Solved

What should I do before degrade this Windows 2000 domain controller?

Posted on 2007-11-27
2
588 Views
Last Modified: 2011-10-03
Dear Sir or Madam:

I have a Window 2003 domain. On our domain there is only one 2003 domain controller, the other 7 are all  windows 2000 domain controllers. My company pass the budget to upgrade our domain. I am planning to upgrade our domain to Windows 2003 base. Before I do that, i need degrade my old DCs. My question is some of the DCs are DHCP servers and DNS servers. If I degrade them, what should i do before that. Do i need set up another DNS server and DHCP servers.

I have five branches and HQ. At very branch, i have a DHCP server (also DC, altogether 5 DCs). At HQ, i have One primary DNS server and Secondary DNS server. Do i need to degrade them?

Thank you for any help, the more detailed, the more appreciated.
0
Comment
Question by:Jason Yu
2 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 400 total points
ID: 20362336
before you demote any DCs you need to find which one(s) are holding FSMO roles (http://www.petri.co.il/determining_fsmo_role_holders.htm) and transfer these roles to another DC (http://www.petri.co.il/transferring_fsmo_roles.htm).

It whould also be a good idea to make sure at least one DC on each of your sites hosts the global catalog - Go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the ‘Global Catalog’ checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

When you install the new DCs add DNS as Active Directory Integrated - best to have a DNS server on each site as well to avoid cross-site DNS lookups. Active Directory Integrated DNS is much more efficient and secure than an old fashioned primary/Secondary DNS server setup)

Make sure all the clients are configured with the address of one Windows DNS server as the preferred DNS server (the one on their own site), and the address of another Windows DNS server as the alternate DNS server for backup - this may be done be configuring the settings manually or as DHCP options.

Talking of DHCP, it may be a good idea to provided a DHCP server at each site as well

If you have not already done so then define you subnets and assign them to sites in AD sites and services, then windows will attempt to authenticate with the local DC - reducing cross site traffic and speeding up responses.

make sure that if you remove the old DCs you remove them gracefully by running DCPROMO to dematoe them.

0
 
LVL 12

Assisted Solution

by:Amit Bhatnagar
Amit Bhatnagar earned 100 total points
ID: 20470284
Please make sure to go through these documents before you proceed. They give you a very good insight on what to do and what NOT to do while performing such steps. Best of luck..:)

http://support.microsoft.com/kb/325379
http://support.microsoft.com/kb/555040
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now