Solved

Promote Windows 2003 memebr server to Domain Controller

Posted on 2009-05-04
12
729 Views
Last Modified: 2012-06-21
A while back I was configuring a new windows 2003 R2 server and new domain.
The time table was accelerated when the old windows 2000 DC died on us.
The new domain is up and running with no problems.
DCDiag & NetDiag return no errors.

I now have a second windows 2003 R2 member server. On this server I have setup DFS.
Now I want to promote this server to DC.

Can I just run DCPromo and follow the instructions?
Do I specifically have to install DNS before hand?
Do I need to change the Domain Functional Level to 2003 prior to update or can this happen afterwards as well?
Do I need to run adprep, domainprep and / or forestprep?

I am also unsure as to what will happen to the DFS namespace hosted on the second server when I run DCPromo.

I think I can just run DCPromo and follow the instructions after I change the functional level to Windows 2003, but just in case.......

Any help is much appreciated.
0
Comment
Question by:DennisPost
  • 5
  • 3
  • 2
  • +2
12 Comments
 
LVL 22

Accepted Solution

by:
Paka earned 250 total points
Comment Utility
Can I just run DCPromo and follow the instructions?  If it is already a member server - yes.

Do I specifically have to install DNS before hand? No, it will use the DNS that the member server is using; you might want to add the DNS to the new server later.

Do I need to change the Domain Functional Level to 2003 prior to update or can this happen afterwards as well?  No, it will use the functional level from the existing DC.

Do I need to run adprep, domainprep and / or forestprep?  No, that's a one time task; if you ran it on the first server there's no need to run it again.

DFS should be OK.
0
 
LVL 18

Assisted Solution

by:Americom
Americom earned 150 total points
Comment Utility
You should definitely install DNS services(before or after running dcpromo) and make your newly promoted DC as a DNS server as well. Configure it as Active Direcotry-Integrated zone exactly like the other DC so that any upddate on DNS gets replicated to both DCs. If these are the only DC you have you should also make it as a GC as well to make it as redundant as possible.
0
 
LVL 2

Author Comment

by:DennisPost
Comment Utility
>> Do I need to run adprep, domainprep and / or forestprep?  No, that's a one time task; if you ran it on the first server there's no need to run it again.
I did not do this on the existing DC. It was installed stand alone then directly promoted to DC.
Does this info change your advice?
0
 
LVL 5

Assisted Solution

by:mail2prabir
mail2prabir earned 100 total points
Comment Utility
Hi,

further to what Paka has said, the replies to your queries are:

Can I just run DCPromo and follow the instructions?  
yes, just run dcpromo and select Additional DC for the existing domain and follow the instructions.

Do I specifically have to install DNS before hand?
No not required.

Do I need to change the Domain Functional Level to 2003 prior to update or can this happen afterwards as well?
the functional level can be raised subsequently also.

Do I need to run adprep, domainprep and / or forestprep?
no, just dcpromo

I am also unsure as to what will happen to the DFS namespace hosted on the second server when I run DCPromo.
since it is already a domain member, no problem is anticipated due to new role. though now the default domain controller group policy would apply on it instead of default domain policy. check the default domain controller group policy on the DC pertaining to DFS service before you go for DCpromo.

revert back in case of any other queries
0
 
LVL 22

Assisted Solution

by:Paka
Paka earned 250 total points
Comment Utility
If you already have Exchange server running on your domain, then you won't need to rerun adprep, domainprep or forestprep.  If you add them in the future, then and haven't run them, then you will need to run them before the Exchange install.
0
 
LVL 2

Author Comment

by:DennisPost
Comment Utility
How can I make the new DC a GC as well?
0
Wish Marketing would stop bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

 
LVL 18

Assisted Solution

by:Americom
Americom earned 150 total points
Comment Utility
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
Definitely make it a GC -- see bullet 1
http://adisfun.blogspot.com/2009/04/lessons-learned-from-eric-fleischman.html
Thanks
Mike
0
 
LVL 2

Author Comment

by:DennisPost
Comment Utility
One last question(s) before I follow your advice.

When I do this, will the DFS namespace still be available? It is stored in AD isn't?
In other words, will users notice that I have rebooted the server?

I want to avoid doing this in unpaid (And Unnoticed) over time. But of course if it has to be done in off hours, I will.
0
 
LVL 22

Assisted Solution

by:Paka
Paka earned 250 total points
Comment Utility
Did you create your DFS as a domain or a standalone DFS?  If you created it as a domain DFS, it should be held in AD.
0
 
LVL 2

Author Comment

by:DennisPost
Comment Utility
I created DFS using DFS Managment, not Distributed File System.
How can I check that it is indeed in AD?
0
 
LVL 2

Author Closing Comment

by:DennisPost
Comment Utility
Thanks guys!

One note though. I did have problems with some DFS data, but only with the users that logged off during the update. When they logged on again, they connected to the old source that hadn't been replicated. This would likely have been avoided it the DFS replication was more frequent. The PST files are only replicated between 2-4am.  Therefore emails were missing between the last replication and the rebooting of the new DC.
0

Featured Post

Too many email signature changes to deal with?

Are you constantly being asked to update your organization's email signatures? Do they take up too much of your time? Wouldn't you love to be able to manage all signatures from one central location, easily design them and deploy them quickly to users. Well, you can!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Change company name for 1000 users in AD 2 130
Exchange 2010:  How to prepare for divoce? 2 38
ACTIVE DIRECTORY 4 23
GPO warning 15 24
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now