We help IT Professionals succeed at work.

Windows 2003 domain

paintco asked
Medium Priority
Last Modified: 2010-03-17
Hi there
i have windows active directory domain example me.com and i have domain controller server1.me.com
i installed new server and i make it domain controller on the same domain and its name server2.me.com
i want to make server1 off because its very old what i have to do to replace the new server with new one.
thank you and best regards
Watch Question

Site Reliability Engineer
Most Valuable Expert 2011
Replication of Active Directory data should take place automatically, so allow sufficient time for that to take place and so you can see all the data on both servers. Then transfer all the 5 FSMO roles from server 1 to server 2 by following the procedure shown here: http://support.microsoft.com/kb/324801

Make sure server 2 is a global catalog server http://www.petri.co.il/configure_a_new_global_catalog.htm
and that it is running all the necessary services (WINS, DNS and DHCP) If you are using Active Directory integrated DNS, just install DNS to server2 and allow the zones to replicate. If not, I suggest you change your zones so they are AD integrated, then allow for replication to occur. http://support.microsoft.com/kb/198437 Make sure any reservations in DHCP are transferred across along with all the settings in your DHCP scope(s).

Reconfigure DHCP and any static IP clients so they are pointing to the new server for DNS and WINS resolution.

Migrate any shares from server1 to another server and make sure all data is backed up.

Try taking server1 offline (just remove network cable) and make sure that everything is working as you would expect. You can then dcpromo to remove from domain, but I would recommend you leave it as a backup domain controller on the system. As long as all the important roles are hosted on your new server then you shouldn't have a problem with leaving this one running too.

First of all, make sure that Active Directory has replicated correctly.

Next, ensure that services such as DHCP are running from your new server.

Before you take down the server, you need to transfer the FSMO roles using the ntdsutil tool: http://support.microsoft.com/kb/255504

Once done, demote server1 (the easiest way is to use the Manage Server Wizard), and make sure that everything is still working.

Finally, just check the DNS records and make sure that server is not listed as a domain controller.
Brian PiercePhotographer
Awarded 2007
Top Expert 2008

The process is as follows

Install Windows 2003 on the new machine

Assign the new computer an IP address and subnet mask on the existing network

Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

If the new Windows 2003 server is the R2 version and the existing set-up is not then you need to run Adprep  from CD2 of the R2 disks on the existing Domain controller. Adprep is in the \CMPNENTS\R2\ folder on CD2
you need to run

adprep /forestprep
adprep /domainprep

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line Select Additional Domain Controller in an existing Domain

Once Active Directory is installed then install DNS. You can do this through Add/Remove Programs->Windows Components->Networking Services->DNS.  If you are using Active Directory Integrated DNS then DNS will br replicated from the other DC/DNS.

Next make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand, Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

If necessary install DHCP on the new DC. You can do this through Add/Remove Programs->Windows Components->Networking Services->DHCP.

You will then need to remove any existing DHCP prior to authorising the new DHCP Server. When setting up the new DHCP server dont forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set the new domain controller.

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and the domain could function for a while at least should any one of them fail.

If you really want rid of the old DC then:-

Transfer all the FSMO roles to the new DC: See http://www.petri.co.il/transferring_fsmo_roles.htm

Check that you have:-
Made the other DC a global catalog:
Installed DHCP on the new DC, set up the scope and authorise it. (If using DHCP)
Make sure that all clients use the new DC as their Preferred DNS server (either by static or DHCP options)

Power down to old DC and make sure that all is well, once satisfied power on the old DC again, then run DCPROMO for remove it's domain controller status. This is essential to avoid replication errors

If you want to remove the machine from the domain then you can do so one it's DC role has been removed

Explore More ContentExplore courses, solutions, and other research materials related to this topic.