Solved

How to change Static IP address of a domain controller to a different subnet?

Posted on 2010-09-07
39
656 Views
Last Modified: 2012-06-21
Dear Sir,

I have a full environment up a running on the following subnet:
172.16.20.x
255.255.0.0
I have a Primary DC Win 2k8 and second DC Replica to the primary running on Win 2k3 R2.
and I have 2 SQL servers joined to that domain as well...

I have a requirement to move that environment to another subnet: (DCs, SQLs, 3 PCs...)
177.16.9.x
255.255.0.0

I want to add also 3 RDS servers to that new environment, but this is no problem as they are new servers...
I am not sure about how it impacts adsite (DC), DNS and other things...

Please any help step by step?

Thank You,
0
Comment
Question by:ISC-IT-Admin
  • 18
  • 8
  • 7
  • +3
39 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33616154
If you configure each machine with correct DNS IP address then it shouldn't be a problem. You have also modify option 006 on your DHCP server to issue correct leases for clients. If DNS configuration is correct you shouldn't have any problem.
0
 
LVL 4

Expert Comment

by:goyal_251
ID: 33616196
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33616252
I don't have a DHCP server installed in my environment...
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33616279
OK, so you don't have to worry about it :)
Remember to update DNS entries on each machine with static IPs, and additionally check if you have correctly defined subnet in Active Directory Sites and Services console, then assign that new subnet to your site where this DC resides.
0
 
LVL 2

Expert Comment

by:tspreeth
ID: 33616396
Hi ,
First Create the Required Sites in AD Sites and Serivces for the New Subnet .
Or add the new Ip range in the AD Sites And Serives.
Second Add the New Servers to this range .
Change the IP of the other Servers to the new range.
Before you change the IP of your Exisiting DC's You can change the Primary DNS to the New Servers IP on them .
 
After the replication change the Primary DNS to the same servers new ips.
SInce you dont have any DHCP  no need to change in DHCP .
 
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33616721
Thank you tspreeth for your help!

Could you please try to re-phrase and give me more details on how to do this step by step?
1- Before transfer my both DC's and SQL server to the new subnet, what should I do?
2- ?
3- ?
4- After transfer, what should I do?
5- ?


Thank you very much!
0
 
LVL 2

Expert Comment

by:tspreeth
ID: 33617071
1- Before transfer my both DC's and SQL server to the new subnet, what should I do?
a- create the new subnet either as a new site or add in the existing site using Active directory sites and services console.
b-Install the New Domain Controller in the new subnet range.
c- change the primary dns of the old domain controller to the new domain controller .
d- wait for relplication . ( you can manually replicate from sites and serivces console ) or wait for 4-5 hours .
e- change the old domain controllers ips to new ip range. you can do one at a time.
f- wait for relplication and check if all is working as expected.
g- change the other dc also. then sql server.

After transfer, what should I do?
a- change the primary dns of the old dcs to there own new ips.

0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33617861
Hi tspreeth,

Thank you for the details...
But still I didn't understand the scenario, sorry...

b-Install the New Domain Controller in the new subnet range.???? What do you mean by New DC and how?
I have Two DCs one primary and one Replica under that subnet range (172.16.20.x). 255.255.0.0
I want to take them to that range: 177.16.9.x -  255.255.0.0

What about the DNS server in my scenario? Do I need to run any command like ipconfig /registerdns or clear? Forward look up zone and the reverse zone???

After transfer, what should I do?
a- change the primary dns of the old dcs to there own new ips. ????

Please if you can give me more details on how to do this, it's my first time I'm moving an environment from one subnet to a different one...
How to do this without any impact?

Thank you for your patience!


0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33618209
Here are the steps in a MS Tech article on the procedures needed to move a DC to another site.

http://technet.microsoft.com/en-us/library/cc794722(WS.10).aspx
0
 
LVL 3

Expert Comment

by:chris-burns
ID: 33640660
Erm, i think you guys are all missing something. or maybe it is just me...

But your current address and your destination address is in the same range..

Just change the ip address of the server.

As it is in the same subnet, you will have very few problems.

only two things you need to be aware of:  if you change your gateway. then obviously you will need to update all the machines with the new gateway address. And if your server is a DNS server then you need to update the clients with that too.
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33644161
Thank Chris for the reply!

So all I need to do is only to change the IP address of the domain controller from 172.16.20.X range to 177.16.9.X.? It's class B subnet 255.255.0.0
But in fact 172.16.20.X cannot communicate with 177.16.9.X bcz it's in a different subnet or range right?
Could you give me more explanation?

About my gateway, this is my gateway Internet IP address: 172.16.20.2. So it's not possible to configure this IP with the new range (177.16.9.x).
This new environment is an exam hall for student, so I don't need Internet on the client side, and if I need Internet on the servers, I can add the old range IP on a second network card on the server, right?

