Solved

Upgrade Win2003 Domain Controller to new hardware platform and upgrade to 2008 R2 at the same time. I am looking for advice on the best method.

Posted on 2010-09-13
12
312 Views
Last Modified: 2012-05-10
We have 6 or 7 other member servers in the domain and backup domain controllers and about 300 users on the system. We would appreciate some advice on the best method for doing this migration as painlessly as possible.
0
Comment
Question by:tcn_ltd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 250 total points
ID: 33667533
Your best bet is to simply install 2008R2 on the new hardware, the process is as follows:


First you need to Adprep your 2003 Domain by running
adprep32 /forestprep    and
adprep32 /domainprep   and
adprep32 /gpprep

from the 2008 DVD on the Windows 2003 DC  - adprep32 is in the SOURCES folder on the DVD.

Next install 2008 server on the new machine. You need to assign the 2008 new computer an IP address and subnet mask on the existing network. Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new 2008 machine to the existing domain as a member server

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line Select "Additional Domain Controller in an existing Domain"

Once Active Directory is installed then check that the new machine a global catalog server (it should be as its now the default for 2008) go to Administrative Tools, Active Directory Sites and Services, Expand, Sites, Default first site and Servers. Right click on the new server and select properties and tick the"Global Catalog" checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

If necessary install DNS on the new server. Assuming that you were using Active Directory Integrated DNS on the first Domain Controller, DNS will automatically replicate to the new domain controller along with Active Directory. Set up forwarders as detailed at http://www.petri.co.il/configure_dns_forwarding.htm

You must transfer the FSMO roles to the 2008 machine then the process is as outlined at http://www.petri.co.il/transferring_fsmo_roles.htm

You then need to install DHCP on the new 2008 server (if used) and set up a scope, activate it and authorize the server.

Change all of the clients (and the new 2008 DC itself), to point to the 2008 DC for their preferred DNS server this may be in DHCP options or the TCP/IP settings.

You can then transfer any data to the new server

Before removing the old DC from the domain, run DCPROMO on it to remove Active Directory.

0
 

Author Comment

by:tcn_ltd
ID: 33667581
Thanks KCTS: for the prompt and detailed reply.
I was hoping to avoid having to change all of the clients DNS settings. Is there any way of transfering the   IP address to the new server?
0
 
LVL 4

Expert Comment

by:sire_harvey
ID: 33667753
As KCTS advised: Change all of the clients (and the new 2008 DC itself), to point to the 2008 DC for their preferred DNS server this may be in DHCP options or the TCP/IP settings.

So change the preferred DNS Server in the DHCP Options in on the 2008 Server. Client machines using the Scope set up on the 2008 DHCP server will use the DNS server configured in that scope.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:tcn_ltd
ID: 33668251
Since there are several BDCs  running 2003 AD what would need to be done to upgrade their schema to 2008? Also, how can we retain the same machine name on 2008 that was used for the 2003 PDC?

0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 250 total points
ID: 33668634
The schema is a one time upgrade, it is shared by all the DCs so running it once is all you need.  In order for the 2008 box to have the same name as the old PDCe you have to change the name of the PDCe box first.   You don't have a huge domain so that can be done overnight or over a weekend.   You can change its name then restart netlogon to register its DNS records again.

You can then use the old name on the 2008 box.

Thanks

Mike
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33672578
To use the old Domain Controller's name you need to take a couple of steps. First you need to demote the old server. Go into DNS delete all DNS records for this DC.

Change the IP address to the old DC's IP on the new DC. I still like to go through the 2003 link.

http://technet.microsoft.com/en-us/library/cc794931(WS.10).aspx

http://technet.microsoft.com/en-us/library/cc758579(WS.10).aspx

You can then change the name of the current DC by going through this link

http://www.petri.co.il/rename-windows-server-2008-domain-controllers.htm
0
 

Author Comment

by:tcn_ltd
ID: 33682112
mkline71 Do we not need to install anything on the 2003 BDC to allow them to accept the 2008 schema?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33682285
No as long as you have ran adprep /forestprep on your schema master and adprep /domainprep on your infrastructure master then this will replicate the schema update to the rest of your 2003 DCs.
0
 

Author Comment

by:tcn_ltd
ID: 34030287
ok thanks for everyone's help
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34689984
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question