Folks I currently have a windows 2003 DC and an additonal 2003 domain controller.
My DC has been heavily infected with virus,AD accounts keep getting locked, I cant even do regedit .
I have a new server on which i want to install 2003 & make that the DC.
Because my additional DC hardware is old I dont want to move FSMO roles to that server thus i want the additional dc to run as it is now.
Pls advise how I can :
1)move the roles to the new server hardware
2)Get rid of the current infected dc from the network
3)keep the existing additonal dc as it is
4)keep the GPO's as i have citrix users authenticating to dc