Thank you for your help Chris,


0
 
LVL 3

Expert Comment

by:chris-burns
ID: 33644407
ok,

Your old ip range is 172.16.20.0 with a subnet mask of 255.255.0.0. What this means is a computer will be able to directly talk with any other machine starting with 172.16.x.x.

As your new range begins with 172.16.9.0 it is still within 172.16.0.0/255.255.0.0. So a computer with address 172.16.9.145 will be able to speak directly to a computer on 172.16.20.214 as they are both in 255.255.0.0 subnet. Hope that helps.

*However* you say that :

     "About my gateway, this is my gateway Internet IP address: 172.16.20.2."

Therefore i am guessing this is a test lab as 172.16.202 is not a valid internet address. In which case this has gotten a load more complicated. As you will need to update the route table on the router.

If i understand you correctly you are looking for this setup:

 [internet]-----------[WAN: 172.16.20.2]Router[LAN:172.16.9.0]-----------[Network]

If the above is correct then you can't have both addresses within the 255.255.0.0 subnet. You must make both class C network (255.255.255.0).

Can you clarify if my assumptions above are correct?

0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33652470
Hello Chris thanks for the reply!

There is misunderstanding, please check above my scenario again.
My old IP range is 172.16.20.0 / 255.255.0.0 , and my new IP range is 177.16.9.0 not (172).
same subnet class B yes, but 172 cannot communicate with 177, different range.

I have a full environment up a running on the following subnet:
172.16.20.x
255.255.0.0
I have a Primary DC Win 2k8 and second DC Replica to the primary running on Win 2k3 R2.
and I have 2 SQL servers joined to that domain as well, plus 3 RDS servers...

I have a requirement to move that environment to another subnet: (DCs, SQLs, 3 PCs, 3 RDS Servers...)
177.16.9.x
255.255.0.0
This new environment is for exam only, no need to communicate with 172 subnet range, that's why I changed to 177.

About the gateway Internet, 172.16.20.2 is the Internal IP of my hardware Firewall, external IP is the ISP.

Here I have two questions:
First, How can I move all my environment from 172 IP range to 177 without having impact on my DCs...???

Second If I need to provide Internet to some servers after moving to the my new IP range 177, what should I do to accomplish this???

Could you please provide me a step by step guide.

Thank You!!!

0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33657649
Hello Guys...
Please any update on how to move Primary and secondary DCs from 172 range to 177 range IP?
Subnet class B.

Thanks!
0
 
LVL 4

Expert Comment

by:goyal_251
ID: 33659526
As far as I understand 177 is not a valid private IP range
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33659804
Hi Goyal,

Thanks for the reply!
Are you sure I cannot use that range (177) in my private network.

Please give me your help, which range should I use???
My current environment is on that range 172.16.20.x... I want to seperate from that range.

I have a requirement to move that environment to another subnet range for security...
How can I move that environment from 172 IP range to ..???.... without having impact on my DCs...???

Thanks!
0
 
LVL 4

Expert Comment

by:goyal_251
ID: 33659823
valid Private IP range are
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255

if you are using subnet mask 255.255.0.0 then you can have seperate range as 172.17.X.X .
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33659925
Thank you Goyal for the quick reply.

Yes I am using subnet mask 255.255.0.0
So I will change from that range 172.16.20.X to 172.20.10.X     OK RIGHT???
Then I will have a complete separate environment! from the old one!!! ???

Now how can I move (DCs, SQL, RDS servers...) from 172.16.20.X IP range to 172.20.10.X without having impact on my DCs...???

Thank you for your help!!!

0
 
LVL 4

Expert Comment

by:goyal_251
ID: 33660198
Yes if you will change IP range 172.16.20.X to 172.20.10.X(Subnet 255.255.0.0)Then you will have a complete separate environment.
Then follow the step as suggest by tspreeth to move (DCs, SQL, RDS servers...) from 172.16.20.X IP range to 172.20.10.X.
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33695396
Thank You Goyal for the reply!

I will use this IP range 172.20.10.X for my new environment!

Please I need more details and a step by step guide on how to change the DCs from the old range to the new one!

Tspreeth kindly any assistance from your side will be appreciated!

Thank You!
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33695919
I have posted the guide here http:#a33618209

0
 
LVL 4

Expert Comment

by:goyal_251
ID: 33698215
you want to move the enviornment or create a copy of same envoirnment?
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33698850
Hi Goyal,

I want to move my environment from the old IP range 172.16.20.X to the new range IP 172.20.10.X
I have (2 DC's primary secondary, Win 2K8 the primary DC and Win 2k3 the secondary DC, then 2 SQL servers, then 3 TS servers...)

