Solved

Need to move dhcp, wins, dns to new DC and demote a DC

Posted on 2009-04-07
2
426 Views
Last Modified: 2012-05-06
The primary DC is being taken out of production.  It also does DHCP, WINS & DNS.  I have 2 other servers that are secondary domain controllers and the one that is going to become the primary already has the global catalogs and FISMO roles.  I have several questions.  

1.  What do I do first?  Move the DHCP, WINS and DNS before I demote the primary DC?  I wasn't sure if it matter which order this is done.  
2.  I found some instructions for moving DHCP, but they differ somewhat.  Some articles say you have to copy registry entries, but I found a Microsoft article that doesn't mention copying the registry entries.
3.  I've done a ton of research on moving this stuff, but it conflicts so much that I wanted to see if someone does have good instructions for this.  While I support all of the servers, I haven't done much with dhcp, dns & wins.
4.  Should I do this all at one time or one by one?

Thanks - I know this is a long list.
0
Comment
Question by:cindyfiller
2 Comments
 
LVL 12

Accepted Solution

by:
NetAdmin2436 earned 250 total points
ID: 24088267
First, if all your DC's are windows 2000 or later then they are all multimaster. Meaning, there is no 'primary' and 'secondary/backup' domain controllers. Them terms stem back from the NT days and are no longer applicable. Yes there are DC's that hold the FSMO roles, but they are just simply called the FSMO role holders.

Can you explain a little more about your enviroment?
How many computers?
Is DNS integrated?
What is your current DHCP scope like? (ip subnet, how many are in use, how many are free)

1.  Yes, you want to move all the stuff and make sure everything is working properly before removing active directory from the old DC. In fact, I would suggest keeping the DC around for a few weeks after you get the second domain controller up and going just to make sure. The order which you move DNS, DHCP and WINS doesn't really matter. Personally, I'd probably start with DNS first because that's most crucial.

2.  http://technet.microsoft.com/en-us/library/cc776587.aspx. Although, a simple network you can simply deactivate the old DHCP, enable the new DHCP scope copying over all the settings and making an exclusion list that the old DHCP server has (so the new DHCP server doesn't give out the same IP address) then once the old DHCP address have expired remove DHCP from the old DC and remove the exclusion on the new DHCP.

3.  It really depends on the environment and how complex it is.

4.  Take your time, you'll have to do these one by one.

Transfer FSMO roles
http://www.petri.co.il/transferring_fsmo_roles.htm


I hope  this helps!
0
 

Author Comment

by:cindyfiller
ID: 24089184
We have 13 servers and all of them are on one domain.  I have 2/3 of the dhcp addresses on the server that I want to move and another 1/3 on another server that is also a DC.  We have one subnet with 256 potential IP addresses.  
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question