Solved

Introducing a new PDC

Posted on 2011-09-23
3
303 Views
Last Modified: 2012-05-12
Hi

Currently:

Windows Server 2003 R2 - PDC, File, DHCP, DNS
Windows Server 2003 R2 - Exchange 2003 SP2, SQL
Windows Server 2008 R2 - WSUS

The PDC is dying and we are not hopeful it will come back up after a mandatory shutdown (prolonged power cut in a few days).

Have got a new DL360 G7 Server to get in as the new PDC, the other can be relegated as BDC or something non-critical until we can properly ascertain health.

Anything I need to look out for, or any nice guides in how to do it so I dont miss anything out? Another thing I am worried about it replication time - all going well, I will have a max of around 15hrs of both servers being up before the power cut hits.

I'm guessing its something like (will look up actual commands)

Upgrade forest schema etc
dcpromo to DC
Transfer roles
Set up DNS/DHCP
Copy File Share folder
Amend Netlogon scripts
Repoint other random small apps they have

Missed anything?
0
Comment
Question by:hongedit
  • 2
3 Comments
 
LVL 4

Expert Comment

by:mustang83
ID: 36586508
Thats pretty much it.

Only need to upgrade forest schema if you are going to put in a 2008 dc or 2008 R2 dc. You will also need to upgrade domain schema as well.

Replication wont take long and is done during the dcpromo stage. Obviously dependant on how many objects you have in the dc ldap database. Ive never personally seen a dcpromo take longer than an hour. DCPROMO will also install a active directory zone dns server.

Once you have the two domain controllers. Transfer the FSMO roles to the new domain controller and make it a global catalog server.

Setup DHCP on the new server and turn off dhcp on old server.

You wont need to worry about dns as dcpromo will do that for you. I would then change the dhcp settings so your workstations use this server as their primary dns and the old server as a secondary dns.

Use robocopy to transfer the shares as this will copy them will file permissions etc.

Amend anything that points to the old server.

here is a useful document which highlights the above.

http://www.netometer.com/video/tutorials/windows-dc-2008-add-upgrade/

0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36586524
First, transfer necessary FSMO roles from dying DC to the new one. How to do that you can find on my blog at http://kpytko.wordpress.com Look there for post transferring fsmo roles

After that you need to advertise this new PDC in your forest. I will post an extract from one good blog wit link for reference a little bit later. It's inconvenient to post links from mobile :)

Regards,
Krzysztof
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 36586738
OK, found it :) Please follow with these hints when you transfer your PDC Emulator role to another DC

[...]- after transfer of the PDCEmulator role, configure the NEW PDCEmulator to an external timesource and reconfigure the old PDCEmulator to use the domainhierarchie now. Therefore run on the NEW "w32tm /config /manualpeerlist:PEERS /syncfromflags:manual /reliable:yes /update" where PEERS will be filled with the ip address or server(time.windows.com) and on the OLD one run "w32tm /config /syncfromflags:domhier /reliable:no /update" and stop/start the time service on the old one. All commands run in an elevated command prompt without the quotes. [...]

it's an extract from Meinolf Weber's blog. You may wish to read whole post about introducing the first 2008/2008R2 DC in 2003 environment

or follow with my post on my blog at
http://kpytko.wordpress.com/2011/08/25/adding-first-windows-server-2008-r2-domain-controller-within-windows-2003-network/

Krzysztof
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question