Solved

Upgrade Windows Active Directory server

Posted on 2007-12-06
6
324 Views
Last Modified: 2010-04-18
I am replacing our Active Directory/Global Catalog/File & Print server at one of our satellite offices with a brand new server with warranty.

My current plan is to accomplish this using the following methodology:
- Install Windows 2003 on new server and give exactly the same name and static ip address.
- Take backup of current server (Windows 2003) and uninstall AD using dcpromo.
- Run dcpromo on the new server at add it to the domain.  Wait for replication to complete.
- Restore files to new server.
- Have clients log in normally?

What I would like to know:
For those experts who are experienced with this can you please provide any details I might want to look out for (possible issues/problems) using the methodology above or suggest a better methodology (possibly less risk) with reasons why?

Thanks in advance.
Please only respond if you have experience doing this in a large environment with multiple GC and AD controllers.
0
Comment
Question by:Joesmail
  • 3
  • 3
6 Comments
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 500 total points
ID: 20424385
You can do it that way, but you will need to reset the computer account AFTER you have demoted the original DC.

0
 
LVL 10

Author Comment

by:Joesmail
ID: 20424465
Hi lee,

By resetting the account, do you mean just removing it from the domain after demoting it to a member server?

What way would you recommend?  I have tested restoring everything including AD using Veritas  to a test server although this seems very risky.  Alternatively, I could just install it next to the orginal server and migrate data although this will require changes on every client.  e.g. software, shares etc...

0
 
LVL 10

Author Comment

by:Joesmail
ID: 21055393
I don't believe this  attempt to answer my first question deserves points.  The fact you didn't even respond to my second posting shows you don't deserve it.  I know if I try to arbitrate this question I will only get "well he did try to answer your question".

It would be nice if someone else good just put a ".." so I can give them the 500 points.  Unfortunately no one has bothered.  Amazing how this forum has changed!!!  Disappointing.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 21055502
WOW... how amazingly rude of you... I miss ONE e-mail about this question and you think I "don't deserve" to be awarded the points... Do you have ANY IDEA how many notifications from EE I get per day?  Would it have killed you to just drop another comment a day or two later - instead of 3 months later?  As you can see, I DO respond... when I haven't missed the comment... so yes, I DO OBJECT to you deleting and asking for a refund.  My answer stands.

Frankly, I'm a little surprised that you, as a long time MCSE, didn't understand what I meant by "resetting the computer account".  I meant just that - you go into ADU&C and right click on the account and select Reset.

What I would do depends on the requirements of the local site.  Frankly, in my networks, I setup logon scripts that map to servers so if I have to replace a box, I just need to change a logon script entry and everyone's pointed to the new server.  So I would install the system with a new, unique name, avoiding any possible conflicts, and just migrate my user data to it, modifying the logon script.  This also assumes that the remote site only has one server that's acting as a file server, among other things.



0
 
LVL 10

Author Comment

by:Joesmail
ID: 21056789
It wasn't worth the effort.  Have the points.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 21057914
But it was worth the effort to post 3 months later and rant about it.  
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question