• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 601
  • Last Modified:

What should I do before degrade this Windows 2000 domain controller?

Dear Sir or Madam:

I have a Window 2003 domain. On our domain there is only one 2003 domain controller, the other 7 are all  windows 2000 domain controllers. My company pass the budget to upgrade our domain. I am planning to upgrade our domain to Windows 2003 base. Before I do that, i need degrade my old DCs. My question is some of the DCs are DHCP servers and DNS servers. If I degrade them, what should i do before that. Do i need set up another DNS server and DHCP servers.

I have five branches and HQ. At very branch, i have a DHCP server (also DC, altogether 5 DCs). At HQ, i have One primary DNS server and Secondary DNS server. Do i need to degrade them?

Thank you for any help, the more detailed, the more appreciated.
0
Jason Yu
Asked:
Jason Yu
2 Solutions
 
Brian PiercePhotographerCommented:
before you demote any DCs you need to find which one(s) are holding FSMO roles (http://www.petri.co.il/determining_fsmo_role_holders.htm) and transfer these roles to another DC (http://www.petri.co.il/transferring_fsmo_roles.htm).

It whould also be a good idea to make sure at least one DC on each of your sites hosts the global catalog - Go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the ‘Global Catalog’ checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

When you install the new DCs add DNS as Active Directory Integrated - best to have a DNS server on each site as well to avoid cross-site DNS lookups. Active Directory Integrated DNS is much more efficient and secure than an old fashioned primary/Secondary DNS server setup)

Make sure all the clients are configured with the address of one Windows DNS server as the preferred DNS server (the one on their own site), and the address of another Windows DNS server as the alternate DNS server for backup - this may be done be configuring the settings manually or as DHCP options.

Talking of DHCP, it may be a good idea to provided a DHCP server at each site as well

If you have not already done so then define you subnets and assign them to sites in AD sites and services, then windows will attempt to authenticate with the local DC - reducing cross site traffic and speeding up responses.

make sure that if you remove the old DCs you remove them gracefully by running DCPROMO to dematoe them.

0
 
Amit BhatnagarTechnology Consultant - SecurityCommented:
Please make sure to go through these documents before you proceed. They give you a very good insight on what to do and what NOT to do while performing such steps. Best of luck..:)

http://support.microsoft.com/kb/325379
http://support.microsoft.com/kb/555040
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now