Solved

HELP!!!  Is it safe to demote my old DC Server 2003???

Posted on 2011-09-09
10
340 Views
Last Modified: 2012-05-12
Hi, I am ready to demote my old DC that use to be the primary that had all the FSMO roles on which has been moved to my new 2008 R2 DC.  However, if I look in the AD Sites & Services, the old DC that I wish to demote (dcpromo) still displays as the primary, like the other sites DC's are pointing to the old DC as the replicating aspect, but it is set as automatically, which I assume Microsoft created it.

OLD DC to demote: Server 2003

My question or concerns, is it OK to demote (dcpromo) the old DC 2003 Server and will Microsoft recreate the replication links in AD SItes & Services to reflect the new 2008 R2 DC in its place since it now holds all the FSMO roles of the forest/domain?  This new DC has been in place for several months, so everything should be good there.

I just wanted to make sure and get a second, third, fourth opinions before proceeding with this demotion.

Thanks for your time and advice in advance.
0
Comment
Question by:rsnellman
  • 5
  • 4
10 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 450 total points
ID: 36514780
Yes set to automatic means the KCC created the connection objects, the KCC runs every 15 minutes and will recreate them when the DC is gone.

I like Mark's short blog on it  http://blogs.technet.com/b/markmoro/archive/2011/08/05/you-are-not-smarter-than-the-kcc.aspx

Make sure your new DC is also a global catalog server.    Is the old box a DNS server, guessing yes, make sure the new box has DNS on it if you are running DNS on your DCs and make sure clients are not pointing to the old box for DNS.

Thanks

Mike
0
 
LVL 9

Assisted Solution

by:bill_lynch
bill_lynch earned 50 total points
ID: 36514790
Also you may need to update DHCP with the new DNS address.
0
 

Author Comment

by:rsnellman
ID: 36514828
Forgot to ask one other thing about demoting my old DC.  How much system drive space does it require to demote a DC?  Reason I ask is I am very limited on C: (system drive) space, like about 500MB.  I am just wondering if it may require more than that to do the demotion successfully.

I have the pagefile.sys on another partition so I am good there.

Thanks again.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:rsnellman
ID: 36514838
Yes, it the new DC is a GC & yes AD integrated DNS is running on all my DC's.  Also, I have verified that no other PC's are pointing to this old DC as a primary DNS server.


Yes, the DHCP server has been updated reflecting the new DC's IP as the DNS server.


Just want to double check before proceeding.  Would hate to miss something and blow something up.

Thanks.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36514841
AD will be removed so ntds.dit and associated files which will free up space if that is on your C drive.
0
 

Author Comment

by:rsnellman
ID: 36514844
Oh, one last thing.  I noticed this doing a recent demotion of another DC, which was a Server 2003 x64 machine.

When I performed the dcpromo, I received an error when trying or more like a warning.  It demoted the server after the second try, but found out that I needed to have NETLOGON service turned off and or not having the DC being demoted pointing to itself for DNS.

Is this correct?  Should I have each DC pointing to itself for DNS, since it they are running DNS servers?

Just curious.
0
 

Author Comment

by:rsnellman
ID: 36514855
mkline71,
Thanks for the link.  You are right, that was an great article.  Very precise & to the point...and had pictures.  Awesome.  That gives me confidence that I am doing it correctly.

Thanks.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36514875
If it is pointing to itself that is fine but it doesn't have to point to itself prior to demotion.

Thanks

Mike
0
 

Author Comment

by:rsnellman
ID: 36516340
Where do you point your DC's DNS?  To itself or another DNS server on your domain?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36516824
I point to another for primary and itself for secondary, the AD team also addressed that here

http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest

Thanks

Mike
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question