Solved

Change out a Primary Domain Controller with a new server

Posted on 2010-11-30
6
414 Views
Last Modified: 2012-05-10
We have a Windows domain network with 10 servers.  All servers are running Windows 2003 standard.  We have a primary domain controller and a backup domain controller.  Our primary domain controller is 8 years old and we are planning to take it offline and replace it with another server.  The new PDC will have Windows 2008 standard.  We need some type of procedure to remove the current PDC and slip the new one in.  Active directory and global policies are the primary concern and need to be somehow brought over to the new server.  Data backup is not a problem as we will use our normal backup procedure to handle that task.  

We have over 100 users on the network and cannot setup new profiles on each end user workstation.  How can we put in a new domain controller and have it be recognizable to all the PCs on the network?  We do plan to keep the local domain name the same and the server name will be identical to the one it is replacing.  Aside from those obvious things, what else needs to be done.  

Thank you.
0
Comment
Question by:PCNNY
6 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 167 total points
Comment Utility
Take a look at this question I helped with

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_26358376.html

A lot of information and good links.  Let me know what questions you have after going through that

You won' t need to setup new profiles

I would suggest that you use 2008 R2 at this point (if you can)

thanks

Mike
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 166 total points
Comment Utility
0
 
LVL 11

Assisted Solution

by:Renato Montenegro Rustice
Renato Montenegro Rustice earned 167 total points
Comment Utility
There are some misconceptions here. There is no PDC/BDC since Windows NT. Active Directory is fully replicated among all of your domain controllers.

What you have are some special roles that can reside in a domain controller. To check out where they are, make sure the Windows 2003 Support Tools are installed and type this command:

netdom query fsmo

Then:

1) Extend your schema to Windows 2008
2) DC promo your new server. At this point, your users will access your new server. There's no need to do anything else.
3) Adjust your DNS servers configuration on the client computers, if needed.
4) Transfer the roles to the new server: http://support.microsoft.com/kb/255504
5) Shut down your old server(s) and evaluate the environment
5) Decommission your old server(s). DC promo them.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
...well fully replicated unless we are talking about RODC's

You would also want to install DNS on the new box and make it a global catalog.  All explained in the links Darius and I provided.

Thanks

Mike
0
 
LVL 11

Expert Comment

by:Renato Montenegro Rustice
Comment Utility
If I understood well, he will replace the domain controller. It wont be a RODC. But I forgot to mention the Global Catalog. Thanks.
0
 

Author Closing Comment

by:PCNNY
Comment Utility
Thank you.  Great info
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Resolve DNS query failed errors for Exchange
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now