Link to home
Create AccountLog in
Avatar of mig1980
mig1980

asked on

Move FSMO Roles and Decomission Domain Controller

Good day everyone. We currently have 4 Domain Controllers in our domain. The domain controller holding the FSMO roles is a very old Windows 2000 server. We would like to transfer the roles to a newer DC and decommission it.

 Here is our layout:

FSMO role holder is a physical server, other 3 are VMs on different hosts (using Hyper-V)
The 3 other DCs are on Windows 2003 SP2

Could someone point me to a good guide on how to transfer the FSMO roles and decommission the server?

Also, would it be a good idea to have all DCs as VMs or should at least one be on a physical machine?

One last thing...would I experience any downtime on my domain while doing this? If so, how long is this process usually?
SOLUTION
Avatar of Lee W, MVP
Lee W, MVP
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of mig1980
mig1980

ASKER

The server is a DC, DNS, and WINS. That is all. Adjusting the DNS settings on the servers, etc will probably be the biggest challenge as we have quite a few servers.

Are there any issues with only having DCs that are VMs?
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
ASKER CERTIFIED SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of mig1980

ASKER

Thank you all very much for your help.
There ARE issues with having DCs on VMs BUT they are not show stoppers.  You just need to understand and plan accordingly.

If your Hypervisor is Hyper-V, then you want either:
-the HyperV servers set in a workgroup (because if they are in the domain and all DCs are virtual, they boot up and there is no DC available until the Hyper-V server finishing loading and starts the VM.
-at least one physical DC.

Time sync CAN be an issue, but I suggest you read over this:
http://blogs.msdn.com/b/virtual_pc_guy/archive/2010/11/19/time-synchronization-in-hyper-v.aspx

Finally, if you DON'T use Hyper-V OR you do use it but leave the servers in a workgroup, then keep in mind boot order.  The first VM system resumed/booted should be a DC and you should allow it time to fully start so that the other systems have a DC to talk to.  This really isn't a virtualization issue but many people forget this... even if all your servers were physical you want to boot one DC (at least) first and allow it to fully start before starting other systems.