Solved

HELP!!!  Is it safe to demote my old DC Server 2003???

Posted on 2011-09-09
10
342 Views
Last Modified: 2012-05-12
Hi, I am ready to demote my old DC that use to be the primary that had all the FSMO roles on which has been moved to my new 2008 R2 DC.  However, if I look in the AD Sites & Services, the old DC that I wish to demote (dcpromo) still displays as the primary, like the other sites DC's are pointing to the old DC as the replicating aspect, but it is set as automatically, which I assume Microsoft created it.

OLD DC to demote: Server 2003

My question or concerns, is it OK to demote (dcpromo) the old DC 2003 Server and will Microsoft recreate the replication links in AD SItes & Services to reflect the new 2008 R2 DC in its place since it now holds all the FSMO roles of the forest/domain?  This new DC has been in place for several months, so everything should be good there.

I just wanted to make sure and get a second, third, fourth opinions before proceeding with this demotion.

Thanks for your time and advice in advance.
0
Comment
Question by:rsnellman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 450 total points
ID: 36514780
Yes set to automatic means the KCC created the connection objects, the KCC runs every 15 minutes and will recreate them when the DC is gone.

I like Mark's short blog on it  http://blogs.technet.com/b/markmoro/archive/2011/08/05/you-are-not-smarter-than-the-kcc.aspx

Make sure your new DC is also a global catalog server.    Is the old box a DNS server, guessing yes, make sure the new box has DNS on it if you are running DNS on your DCs and make sure clients are not pointing to the old box for DNS.

Thanks

Mike
0
 
LVL 9

Assisted Solution

by:bill_lynch
bill_lynch earned 50 total points
ID: 36514790
Also you may need to update DHCP with the new DNS address.
0
 

Author Comment

by:rsnellman
ID: 36514828
Forgot to ask one other thing about demoting my old DC.  How much system drive space does it require to demote a DC?  Reason I ask is I am very limited on C: (system drive) space, like about 500MB.  I am just wondering if it may require more than that to do the demotion successfully.

I have the pagefile.sys on another partition so I am good there.

Thanks again.
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:rsnellman
ID: 36514838
Yes, it the new DC is a GC & yes AD integrated DNS is running on all my DC's.  Also, I have verified that no other PC's are pointing to this old DC as a primary DNS server.


Yes, the DHCP server has been updated reflecting the new DC's IP as the DNS server.


Just want to double check before proceeding.  Would hate to miss something and blow something up.

Thanks.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36514841
AD will be removed so ntds.dit and associated files which will free up space if that is on your C drive.
0
 

Author Comment

by:rsnellman
ID: 36514844
Oh, one last thing.  I noticed this doing a recent demotion of another DC, which was a Server 2003 x64 machine.

When I performed the dcpromo, I received an error when trying or more like a warning.  It demoted the server after the second try, but found out that I needed to have NETLOGON service turned off and or not having the DC being demoted pointing to itself for DNS.

Is this correct?  Should I have each DC pointing to itself for DNS, since it they are running DNS servers?

Just curious.
0
 

Author Comment

by:rsnellman
ID: 36514855
mkline71,
Thanks for the link.  You are right, that was an great article.  Very precise & to the point...and had pictures.  Awesome.  That gives me confidence that I am doing it correctly.

Thanks.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36514875
If it is pointing to itself that is fine but it doesn't have to point to itself prior to demotion.

Thanks

Mike
0
 

Author Comment

by:rsnellman
ID: 36516340
Where do you point your DC's DNS?  To itself or another DNS server on your domain?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36516824
I point to another for primary and itself for secondary, the AD team also addressed that here

http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest

Thanks

Mike
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question