Replace 2003 Domain Server with 2008

Posted on 2012-03-12
Last Modified: 2012-03-20
Hello Everyone, I am looking for some guidance on a task I have. I currently have a 2003 Domain controller and I would like to replace it (completely name, physical box, IP, etc) with a 2008 machine.

As anyone else done this as well?
Question by:CCG3
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1

Expert Comment

ID: 37709598
Are you asking to change a 2003 Domain Controller with new 2008 with the same name and function?

The reason I ask is because if have done this same name swap.  IT can be done offline and you need another system that you can use for a migration.   It isn't to difficult
LVL 57

Expert Comment

by:Mike Kline
ID: 37709673
If you are going from 2003 to 2008 you can do an upgrade in place and that works fine.  I'd consider going to 2008 R2 at this point.

If you go to 2008 R2 it is only 64 bit and if your 2003 box is 32 bit you can't upgrade in place.



Author Comment

ID: 37709701
Thanks for your replies.

I currently have a 2003 DC (PDC) now with a name of DC1 and an IP of 10.1 and a 2003 secondary (BDC) DC2 with an IP of 10.2. I would like to build the new server with the same name, IP and new OS (2008 R2) and take the old one (PDC) offline and toss it out the window or something. Then after a week or so replace my secondary (BDC) with a 2008 R2 as well.

My current DC is too old, I will not be reusing it for anything so upgrading it is not an option.
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

LVL 57

Expert Comment

by:Mike Kline
ID: 37709782
I'm assuming that 2003 box is 32 bit. So in this case you will need to add a 2008 R2 box in parallel.  You have two ways.

1.  Change the name/IP of the 2003 DC now and then add the 2008 R2 box with that name and IP

2.  Add the 2008 R2 box then change the IP and name once that 2003 box is off the network (maybe do it over the weekend).

I'm guessing option 2 is what you will want



Author Comment

ID: 37710073
thanks Mike.

Option 2 is what I think I want but have you done this before? I was hoping for some input from someone that has done this before.

In theory, I should be able to get my 2008 server up and running as a BDC. Then take it offline. Promote my current BDC to PDC, then take it offline. Then change the name and IP of the new PDC and bring it online and the promote it the new PDC.

LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 167 total points
ID: 37710113
I have because we had some apps and scripts hard coded by name so we wanted to reuse the name.

Have you seen Ace's blog on this

His blogs are really in-depth...I don't want to type it all out again :)



Assisted Solution

czteck earned 166 total points
ID: 37711257
It would be better and faster if you built a box any box and put Win 2k3 on it. Call it migrate
 install DNS
 Promoted to a dc.  
 Make it a global catalog
Ensure that all DNS and sysvol information has been replicated to the migration  box
 Then you can remove the migration box.
 Sieze the FSMO roles on the migration box and remove the referecnces of the old server

Install Win 2k8 R2 on the new hardware and name it the same as the old.  Promote it just like the normal.

DCPromo the migration box to remove the AD

Then all you have to do is recover your data from the old server via backup.  

The nice thing about this method is that the old server stays up and running while the new one is being built.  If there is an issue with the new one the old one is ready to go
LVL 26

Accepted Solution

Leon Fester earned 167 total points
ID: 37713321
Get away from the concept of PDC and BDC.
Active Directory doesn't use those concepts the PDC FSMO is held mainly for legacy applications.
It only adds unneccessary complexity when it's not needed.

Current situation: You already have 2 Domain Controllers.
So if you lose one, you should have a working copy of the other.

Migration Plan:
In a lab or isolated network, pre-build your replacement Windows 2008 Server with the name that you want it to have.
You can even build it without the Network Cable installed, if that is an option.
Just don't put it on the domain.

Move all/any FSMO roles, DNS, WIN, DNS roles from old DC1 to DC2.
Run DCPROMO on DC1 to demote the server.

Once removed, run the adprep32 on the remaining Windows 2003 Server to extend your Schema.

Add the Windows 2008 version of DC1 to the network, add it to the domain.

Now run DCPROMO on the new DC1 server, to promote it to a DC.
Move roles back to DC1 and you're almost done.

Once replication is finalized you've basically completed the inplace migration.

Follow the same process for DC2 when you're ready to move it.

Post back if you need specific instructions for each step.

Author Comment

ID: 37720835
Thanks for all of the replies.

I think dvt_localboy has the path that would work the best.

Can you tell me the best way to transfer the FSMO, DNS, and DHCP to DC2?
And how to verify they have been transferred and working correctly before I take DC1 offline?

Author Closing Comment

ID: 37743994
Thanks everyone. I did it a little different. I built my new box off of the network and named correctly. Then I put another 2008 VM box on the network and transfered all FSMO roles to the secondary 2003 machine I had as well as the DNS and DHCP roles.

I then ran DCPromo on the retiring DC and shut it off. Then I brought my new 2008 DC into the domain and ran DCPromo and then moved all FSMO, DNS, and DHCP roles over to it.

Everything went well with very little issues and nothing I couldn't overcome.

Featured Post

What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question