Solved

Demoting a 2003 Domain Controller and How Sites Are Affected

Posted on 2011-02-28
4
289 Views
Last Modified: 2012-08-13
Adding and removing a new domain controller and have a question about any additional steps I need to take, beyond the standard ones.

The situation is a network with two AD sites.  Each site originally had one domain controller.  At one site, we are adding a 2008 R2 DC, and removing the old 2003 DC.

Poking around in Active Directory Sites and Services, I notice that there are replication links set up between the original two servers, and the old server and new server on the same site (but not between new server and old server on the different site).  Do I need to do anything here (New Active Directory Connection)?  I'm assuming so, since I'd like to shut off the old DC first, to test that nothing breaks.  Looking at how things are now, there will be no replication if I do this.  

Moving the FSMO roles won't be necessary, since those are on the lone DC at the other site.  I've done (I believe) all of the dcdiag/netdiag testing, to test communication between Domain Controllers, and that all seems good.  
0
Comment
Question by:netperf
  • 2
4 Comments
 
LVL 27

Accepted Solution

by:
KenMcF earned 500 total points
ID: 34998012
As long as you did not create any manaual links they should be recreated automatically.  If you go into S&S under the server object and NTDS settings, it should say <auotmatically genterated> for the name.  When the old DC is demoted the KCC will rebuild all auto genterated links.
0
 
LVL 1

Expert Comment

by:sukhijavikas
ID: 34998077
Some times while removing the dc meta data remaains , so you have to use ntds util to remove meta data ..from AD.
0
 

Author Comment

by:netperf
ID: 34999840
So if I wanted to shut the old DC down for a couple days as a test, I should go and create those manually, since it won't recreate them until I demote it?
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 35000016
No, Do not create the links manually. Let the KCC handle all the links. You can shut the DC down then either wait for the KCC to run and rebuild the links or run "Check Replication Topology" in sites and services.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question