It's a critical exam environment, I want to move without any impact on my DCs...
Any help please!
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33698859
0
 
LVL 4

Expert Comment

by:goyal_251
ID: 33699226
As far as I understand it would not make any difference.
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33699379
Hi Goyal,

Basically I didn't understand your reply:
As far as I understand it would not make any difference.???

Could you clear this out.

Thanks,
0
 
LVL 4

Expert Comment

by:goyal_251
ID: 33699473
your schema is already prepared for windows 2003 and windows 2k8 hence you can directly move for both server 2k3 and 2k8.
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33699745
Yes it's true my schema is already prepared for Win 2k8, since I used to have 2 Dc's Win 2k3 in the past, and I have migrated the primary DC from Win 2k3 to Win 2k8, I remained the secondary DC Win 2k3 since it's an old hardware Dell server.

So here is my question:
How can I move them from the old IP range 172.16.20.X to new one 172.20.10.X ??? Subnet 255.255.0.0

Only I need to change the TCP/IP properties on both DC's to the new IP range 172.20.10.X and that's it?
Are you sure?

Please advise,

Thank You Goyal 251!!!
0
 
LVL 4

Expert Comment

by:goyal_251
ID: 33700002
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33700650
Pretty simple nothing crazy to move a DC to a different site.
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33703838
Thank You dariusq for your reply...
Good to know that it's pretty simple to move a DC to a different site ;)
So Could you please tell me how? step by step 1,2,3,4...

Thanks,
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33703902
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33703916
The subnet will be at the same physical site right? If it is then you would just move the servers then run through the first link.
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33704072
Thank you Dariusq,

Here is my scenario:

The subnet is 255.255.0.0 class B.
I want to move my environment from the old IP range which is 172.16.20.X to a new IP range 172.20.10.X.
I want to separate it from the old IP 172.16.20.X for security reason, because the previous IT admin has created two separates domains environment on the same range IP, he was very smart ;)
I have one domain for the administration, and one domain for the exam purpose.

Yes I want to move the exam domain servers physically from one block to another one.

In my exam environment, I have 2 DCs primary and replica.
How can I move both DCs, the Primary (Win 2k8) and secondary (Win 2k3) from the old IP range 172.16.20.X to new one 172.20.10.X ??? Subnet 255.255.0.0

Please give your suggestion.

http://technet.microsoft.com/en-us/library/cc794722(WS.10).aspx    ????????

Thanks,



 
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 33704347
Really you wouldn't need to anything except for this link http://technet.microsoft.com/en-us/library/cc758579(WS.10).aspx

If you are just moving to another subnet without the need to create a site since you are on the same physical network the steps are as easy as change the IP address that is it. The above link is for 2003 but these are the procedure I go through for 2008 as well.

For 2008 which is the same but 2003 has you to run dcdiag /fix which I think is important.

http://technet.microsoft.com/en-us/library/cc794931(WS.10).aspx
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33704467
Thank You dariusq for your quick reply:

What about these links you gave it to me before???

http://technet.microsoft.com/en-us/library/cc794722(WS.10).aspx     Different site Win 2008
http://technet.microsoft.com/en-us/library/cc739015(WS.10).aspx     Different site Win 2003

I get confused :)
Could you please explain to me the difference between moving to a different site? and moving to a another subnet?
What is the need to create a new site? this can be found in AD sites & services...
As I remember when I installed my AD I didn't specify any site.

Yes it's true I'm changing only from one subnet to a different one...

Thanks,
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33704519
One question dariusq,

As my default gateway (Hardware firewall) is on the old IP subnet range 172.16.20.2. which is providing Internet for all school.
After moving my servers DCs to the new subnet IP range 172.20.10.X, how can I still get Internet???
can I use the second NIC on the server and configure an IP address from the old range IP which is 172.16.20.X ???
Right?

Thanks,
 
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33704749
No, you can't use a second NIC. You need a router between the two subnet to route the traffic over. Or have VLANs setup on the switch. Also, for AD to replicate you would need some type of connection between the two subnets.

You will not need to have another site since the servers will be physically located on the same site so you will not need to go through the other links I posted.
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 33706786
Thank you dariusq for the reply!

Yes, I will have a VLAN set it up in the new IP range, so no problem to take Internet connection from the old IP range.

Regarding the AD (Primary and secondary) both of them will be on the same new IP range no need for some type of connection for replication. I have a fiber optic connection between 2 blocks.
In fact, I have 'XYZ' domain for administration section which is in a different block, for the Exam I have different domain 'ABC', but for redundancy I have primary and secondary DC for 'ABC' domain, and both servers primary and secondary will be moved to the new IP range.

http://technet.microsoft.com/en-us/library/cc794931(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc758579(WS.10).aspx

I will use these links to Change the static IP address of a domain controller (primary and secondary).

Thanks,

0

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now