Solved

What is the best procedure to replace a server running Windows Server 2000 with a new server running Windows Server 2003?

Posted on 2008-10-11
2
123 Views
Last Modified: 2012-05-05
Our domain controller is an HP ML370 Gen 1 PIII733 running Windows Server 2000 with Active Directory.  We also have an HP DL 100 running Windows Storage Server 2003 which is joined to the Windows 2000 domain.  We wish to replace the ML370 with a new ML 350 running Windows Server 2003 Standard Edition.  We have only one domain controller and we are not running Exchange Server.

Please advise which procedure is best.

Option 1
a) Upgrade the current ML370 Windows 2000 domain controller to Windows Server 2003
b) Join the new ML350 with Windows Server 2003 to the domain
c) Promote the ML350 to a domain controller
d) Remove the old ML370 from the domain

Option 2
a) Run ADPREP on the current Windows Server 2000 domain controller
b) Join the new ML 350 with Windows Server 2003 to the Windows 2000 domain
c) Promote the new ML 350 to a domain controller
d) Remove the old ML370 from domain


0
Comment
Question by:lakesidemetals
2 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 250 total points
ID: 22693239
The procedure is straight forward:

Install Windows 2003 on the new machine
Assign the new computer an IP address and subnet mask on the existing network
Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

You now need to take the 2003 CD and put it in the 2000 Domain Controller and run ADPREP, specifically you need to run
Adprep /forestprep    followed by
Adprep /domainprep

Note: If the new Windows 2003 server is the R2 version use the version of adprep from the \CMPNENTS\R2\ folder on CD2, it its not the R2 version then use adprep from the i386 folder on the single 2003 CD.

Now back on the 2003 machine: from the command line promote the new machine to a domain controller with the DCPROMO command from the command line. Select -Additional Domain Controller in an existing Domain-

Once Active Directory is installed then to make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the "Global Catalog" checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

Now install DNS on the new server. Assuming that you were using Active Directory Integrated DNS on the first Domain Controller (and if not why not, it far more efficient, resiliant and more secure), DNS will automatically replicate to the new domain controller along with Active Directory. You will also need to configure a forwarder on the new DNS server http://www.petri.co.il/configure_dns_forwarding.htm

If you are using DHCP you should might want to spread this across the domain controllers (if you intend to keep both), or move it to the new DC, In a simple single domain this is easiest done by Setting up DHCP on the second Domain controller and using a scope on the same network that does not overlap with the existing scope on the other Domain Controller. Dont forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set to one domain controller, and the Alternate DNS to the other, that way if one of the DNS Servers fails, the clients will automatically use the other.

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and DHCP. and the domain could function for a while at least should any one of them fail. However for a fully robust system you need to be aware that the first domain controller that existed will by default hold what are called FSMO Roles. There are five of these roles that are held on a single server and are essential for the functioning of the network. If the second Domain Controller fails, then no problem as the FSMO roles are on the first Domain Controller.

If you really want rid of the original DC, then its vital you transfer the FSMO roles http://www.petri.co.il/transferring_fsmo_roles.htm

Make sure all clients are using the new server as the preferred DNS server (and that the new server points to itself for DNS). You can then power down the original DC and chack it all still works.

Once you are happy all is ok, power back on the original DC, DCPROMO it to remove AD and then remove it from thr domain
0
 

Author Comment

by:lakesidemetals
ID: 22693809
Thank you for the quick response.  I'll need a couple of days to test the solution before closing the question.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now