Solved

How to decommission a DC in a single doamin?

Posted on 2008-10-25
4
913 Views
Last Modified: 2010-05-18
There is only1 DC/DNS in my single domain. The computer running the DC is old, so I am trying to use a new DC. So far I know I have to transfer FSMO role fom old DC to new DC. But how about golbal catalog server? How should I do it? and for the DNS setting in the new DC, it was pointing to old DC, should I change to point to itself? How about on client PC, I think I should also change the DNS to the new DC right? What else should I do?
0
Comment
Question by:bubuko
  • 2
  • 2
4 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 300 total points
ID: 22805452
The process is as follows

Install Windows 2003 on the new machine
Assign the new computer an IP address and subnet mask on the existing network

Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

If the new Windows 2003 server is the R2 version and the existing set-up is not then you need to run Adprep  from CD2 of the R2 disks on the existing Domain controller. Adprep is in the \CMPNENTS\R2\ folder on CD2
you need to run

adprep /forestprep
and
adprep /domainprep

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line Select Additional Domain Controller in an existing Domain

Once Active Directory is installed then install DNS. You can do this through Add/Remove Programs->Windows Components->Networking Services->DNS.  If you are using Active Directory Integrated DNS then DNS will br replicated from the other DC/DNS.

Next make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand, Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

If necessary install DHCP on the new DC. You can do this through Add/Remove Programs->Windows Components->Networking Services->DHCP.

You will then need to remove any existiing DHCP prior to authorising the new DHCP Server. When setting up the new DHCP server dont forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set the new domain controller.

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and the domain could function for a while at least should any one of them fail.

If you really want rid of the old DC then:-

Transfer all the FSMO roles to the new DC: See http://www.petri.co.il/transferring_fsmo_roles.htm

Check that you have:-
Made the other DC a global catalog:
Installed DHCP on the new DC, set up the scope and authorise it. (If using DHCP)
Make sure that all clients use the new DC as their Preferred DNS server (either by static or DHCP options)

Power down to old DC and make sure that all is well, once satisfied power on the old DC again, then run DCPROMO for remove it's domain controller status. This is essential to avoid replication errors

If you want to remove the machine from the domain then you can do so one it's DC role has been removed
0
 

Author Comment

by:bubuko
ID: 22805509
Thank you very much!! very helpful!
I just went through that and for the final step: run DCPROMO for remove old DC.
At this point, the old DC should point to the new DC as DNS?

I didn't change the old DC to point to the new DC, I got "failed to configure the service netlogon as requested....." I don't know if there is anything to do with that...

Second question.. when I am chaning the PDC emulator role, I got this pop up message "This computer is a non-replication partner..." is this normal? I just accepted it anyways.


Thank you again.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 22805525
The old DC should point to ITSELF for DNS (and the new DC to ITSELF)
The message  "This computer is a non-replication partner..."  also suggests a DNS issue. Make sure the DNS is OK and try again
0
 

Author Comment

by:bubuko
ID: 22805540
1) So you mean I am not supposed to see the message if DNS is good?

2) What would be a problem if I point old DC and new DC to the new DC as DNS?

3) Do you know what caused this message ""failed to configure the service netlogon as requested....." while running dcpromo to get rid of old pc?
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question