I need to replace two aging DCs in a subdomain of my AD forest with two new DCs using the same names and IP addresses of the originals. All the DCs are running server 2003 and the domain functional level is windows server 2003.
I've read plenty on the process of renaming a DC, but is there anything to watch out for when renaming a DC using the name of a DC that was just demoted?
Here is the setup and plan so far....
The existing DCs are DC1 and DC2. DC1 has the RID, PDC, and infrastructure ops FSMO roles as well as DNS, DHCP, and WINS. DC2 has the global catalog, DNS, and WINS. The new DCs are DC1new and DC2new which are already joined to the domain and have been promoted.
To replace DC1 with DC1new
1.) Export WINS database from DC1 as backup. After the rename, if I add DC2 as a WINS replication partner it should replicate the DB so I don’t need to import it manually?
2.) Export DHCP database from DC1 using “netsh dhcp server export c:\dhcp.txt all”
3.) Move RID, PDC, and Infrastructure ops manager roles to DC1new using ADUC and the properties tab of the domain
4.) Verify replication is working. What is the best way to do this? Repadmin? Dcdiag?
5.) Disable DHCP on DC1
6.) Demote DC1 to member server, remove it from domain and turn it off. Do I also need to delete it from AD sites and services? Any other tricks to demotion?
7.) Change IP address on DC1new to the IP of the old DC1
8.) Rename DC1new to DC1 using the netdom steps found here http://www.petri.co.il/windows_2003_domain_controller_rename.htm
9.) Rename sysvol member object
10.) Import the DHCP database on the new DC1. Since the IP is staying the same is there anything else to this step?
11.) Setup WINS replication with DC2 (see step 1)
For renaming DC2new to DC2 I was going to follow the same plan with the exception of the DHCP steps since it isn’t running on DC2 and since the only FMSO role is global catalog, just use AD sites and services to enable the global catalog.
A final question about AD sites and services. At the moment, the NTDS settings for DC1 and DC2 are slightly different. DC1 only shows an auto generated connection to DC1new and DC2new. DC2 has an auto generated connection to DC1new, DC2new, ForestDC1, and then two manually created connections to the two DCs in another subdomain. DC1new and DC2new show auto generated connections to DC1 and DC2. What will I need to create manually and what will be auto generated once all this madness is done? At which point during my 12 steps listed above do I need to mess with these settings?