Solved

Upgrade Windows Active Directory server

Posted on 2007-12-06
6
295 Views
Last Modified: 2010-04-18
I am replacing our Active Directory/Global Catalog/File & Print server at one of our satellite offices with a brand new server with warranty.

My current plan is to accomplish this using the following methodology:
- Install Windows 2003 on new server and give exactly the same name and static ip address.
- Take backup of current server (Windows 2003) and uninstall AD using dcpromo.
- Run dcpromo on the new server at add it to the domain.  Wait for replication to complete.
- Restore files to new server.
- Have clients log in normally?

What I would like to know:
For those experts who are experienced with this can you please provide any details I might want to look out for (possible issues/problems) using the methodology above or suggest a better methodology (possibly less risk) with reasons why?

Thanks in advance.
Please only respond if you have experience doing this in a large environment with multiple GC and AD controllers.
0
Comment
Question by:Joesmail
  • 3
  • 3
6 Comments
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 500 total points
Comment Utility
You can do it that way, but you will need to reset the computer account AFTER you have demoted the original DC.

0
 
LVL 10

Author Comment

by:Joesmail
Comment Utility
Hi lee,

By resetting the account, do you mean just removing it from the domain after demoting it to a member server?

What way would you recommend?  I have tested restoring everything including AD using Veritas  to a test server although this seems very risky.  Alternatively, I could just install it next to the orginal server and migrate data although this will require changes on every client.  e.g. software, shares etc...

0
 
LVL 10

Author Comment

by:Joesmail
Comment Utility
I don't believe this  attempt to answer my first question deserves points.  The fact you didn't even respond to my second posting shows you don't deserve it.  I know if I try to arbitrate this question I will only get "well he did try to answer your question".

It would be nice if someone else good just put a ".." so I can give them the 500 points.  Unfortunately no one has bothered.  Amazing how this forum has changed!!!  Disappointing.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
WOW... how amazingly rude of you... I miss ONE e-mail about this question and you think I "don't deserve" to be awarded the points... Do you have ANY IDEA how many notifications from EE I get per day?  Would it have killed you to just drop another comment a day or two later - instead of 3 months later?  As you can see, I DO respond... when I haven't missed the comment... so yes, I DO OBJECT to you deleting and asking for a refund.  My answer stands.

Frankly, I'm a little surprised that you, as a long time MCSE, didn't understand what I meant by "resetting the computer account".  I meant just that - you go into ADU&C and right click on the account and select Reset.

What I would do depends on the requirements of the local site.  Frankly, in my networks, I setup logon scripts that map to servers so if I have to replace a box, I just need to change a logon script entry and everyone's pointed to the new server.  So I would install the system with a new, unique name, avoiding any possible conflicts, and just migrate my user data to it, modifying the logon script.  This also assumes that the remote site only has one server that's acting as a file server, among other things.



0
 
LVL 10

Author Comment

by:Joesmail
Comment Utility
It wasn't worth the effort.  Have the points.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
But it was worth the effort to post 3 months later and rant about it.  
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I know all systems administrator at some time or another has had to create a script to copy file from a server share to a desktop. Well now there is an easy way to do this in Group Policy. Using Group policy preferences is not hard. The first thing …
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now