?
Solved

Transfer FMSO Roles from 03 DC to 08 DC

Posted on 2011-04-26
16
Medium Priority
?
511 Views
Last Modified: 2012-06-27

This question is based off the following link:

http://www.experts-exchange.com/Networking/Protocols/DNS/Q_26970365.html

I am ready to transfer the FSMO Roles.

1. Am I needing to migrate anything from the 03DC to 08 DC.

2. When I transfer the roles am I doing this on the 03 DC.

3.  Users with the old 03 DC ip  for their primary dns will now need to be changed to the 08 DC ip.  Would I need to do this before the roles are transferred or after?
0
Comment
Question by:MECIT
  • 6
  • 6
  • 2
  • +1
16 Comments
 
LVL 21

Expert Comment

by:snusgubben
ID: 35470861
1. Not if you are only transfering the FSMOs.

2. From any DC. If that is not the target DC, connect to it. Good link: http://www.petri.co.il/transferring_fsmo_roles.htm

3. No
0
 
LVL 44

Expert Comment

by:Adam Brown
ID: 35471219
Most information on a Domain Controller will be automatically migrated for you when you promote the 2008 server. DNS is typically integrated into AD and replicated to the new server when it goes online as a DC. DHCP is probably the only thing you would want to migrate if you are removing the 2003 server from operation, assuming you use it for DHCP.

You can change the FSMO roles from any server that has AD MMC Snapins available to it.

You can change the DNS servers that the computers are point to at any time during the process. Probably best to do this when setting up the new DHCP server on the 2008 server.
0
 
LVL 15

Accepted Solution

by:
JBond2010 earned 668 total points
ID: 35471543
You know which DC or DCs hold the 5 FSMO Roles? I have provided a link below explaining how to transfer the the Roles. To transfer the Schema Master Role you will have to register the Schmmgmt.dll file. This will be explained in the link below.

http://support.microsoft.com/kb/324801

Also, for the Windows Server 2008 DC, you can add the DNS Role and this will replicate with the 2003 DC. With regard to DHCP you can move the DHCP Database to the Windows Server 2008 DC and then configure the scope option to make the neccessary ip changes. I have provide a link below that will explain how to move the DHCP Database. This link will explain how to move the database from Server 2003 to Server 2008.

http://blogs.technet.com/b/networking/archive/2008/06/27/steps-to-move-a-dhcp-database-from-a-windows-server-2003-or-2008-to-another-windows-server-2008-machine.aspx

One important thing to note is, do not raise the Forest or Domain Functional Levels until your current infrastructure is at 2008 Level. If you raise the Forest and Domain Functional Level while there is 2003 Servers on your network there is no reverse, so bear this in mind.



0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:MECIT
ID: 35482919
my current setup
DC1 -physical 03 server
DC2- vm 03 server
DC3-vm 08 server
DHCP1- vm 03 server

I created DC3 to be able to take over the roles from DC1. I will be taking DC1 offline.
Do I have to move over the DHCP database if it is currently residing on DHCP1.

Would it be a good idea to create another vm 08 server for have DHCP2 and decommission the DHCP1.

So when I no longer have any servers with 2003 I can raise the Function level. What does this do when I raise it to 2008 and what would it do if I still had some 2003 servers?
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 35482987
Yes, you can move the DHCP database and also if you raise the Forest and Domain Funional Levels when you still have 2003 Servers they will become inoperable.

As I've stated in my previous comment.

Also, for the Windows Server 2008 DC, you can add the DNS Role and this will replicate with the 2003 DC. With regard to DHCP you can move the DHCP Database to the Windows Server 2008 DC and then configure the scope option to make the neccessary ip changes. I have provide a link below that will explain how to move the DHCP Database. This link will explain how to move the database from Server 2003 to Server 2008.

http://blogs.technet.com/b/networking/archive/2008/06/27/steps-to-move-a-dhcp-database-from-a-windows-server-2003-or-2008-to-another-windows-server-2008-machine.aspx

One important thing to note is, do not raise the Forest or Domain Functional Levels until your current infrastructure is at 2008 Level. If you raise the Forest and Domain Functional Level while there is 2003 Servers on your network there is no reverse, so bear this in mind.


0
 

Author Comment

by:MECIT
ID: 35483039
DNS is repliclicating with all DC servers..

Do I need to move my DHCP from my DHCP1 to DC3 or can I leave the way it is on seperate servers?
I know I will upgrade DHCP1 to server 08 but sometime down the road.
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 35483149
You can leave it for the time being and then move it before you do the upgrade.
0
 

Author Comment

by:MECIT
ID: 35483359
When trying to change operations Masters for infrastructure from DC1 to DC3 I get a warning

"DC3 is a global catalog server. the infrastructure operations master should not be transferred to a GC server.

Are you certain you want to transfer the infrastructure operations master role to this GC server?"

Do I choose yes and if so why does it tell me not to?
0
 
LVL 21

Assisted Solution

by:snusgubben
snusgubben earned 668 total points
ID: 35483668
The infrastructure master (IM) should not be on a DC holding a Global Catalog (GC) is the rule of thumb.

*If* the IM is on a DC which is also a GC, *all* DCs in the domain must be a GC.

The best thing is to make all DCs a GC, unless you have sites with very little bandwidth.
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 35483763
@ MECIT, make sure all DCs are Global Catalog Server.
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 35483787
The Infrastructure Master Roles is responsible for updating Active Directory and it does this by way of the Global Catalog. This is why Infrastructure Master Role cannot reside on Domain Controller that is a Global Catalog Server unless you make all DCs Global Catalog Servers.
0
 

Author Comment

by:MECIT
ID: 35486696
I went to AD sites and Services. I expanded the servers folder.
I see DC1,DC2,DC3 but I also see our exchange server.
I selected each server and r-clicked the NTDS Settings and went to properties.
All three DC servers have global Catalog checked.

Since they are all GC servers I can now trasfer the IM role to DC3 from DC1.

Also, why does it show exchange there and do I have to do anything on that server before make the change

is it ok for one server to have all the FSMO roles or should each of them have a role.
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 35487091
The fact that all 3 DCs are Global Catalog Servers is ok. Like I said in my previous comment:

The Infrastructure Master Roles is responsible for updating Active Directory and it does this by way of the Global Catalog. This is why Infrastructure Master Role cannot reside on Domain Controller that is a Global Catalog Server unless you make all DCs Global Catalog Servers.

Exchange Servers are suppose to show up in Active Directory Sites and Services. Your Exchange Server does not have any NTDS settings so it will not try to replicate. It is there as a service.

Yes, it is ok to have to all FSMO Roles on one DC provided the DC is not  under a heavy work load. If the DC is under a heavy work load you should look at moving the Roles. Refer to the link below and this should help explain things more clearly.

http://support.microsoft.com/kb/223346


Regards,

JBond2010
0
 

Author Comment

by:MECIT
ID: 35491160
All roles have been transferred to DC3.
How do I decommission DC1 and remove from domain?
0
 
LVL 44

Assisted Solution

by:Adam Brown
Adam Brown earned 664 total points
ID: 35491273
Run DCPromo on DC1, this will allow you to demote the server. When that's done, run a metadata cleanup (just to be sure everything is gone). http://technet.microsoft.com/en-us/library/cc736378%28WS.10%29.aspx
0
 

Author Comment

by:MECIT
ID: 35504813
We are going to hold off on demoting DC1 for now since we ran into a situation where a physical DNS box was needed this weekend .

Thank you for your help and when it is time to demote I will follow your advice
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question