Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

MIgrate Windows 2003 DC

Posted on 2008-06-11
6
Medium Priority
?
586 Views
Last Modified: 2012-05-05
Hi,
I have 3 DCs (Windows 2003 enterprise SP1), one of them is currently running of diskspace.  Since this one is a 5 years old server.  I want to buy a new server and migrate this existing one the new one.  The existing one is currently a DC which is also holding a secondary WIN.  What is the best way to handle this migration which won't create any downtime, and also how to find out whether this existing DC holding another other roles in addition to DC and secondary WIN.  
Thanks
0
Comment
Question by:NickQ
  • 4
  • 2
6 Comments
 
LVL 14

Accepted Solution

by:
Joseph Hornsey earned 2000 total points
ID: 21766402
Nick,

To answer your last question first, here's how you find out who holds the roles:

1. Open Active Directory Users & Computers
2. Right-click on the domain and go to "Operations Masters"
      - Here you will find tabs for the RID Master, PDC Emulator and Infrastructure Master
3. Open Active Directory Domains & Trusts
4. Right-click on the root and go to "Operations Master"
      - Here you will find the Domain Naming Master
5. Click on Start | Run and type "regsvr32 schmgmt.dll" and hit ENTER.  Hit OK when the box comes up telling you it's registered.
6. Click on Start | Run and type "mmc" (no quotes) and hit ENTER
7. Add the Active Directory Schema snap-in to the console
8. Right-click on Active Directory Schema and go to "Operations Master"
     - Here you will find the Schema Master

Regarding migrating your Domain Controller, just do this:

1. Get the new server and make it a member of the domain.  Install DNS on it.
2. Click on Start | Run and type "dcpromo" and hit ENTER.
3. Go through the promotion process and have it automatically configure DNS.
4. Point your clients (via DHCP or manually) to the new DC for DNS.
5. Run dcpromo on the existing DC and demote it.

That's a little oversimplified, but pretty much covers you.

Does that help?

<-=+=->
0
 
LVL 14

Expert Comment

by:Joseph Hornsey
ID: 21766405
Oh, yeah.  And get rid of WINS unless you have some reason why you need it.  Windows networks haven't needed it since NT 4.0.

<-=+=->
0
 

Author Comment

by:NickQ
ID: 21766438
Thanks for your speedy repsonse.  I already have one DC which already holding a DNS.  For this new server, it is nice to have a secondary DNS as the backup to the primary one.  So buying a new server, build it, make it member of the domain, using dcpromo to make it DC, and how to to make it as a secondary DNS server to first one?  Yes, I will ignore the WIN.
Thanks
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 14

Expert Comment

by:Joseph Hornsey
ID: 21766447
Well, the easiest way to handle DNS is to do this:

1. Make sure your DNS zone is Active-Directory Integrated.  This means that all of the DNS info is stored in AD instead of in flat text files on the local HDD.  Also, this means that all DNS info is replicated to all domain controllers.
2. Before you promote the new DC, install the DNS Server service.
3. When you promote the new DC, it will automatically see the DNS info in AD and will use it for DNS.  No need to do anything at all.

To get your clients configured, just add the other DC as a Secondary DNS Server in their TCP/IP settings either manually or via DHCP.

Hope that helps!

<-=+=->
0
 

Author Comment

by:NickQ
ID: 21766470
Thanks so much
0
 
LVL 14

Expert Comment

by:Joseph Hornsey
ID: 21766474
You're very welcome!

<-=+=->
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question