cytogenadmin
asked on
FSMO Question
Our Windows 2003 Domain Controller (the first in the forest, so I assume it has all the FSMO's on it) is running as both a DC and an Exchange server. Since we do not want to rip off Exchange, we have decided to build a separate server, dcpromo it, and then move the FSMO's off to the new DC from the old DC/Exchange box. Any problem in doing this? Would I be using the NTDSUTIL command?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I have successfully promoted/demoted a DC with Exchange using the standard DCPROMO. However, I may have been lucky. I would tread lightly and make sure you have good backups and a no plans for the weekend before proceeding.
Don't forget to transfer the Shema Master role. (Extra steps to do so).
Don't forget to transfer the Shema Master role. (Extra steps to do so).
It will break !
You only course of action is to install exchnage on another server, member server not a DC, migrate the mailboxes to the new exchnage server then remove exchnage from the orginal server.
You only course of action is to install exchnage on another server, member server not a DC, migrate the mailboxes to the new exchnage server then remove exchnage from the orginal server.
KCTS is right. Do not DCPROMO the Exchange server back to be a member but I gather you aren't planning to do this anyway.
You are correct in that you can add a second DC and transfer the FSMO roles either by NTDSUTIL or through the MMC.
A few thoughts to share:
Ensure the new DC is also a GC.
Install DNS on the new DC and if you haven't already done so convert your DNS zones to be AD integrated. Once this is done you can repoint all your clients to the new DNS server for primary DNS and use the exisiting DNS server as a secondary.
If the current DC is also running DHCP or WINS consider moving these functions to the new server.
Anything else you need, just shout.
Cheers,
TCP
You are correct in that you can add a second DC and transfer the FSMO roles either by NTDSUTIL or through the MMC.
A few thoughts to share:
Ensure the new DC is also a GC.
Install DNS on the new DC and if you haven't already done so convert your DNS zones to be AD integrated. Once this is done you can repoint all your clients to the new DNS server for primary DNS and use the exisiting DNS server as a secondary.
If the current DC is also running DHCP or WINS consider moving these functions to the new server.
Anything else you need, just shout.
Cheers,
TCP
Moving Exchange would probably be the easiest and safest route to go with. That way you have Exchange on a clean machine. You will also have two clean DCs as well.
Before moving I would bring up the second DC and transfer the FSMO roles.
Before moving I would bring up the second DC and transfer the FSMO roles.
if you go to all the trouble of moving exchange PLEASE DON'T put it on another DC - that will achive ZERO
Agreed. You are looking at 3 machines total.
ASKER