asked on Replace Windows 2003 Domain Controller
I have a single windows server 2003 Domain Controler. It handles DNS and DHCP as well. I have just purchased a Windows 2008 R2 server. I ran adprep on the 2003 and promoted the 2008 R2 to run as an additional domain controller. I want to retire the 2003 server. How do I transfer the dhcp role and, since I set up the 2008 as a DNS server and it has copied the DNS information from the 2003 server, can I simply point all other computers to the 2008 for DNS? Finally how do I demote the 2003 server and take it off the network?
Thanks.
Thanks.
Windows Server 2008Active Directory
Last Comment
Mike Kline
Transfer the FSMO roles, make sure the new box is also a GC.
I highly recommend you keep the 2003 box right now as a DC also until you can get another 2008 DC up.
In any production environment it is important to have at least two DCs. Just think of only having one and that thing crashing hard. You have a lot of work to do and your users have definite downtime. With two the users will be fine and it will give you breathing room.
Thanks
Mike
I highly recommend you keep the 2003 box right now as a DC also until you can get another 2008 DC up.
In any production environment it is important to have at least two DCs. Just think of only having one and that thing crashing hard. You have a lot of work to do and your users have definite downtime. With two the users will be fine and it will give you breathing room.
Thanks
Mike
Dear,
i do agree with Expert Mike...
1) you should have two DC's at all the time
2) for any reason if you dont have the hardware you can use any desktop pc as temporary purpose.
3) before you demote old 2003 DC make sure you have no errors on below outputs
start>run
dcdiag /v
repadmin /showrepl
i would sugegst you keep the current 2008R2 up and running, arrange tempoary hardware (Desktop computer) install 2008R2, permote as DC/GC.
1) on extra hardware (64bit supporting) install win 2008 R2
2) check your forest/domain level (i would suggets to raise to win 2003)
3) add win 2008 r2 in your domain.
4) run adprep /forestprep on win 2003 DC (once finish wait till replicate on al other DC/GC)
5) run /domainprep (once finish wait till replicate on al other DC/GC) refer to http://technet.microsoft.com/en-us/library/cc731728(v=ws.10).aspx
6) on win 2008 R2 server run dcpromo
7) once new 2008DCpromo finish till it replicate all (at this point dont use this DC. the DNS information will come automaticlly after some time)
8) run below command again on new win 2008DC
1) repadmin /showrepl
2) dcdiag /v
9) once susceed you need to shift FSMO roles to win 2008DC refer to
1)http://kpytko.wordpress.com/2011/08/26/transferring-fsmo-roles-from-gui
2)http://www.petri.co.il/transferring_fsmo_roles.htm
Caution : this is time consuming task, prefer to do it after office hours and make sure you follow proper procedure... and you have system backups
once all above finish you have 2 new win 2008R2 DC/GC and teh most fault tolerent hardware holding all fsmo roles and DNS
you can verify by giving below command on any dc
netdon /query fsmo
once you are satisfied you can demote win 2003 server.......
i do agree with Expert Mike...
1) you should have two DC's at all the time
2) for any reason if you dont have the hardware you can use any desktop pc as temporary purpose.
3) before you demote old 2003 DC make sure you have no errors on below outputs
start>run
dcdiag /v
repadmin /showrepl
i would sugegst you keep the current 2008R2 up and running, arrange tempoary hardware (Desktop computer) install 2008R2, permote as DC/GC.
1) on extra hardware (64bit supporting) install win 2008 R2
2) check your forest/domain level (i would suggets to raise to win 2003)
3) add win 2008 r2 in your domain.
4) run adprep /forestprep on win 2003 DC (once finish wait till replicate on al other DC/GC)
5) run /domainprep (once finish wait till replicate on al other DC/GC) refer to http://technet.microsoft.com/en-us/library/cc731728(v=ws.10).aspx
6) on win 2008 R2 server run dcpromo
7) once new 2008DCpromo finish till it replicate all (at this point dont use this DC. the DNS information will come automaticlly after some time)
8) run below command again on new win 2008DC
1) repadmin /showrepl
2) dcdiag /v
9) once susceed you need to shift FSMO roles to win 2008DC refer to
1)http://kpytko.wordpress.com/2011/08/26/transferring-fsmo-roles-from-gui
2)http://www.petri.co.il/transferring_fsmo_roles.htm
Caution : this is time consuming task, prefer to do it after office hours and make sure you follow proper procedure... and you have system backups
once all above finish you have 2 new win 2008R2 DC/GC and teh most fault tolerent hardware holding all fsmo roles and DNS
you can verify by giving below command on any dc
netdon /query fsmo
once you are satisfied you can demote win 2003 server.......
ASKER
My apologies for taking so long to get back to this post. Thank you all for your comments.
I will keep the 2003 server on as a backup. I do have a couple of additional questions however.
Do I need to do anything to make the 2008 R2 the primary DC or will they simply share the role themselves?
How do I move the profile scripts over to the 2008 DC?
Once I move the scripts and the DHCP over to the 2008 R2, if it fails for some reason, will the old 2003 simply take over the role of DHCP and the profile scripts or would I have to do something additional after the failure?
I will keep the 2003 server on as a backup. I do have a couple of additional questions however.
Do I need to do anything to make the 2008 R2 the primary DC or will they simply share the role themselves?
How do I move the profile scripts over to the 2008 DC?
Once I move the scripts and the DHCP over to the 2008 R2, if it fails for some reason, will the old 2003 simply take over the role of DHCP and the profile scripts or would I have to do something additional after the failure?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thanks all for the information.
No problem, nice work replacing your box.
Thanks
Mike
Thanks
Mike
Yes you should be able to point your computers to 2008 for DNS and to transfer your DHCP follow this http://blogs.technet.com/b