New Windows 2008 Domain Controller - Steps
Posted on 2010-09-01
I am currently in the process of adding a new Windows 2008 domain controller to our network (to replace our ageing 2003 PDC).
I've made a high level list of processes I have documented in preparation for the build. I've also expanded on this list and documented every individual step that needs doing for the build.
At the moment, I'm at the stage where I am just finalising which steps need to be carried out & which roles I need to migrate.
The next stage is to perform the actual migration. I've been trying to schedule an our of hours time slot but that's been difficult lately.
How much of the following could I do without any disruption to the live system? Initially I was thinking of adding the 2008 box as a domain controller, making it the primary controller (& testing logons, DNS, etc) out of hours then migrating the roles (file, print, fax, vpn, etc) gradually during the working week.
I would like to see how much of the migration I can perform during the working week. If it's not possible, then I will have to just schedule some time out of hours where I can come in and promote the 2008 box to a new primary DC and test the logon, DNS, etc. Once the DC aspect is complete, I can continue to migrate the roles during the working week.
Below is the list of steps I've collated so far:
Phase 1 - Windows 2008 R2 64-Bit Installation
Configure HDD's in RAID-1 array (Mirrored disks)
Install Windows 2008 R2 from installation DVD
Set IP address and join onto domain as normal
Configure DRAC card and test from another PC
Phase 2 – Migrate Domain Controller from 2003 > 2008
Check old server for replication-enabled AD
Check old DC for errors
Upgrade domain/schema on 2003
Run dcpromo to add 2008 to domain as a DC
Install DNS role
Check DNS replication
Transfer Schema Master Role from 2003 to 2008
Transfer Domain Naming Master Role from 2003 to 2008
Transfer Infrastructure Master Role from 2003 to 2008
Transfer Relative ID Master Role from 2003 to 2008
Transfer PDC Emulator Role from 2003 to 2008
Check that 2008 server has AD / DHCP / DNS Roles installed
Configure NIC DNS settings on new DC – Primary-New, Secondary-Old
Re-configure DHCP scope settings to point to new DNS Server (DC)
Move DHCP Database from 2003 > 2008
Authorise DHCP server on new 2008 DC
Re-configure some client PC's to point DNS server on 2008 DCC
Disconnect old DC from LAN & test client logon / Group Policy
If OK, demote old DC (Moves from DC OU to 'Computers' OU as normal server)
Check DNS Management Console
Re-configure remaining PC's to point to DNS server on 2008 DC
Raise Domain Functional Level to 2008 (FINAL STEP!!!)
Raise Forest Functional Level to 2008 (FINAL STEP!!!)
Phase 3 – Migrate Roles from 2003 > 2008
VPN / Remote Access
Phase 4 – Other Actions
User Profiles - migrate user-by-user (only 6 roaming profile users to migrate)
Archive all unused files / documents into 'Old User Documents', etc.
Re-map network drives to new DC
Does this list seem comprehensive enough?
I look forward to receiving your feedback as I'm very keen to get this project finished by the end of next week.
Thanks in advance!