bit machine:-
Transfer all the FSMO roles: See http://www.petri.co.il/transferring_fsmo_roles.htm

Make the other DC a global catalog: Go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the ‘Global Catalog’ checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

If the DC is running DHCP:
Install DHCP on the new DC, set up the scope and authorise it. remove DHCP from the old DC.

DNS: Make sure that all of your clients are set to use the new DC as their Preferred DNS server (either by static entries or DHCP options)

Power down to old DC and make sure that all is well, once satisfied power on the old DC again, then run DCPROMO for remove it's domain controller status. If you want to remove the machine from the domain then you can do so one it's DC role has been removed
0
 

Author Comment

by:soitron
Comment Utility
Thanks for your answer. Also another one question:
Is there on x64 platform  the same tool for administering active directory and group policy like on x32 platform, because I heard that there is no tool for administering group policy.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 400 total points
Comment Utility
True GPMC does not run on 64bit machines - but you can still manage Group Policy the old fashioned way from the peoperties tab on the OU/Domain
0
 

Expert Comment

by:IdontKnow
Comment Utility
Funny thing happening to me. I'm running R2 SP2 32 bits and decided to migrate to R2 SP2 x64 for the domain controllers. Checking out the number of sessions using x32 DCs:

DC1: 250
DC2: 250
DC3: 250

After having upgraded 2 of the DCs to x64 I get:
DC1: 800
DC2: 50
DC3: 50

I wonder why this is happening? It seems like x32 version of the OS is prefered for 32bits OS  client. I didn't run AD prep on the x64 DCs while I had run it on the 32 bits. Any ideas?

0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now