• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 315
  • Last Modified:

Introducing a new PDC



Windows Server 2003 R2 - PDC, File, DHCP, DNS
Windows Server 2003 R2 - Exchange 2003 SP2, SQL
Windows Server 2008 R2 - WSUS

The PDC is dying and we are not hopeful it will come back up after a mandatory shutdown (prolonged power cut in a few days).

Have got a new DL360 G7 Server to get in as the new PDC, the other can be relegated as BDC or something non-critical until we can properly ascertain health.

Anything I need to look out for, or any nice guides in how to do it so I dont miss anything out? Another thing I am worried about it replication time - all going well, I will have a max of around 15hrs of both servers being up before the power cut hits.

I'm guessing its something like (will look up actual commands)

Upgrade forest schema etc
dcpromo to DC
Transfer roles
Copy File Share folder
Amend Netlogon scripts
Repoint other random small apps they have

Missed anything?
  • 2
1 Solution
Thats pretty much it.

Only need to upgrade forest schema if you are going to put in a 2008 dc or 2008 R2 dc. You will also need to upgrade domain schema as well.

Replication wont take long and is done during the dcpromo stage. Obviously dependant on how many objects you have in the dc ldap database. Ive never personally seen a dcpromo take longer than an hour. DCPROMO will also install a active directory zone dns server.

Once you have the two domain controllers. Transfer the FSMO roles to the new domain controller and make it a global catalog server.

Setup DHCP on the new server and turn off dhcp on old server.

You wont need to worry about dns as dcpromo will do that for you. I would then change the dhcp settings so your workstations use this server as their primary dns and the old server as a secondary dns.

Use robocopy to transfer the shares as this will copy them will file permissions etc.

Amend anything that points to the old server.

here is a useful document which highlights the above.


Krzysztof PytkoSenior Active Directory EngineerCommented:
First, transfer necessary FSMO roles from dying DC to the new one. How to do that you can find on my blog at http://kpytko.wordpress.com Look there for post transferring fsmo roles

After that you need to advertise this new PDC in your forest. I will post an extract from one good blog wit link for reference a little bit later. It's inconvenient to post links from mobile :)

Krzysztof PytkoSenior Active Directory EngineerCommented:
OK, found it :) Please follow with these hints when you transfer your PDC Emulator role to another DC

[...]- after transfer of the PDCEmulator role, configure the NEW PDCEmulator to an external timesource and reconfigure the old PDCEmulator to use the domainhierarchie now. Therefore run on the NEW "w32tm /config /manualpeerlist:PEERS /syncfromflags:manual /reliable:yes /update" where PEERS will be filled with the ip address or server(time.windows.com) and on the OLD one run "w32tm /config /syncfromflags:domhier /reliable:no /update" and stop/start the time service on the old one. All commands run in an elevated command prompt without the quotes. [...]

it's an extract from Meinolf Weber's blog. You may wish to read whole post about introducing the first 2008/2008R2 DC in 2003 environment

or follow with my post on my blog at

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now