Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

FSMO roles to transfer to first 2008 Domain Controller in 2003 domain.

Posted on 2010-11-17
11
Medium Priority
?
442 Views
Last Modified: 2012-05-10
After running adprep /forestprep and /domainprep, and dcpromo on first 2008 domain controller, which FSMO roles should be transferred to the first 2008 domain controller?
0
Comment
Question by:Anthony Graczyk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +2
11 Comments
 
LVL 23

Expert Comment

by:jakethecatuk
ID: 34155277
I'm guessing you're looking at dropping the 2003 ad servers...all of them including schema.  don't forget to make it a GC as well
0
 
LVL 70

Expert Comment

by:KCTS
ID: 34155298
Ideally ALL of them
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 34155323
For right now, the only recommended one is the PDC.

http://technet.microsoft.com/en-us/library/cc731188(WS.10).aspx
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34155773
I would have to agree all should be going to the new Windows 2008 DC.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_23665224.html
0
 

Author Comment

by:Anthony Graczyk
ID: 34155885
Additional info:

This is an empty forest root with one child domain.  The first 2008 domain controller will be added to the child domain.  This will be the only 2008 domain controller in the 2003 domain for at least a few months.  There are 3 2003 domain controllers hosting FSMO roles currently.

Just wanted to know if I need to move any of the FSMO roles from the 2003 domain controllers to the first 2008 domain controller.

Thanks.
0
 
LVL 23

Expert Comment

by:jakethecatuk
ID: 34155911
OK - recommendation still stands.

Benefit of moving to 2008 is
(a) newer machine and less likely to fail
(b) newer OS - potentially more stable
0
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 1000 total points
ID: 34155924
Hey mranth,

Check out that link I posted. It is a little long but details exactly what you will be doing in the next three months. KCTS is right that is makes the most sense to move all of them. The only benefit comes in moving the PDC though.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 34155928
From a performance view (assuming your 2003 domains are very stable).
0
 
LVL 23

Expert Comment

by:jakethecatuk
ID: 34155942
stating the obvious...make sure you run DCDIAG /E before you move anything to make sure your AD is clean and stable.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34155990
Very true make sure you run a dcdiag
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question