Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

windows server 2003 DC

Posted on 2009-05-14
14
313 Views
Last Modified: 2012-05-07
hi
i have a windows 2003 DC that i want to virtualise. i have moved the operation roles from it and de-seleected it as a global catalog. I have promoted another physical server that will be used as the DC instead and made it a GC. I dont want the server im going to virtualise to be a Dc any longer . Is it safe just to run a dcpromo now and remove active directory

its used as a DNS server etc and will contie to function as a DNS server, will these roles stay on the server even after removing AD or will it all be removed with it?

thanks
0
Comment
Question by:mikeleahy
  • 6
  • 4
  • 2
  • +2
14 Comments
 
LVL 5

Expert Comment

by:AncientFrib
ID: 24383886
You checked the FSMO roles right?

http://support.microsoft.com/kb/324801

If so it should be safe.
0
 
LVL 5

Expert Comment

by:AncientFrib
ID: 24383906
Also in re: your second question.  If you demote it you may loose the AD integrated zone (assuming that is what you had).  I think you can just add a secondary zone etc to it if it does wipe it out.
0
 
LVL 19

Expert Comment

by:vmwarun - Arun
ID: 24383918
Once you demote a Domain Controller, if your DNS Zones were Active Directory Integrated, the Server would continue to be a member server in the Domain.

Have you transferred all the 5 FSMO Roles ?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24384230
You can demote the server so it would then be a member server of your domain. Make sure you check to make that the server's DNS zone isn't AD integrated because if it is then you must delete the zone and then recreate it as a Secondary zone. Secondary zones are only read only zones so you can't edit any records within the zone you must edit any zone records on a DNS zone that is Primary or AD integrated.
0
 

Author Comment

by:mikeleahy
ID: 24384424
can i just change the zone on the server in question to be a secondary zone, then remove AD from the server?

or do i need to remove the zone and then demote and then add a secondary zone

or do i demote first and then delete the zone and add a secondary one
0
 
LVL 19

Accepted Solution

by:
vmwarun - Arun earned 250 total points
ID: 24384578
I would suggest that you first demote your Domain Controller first.

This would definitely remove the AD Integrated Zone.

First if you do not want to use the further, decommission it accordingly.
0
 

Author Comment

by:mikeleahy
ID: 24384683
so demote the server, the integrated zone will be removed automatically , then add a secondary zone??

correct??
0
 
LVL 19

Expert Comment

by:vmwarun - Arun
ID: 24384725
yup.

AD integrated zones are those zones where along with the normal DNS Zone Replication info about the AD is also replicated.

Once you demote your DC, it no longer has the ability to run/host an AD Integrated Zone.
0
 
LVL 19

Expert Comment

by:vmwarun - Arun
ID: 24384769
For more info about AD Integrated Zones read this - http://technet.microsoft.com/en-us/library/cc978010.aspx
0
 

Author Comment

by:mikeleahy
ID: 24384910
and the other server running an AD integrated zone will continue to run that kind of zone

will the server running the secondary zone provide proper dns services also???
0
 
LVL 19

Expert Comment

by:vmwarun - Arun
ID: 24385080
I suggest that completely decommission the Server instead of keeping it in the Network.

Do you want this Server to provide DNS Services ?
0
 

Author Comment

by:mikeleahy
ID: 24385109
why would i de-commision the network. as the original post has said this server will continue to provide dns services plus many other functions. i want to virtualise it, not decomission it.
0
 
LVL 19

Expert Comment

by:vmwarun - Arun
ID: 24385716
In that case, just demote using dcpromo command.

Reconfigure your DNS Zones as per your requirement.
0
 
LVL 3

Expert Comment

by:qualchoice-it
ID: 24390345
Stand up your New VM thats going to be your DC, let it replicate, make it a GC as well, add DNS if its going to be AD integrated, you stated the FSMO roles have already been moved.
Let that run a few days in parallel with your existing DC to make sure all the replication happens
DCPROMO your old DC and make it a member server, do all your metadata clean up

Use VMconverter and P to V it

Bring it up in ESX as a new VM member server and add all the Services you need.  DNS, etc..
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

HOW TO: Install and Configure VMware vSphere Hypervisor 6.5 (ESXi 6.5), Step by Step Tutorial with screenshots. From Download, Checking Media, to Completed Installation.
HOW TO: Connect to the VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere (HTML5 Web) Host Client 6.5, and perform a simple configuration task of adding a new VMFS 6 datastore.
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question