We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Transfer FMSO Roles from 03 DC to 08 DC

MECIT
MECIT asked
on
Medium Priority
529 Views
Last Modified: 2012-06-27

This question is based off the following link:

https://www.experts-exchange.com/Networking/Protocols/DNS/Q_26970365.html

I am ready to transfer the FSMO Roles.

1. Am I needing to migrate anything from the 03DC to 08 DC.

2. When I transfer the roles am I doing this on the 03 DC.

3.  Users with the old 03 DC ip  for their primary dns will now need to be changed to the 08 DC ip.  Would I need to do this before the roles are transferred or after?
Comment
Watch Question

1. Not if you are only transfering the FSMOs.

2. From any DC. If that is not the target DC, connect to it. Good link: http://www.petri.co.il/transferring_fsmo_roles.htm

3. No
Adam BrownSenior Systems Admin
CERTIFIED EXPERT
Top Expert 2010

Commented:
Most information on a Domain Controller will be automatically migrated for you when you promote the 2008 server. DNS is typically integrated into AD and replicated to the new server when it goes online as a DC. DHCP is probably the only thing you would want to migrate if you are removing the 2003 server from operation, assuming you use it for DHCP.

You can change the FSMO roles from any server that has AD MMC Snapins available to it.

You can change the DNS servers that the computers are point to at any time during the process. Probably best to do this when setting up the new DHCP server on the 2008 server.
Senior Cloud Infrastructure Engineer
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
my current setup
DC1 -physical 03 server
DC2- vm 03 server
DC3-vm 08 server
DHCP1- vm 03 server

I created DC3 to be able to take over the roles from DC1. I will be taking DC1 offline.
Do I have to move over the DHCP database if it is currently residing on DHCP1.

Would it be a good idea to create another vm 08 server for have DHCP2 and decommission the DHCP1.

So when I no longer have any servers with 2003 I can raise the Function level. What does this do when I raise it to 2008 and what would it do if I still had some 2003 servers?
JamesSenior Cloud Infrastructure Engineer
CERTIFIED EXPERT

Commented:
Yes, you can move the DHCP database and also if you raise the Forest and Domain Funional Levels when you still have 2003 Servers they will become inoperable.

As I've stated in my previous comment.

Also, for the Windows Server 2008 DC, you can add the DNS Role and this will replicate with the 2003 DC. With regard to DHCP you can move the DHCP Database to the Windows Server 2008 DC and then configure the scope option to make the neccessary ip changes. I have provide a link below that will explain how to move the DHCP Database. This link will explain how to move the database from Server 2003 to Server 2008.

http://blogs.technet.com/b/networking/archive/2008/06/27/steps-to-move-a-dhcp-database-from-a-windows-server-2003-or-2008-to-another-windows-server-2008-machine.aspx

One important thing to note is, do not raise the Forest or Domain Functional Levels until your current infrastructure is at 2008 Level. If you raise the Forest and Domain Functional Level while there is 2003 Servers on your network there is no reverse, so bear this in mind.


Author

Commented:
DNS is repliclicating with all DC servers..

Do I need to move my DHCP from my DHCP1 to DC3 or can I leave the way it is on seperate servers?
I know I will upgrade DHCP1 to server 08 but sometime down the road.
JamesSenior Cloud Infrastructure Engineer
CERTIFIED EXPERT

Commented:
You can leave it for the time being and then move it before you do the upgrade.

Author

Commented:
When trying to change operations Masters for infrastructure from DC1 to DC3 I get a warning

"DC3 is a global catalog server. the infrastructure operations master should not be transferred to a GC server.

Are you certain you want to transfer the infrastructure operations master role to this GC server?"

Do I choose yes and if so why does it tell me not to?
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
JamesSenior Cloud Infrastructure Engineer
CERTIFIED EXPERT

Commented:
@ MECIT, make sure all DCs are Global Catalog Server.
JamesSenior Cloud Infrastructure Engineer
CERTIFIED EXPERT

Commented:
The Infrastructure Master Roles is responsible for updating Active Directory and it does this by way of the Global Catalog. This is why Infrastructure Master Role cannot reside on Domain Controller that is a Global Catalog Server unless you make all DCs Global Catalog Servers.

Author

Commented:
I went to AD sites and Services. I expanded the servers folder.
I see DC1,DC2,DC3 but I also see our exchange server.
I selected each server and r-clicked the NTDS Settings and went to properties.
All three DC servers have global Catalog checked.

Since they are all GC servers I can now trasfer the IM role to DC3 from DC1.

Also, why does it show exchange there and do I have to do anything on that server before make the change

is it ok for one server to have all the FSMO roles or should each of them have a role.
JamesSenior Cloud Infrastructure Engineer
CERTIFIED EXPERT

Commented:
The fact that all 3 DCs are Global Catalog Servers is ok. Like I said in my previous comment:

The Infrastructure Master Roles is responsible for updating Active Directory and it does this by way of the Global Catalog. This is why Infrastructure Master Role cannot reside on Domain Controller that is a Global Catalog Server unless you make all DCs Global Catalog Servers.

Exchange Servers are suppose to show up in Active Directory Sites and Services. Your Exchange Server does not have any NTDS settings so it will not try to replicate. It is there as a service.

Yes, it is ok to have to all FSMO Roles on one DC provided the DC is not  under a heavy work load. If the DC is under a heavy work load you should look at moving the Roles. Refer to the link below and this should help explain things more clearly.

http://support.microsoft.com/kb/223346


Regards,

JBond2010

Author

Commented:
All roles have been transferred to DC3.
How do I decommission DC1 and remove from domain?
Adam BrownSenior Systems Admin
CERTIFIED EXPERT
Top Expert 2010
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
We are going to hold off on demoting DC1 for now since we ran into a situation where a physical DNS box was needed this weekend .

Thank you for your help and when it is time to demote I will follow your advice
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.