Solved

2003 AD to 2008 R2 AD upgrade

Posted on 2011-09-27
4
254 Views
Last Modified: 2012-08-13
HI Experts,
I would like to be proactive the upgrde from AD 2003 to 2008 R2. I have currently 3 2003 ADs and 4 2008 R2 ADs and eventually AD 2003 will be demoted. One of 2008 AD has a FSMO roles. I am going to demote those 2003 ADs but I don't have anything broken. Is there any thing that I have to concern? Any suggestions when I demote the last 2003 AD which had a FSMO roles before?
Thanks in advance.
0
Comment
Question by:Ksean
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 83 total points
ID: 36712626
Looks like you have the steps down but for anyone else.  Yes you need to prep your forest/domains, more details and step by step in the links below



High level steps:

prep your forest for 2008 R2 (adprep32 if current boxes are 32 bit)
install the 2008 R2 member server (you all have done this already)
use dcpromo to promote the box
make the box a global catalog (does it by default in the 2008 dcpromo process)
if you have DNS on your 2003 box install it on the 2008 box
At that point you have a fully functional 2008 DC
Transfer FSMO roles to 2008 box
Point clients (static and DHCP) to the new box for DNS services.
once all your 2003 DCs are demoted you can raise the functional level.

There is a lot of great info on this subject already so I won't rewrite the book.  

The official Microsoft document

·     http://www.microsoft.com/downloads/details.aspx?familyid=FA629DE2-F4DD-47AC-8D80-3DB46B2877A2&displaylang=en

 

I also really like two blog entries by MVPs on the upgrade.  One is from Meinolf the other from Sander.  

·     http://msmvps.com/blogs/mweber/archive/2010/02/10/upgrading-an-active-directory-domain-from-windows-server-2003-to-windows-server-2008-or-windows-server-2008-r2.aspx



·     http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2010/05/26/transitioning-your-active-directory-to-windows-server-2008-r2.aspx

Thanks

Mike
0
 
LVL 10

Assisted Solution

by:abhijitwaikar
abhijitwaikar earned 83 total points
ID: 36714127
Is there any thing that I have to concern? Any suggestions when I demote the last 2003 AD which had a FSMO roles before?

I suggest you to run DCDIAG, NETDIAG and REPADMIN test on 2003 DC to confirm the everything is in place, If there are any error then you need to fix them before demoting the 2003.


Other things are make sure that the Global Catalog is available on 2008R2 DC, Make your 2008R2 PDC role owner DC as a authoritative time server.
http://technet.microsoft.com/en-us/library/cc728188(WS.10).aspx
http://support.microsoft.com/kb/816042
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 84 total points
ID: 36714330
It seems you have already win2008 R2 DC in the environment ,if this is the case you need not require to prepare the forest again.

Before you proceed with demotion check the health of DC.Ran belwo commands.
Ran repadmin /replsum to check the replication status between the dc.
Execuet dcdiag /q & netdiag /q for any error.

Do graceful demotion of the DC,forcefull demotioned is not required if the the health of DC is OK.
Kindly take the systemstate backup or full backup of DC's and then proceed with demotion.
0
 

Author Closing Comment

by:Ksean
ID: 36718386
all set
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question