Link to home
Start Free TrialLog in
Avatar of bstillion
bstillionFlag for United States of America

asked on

Swapping IP addresses on 2 Domain Controllers (Windows Server 2003/2008)

Server A:  Windows Server 2003 sp2 domain controller - Primary DNS server in DHCP and statically assigned on member servers
Server B: Windows Server 2008 R2 domain controller -  DNS installed but not in use

Windows 2003 Native domain and forest

Healthcare environment (there are other DC/GCs in this domain)

Both IP addresses are on the same network

Many medical applications (no reliable list of applications exists) point to Server A as their sole LDAP source. Not sure if they point to the name or IP address.

I need to retire Server A as part of an upgrade to Windows Server 2008 R2. I would like to assign the IP address of Server A to Server B and also create a CNAME record that points queries for Server A to Server B. Once the IP addresses are swapped, I would then run

Ipconfig /registerdns and dcdiag /fix

to register the new name/ip and to refresh the DNS resource records respectively. I believe it would then be best to remove the domain controller role from Server A to force use of the alias.

I would like to do this in both the root domain and also one of the child domains. I am not sure how the computers/servers will respond to the change in domain controller availability. Will these steps be a transparent way to retire a server without changing DHCP settings and the static, primary DNS server IP on member servers?

Avatar of dibi
dibi
Flag of Germany image

Hello!

At first, run a sniffing tool like Wireshark and scan for LDAP requests. This should answer your question, how many LDAP-clients you have. I'd recommend to create a plan, first - just in case of unexpected behaviour later.

Second, I do not recommend doing your "migration" without testing it in a productive environment! Really.

Third: Theoretically, your "migration" should work.

Best regards!

PS: Test it before doing it :)
Avatar of bstillion

ASKER

Thanks dibi!

It's hard to create a test environment that is in any way close
to our complex production environment so I'm not sure how
vaulable the test would be.

a test environment is always valuable in helping establish the
step-by-step procedure that works best which in turn reduces
downtime. It's just difficult to really know what implications my
actions will have on production systems.

There are hundreds of applicaitons running software versions that
are often out of support, Macintosh PCs and devices, Groupwise email,
and forest and external trusts with multiple sites. It would take months
to test all of the major parts with any confidence.

Any suggestion on what would be the critical elements to test?

ASKER CERTIFIED SOLUTION
Avatar of kevinhsieh
kevinhsieh
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial