Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.
Course Of The Month
4 days, 11 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
2008 R2 Active Directory: Transfer PDC Emulator FSMO and External Time Source Sync
Posted on 2013-01-07
Hi, we're planning to decommision a DC that currently holds all the FSMO roles. We will be transferring all 5 roles to a single DC, which includes the PDC Emulator. The existing PDC Emulator is configured to sync time with an external time source. Does anyone have steps on what needs to be done on the future PDC emulator? Thanks.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3
- +2
7 Comments
Active today
Transfer the FSMO roles and then setup your external time sync on the new DC.
To transfer FMSO roles: http://www.petri.co.il/transferring_fsmo_roles.htm
To setup external time sync (example only, you can use your own external peers of course):
W32tm /config /update /manualpeerlist:”pool.ntp.
Net stop w32time
Net start w32time
Verify:
W32tm /query /configuration
W32tm /query /source
W32tm /stripchart /computer:<source>
MO
To transfer FMSO roles: http://www.petri.co.il/transferring_fsmo_roles.htm
To setup external time sync (example only, you can use your own external peers of course):
W32tm /config /update /manualpeerlist:”pool.ntp.
Net stop w32time
Net start w32time
Verify:
W32tm /query /configuration
W32tm /query /source
W32tm /stripchart /computer:<source>
MO
Active today
Another note, if you no longer have any Server 2008 or prior version DC's make sure to raise your forest functional level to 2008 R2, so you can take full advantage of a 2008 R2 active directory environment.
MO
MO
Active 3 days ago
at the PDC emulator type the following command to set it to sync with external time source tick.usno.navy.mil and tock.usno.navy.mil.
To move the FSMO roles
Open Active Directory Users and Computers
RC the domain name and select change domain controllers
select the domain controller the role is to be transferred to
RC the domain name and select Operations Masters
Click the change button on RID, PDC, and Infrastructure tabs
Close ADUC
Register the schema snap in (open a elevated command prompt and type regsvr32 schmmgmt.dll)
Start, Run, mmc, OK
File Add/Remove Snap In
AD Schema, Add, OK
Right Click AD Schema and select change domain controllers
Select the new Schema target server, OK
RC AD Schema and select Operations Master
Click change button
I would also read this article about where to put the FSMO roles. It's not a good idea to have them all on the same server.
http://support.microsoft.com/kb/223346
w32tm /config /manualpeerlist:"tick.usno.navy.mil tock.usno.navy.mil" /syncfromflags:manual /reliable:yes /update
To move the FSMO roles
Open Active Directory Users and Computers
RC the domain name and select change domain controllers
select the domain controller the role is to be transferred to
RC the domain name and select Operations Masters
Click the change button on RID, PDC, and Infrastructure tabs
Close ADUC
Register the schema snap in (open a elevated command prompt and type regsvr32 schmmgmt.dll)
Start, Run, mmc, OK
File Add/Remove Snap In
AD Schema, Add, OK
Right Click AD Schema and select change domain controllers
Select the new Schema target server, OK
RC AD Schema and select Operations Master
Click change button
I would also read this article about where to put the FSMO roles. It's not a good idea to have them all on the same server.
http://support.microsoft.com/kb/223346
Unless you notice your FSMO role holder is overloaded you can put them all on the same box. That article is a bit dated.
Is this box also a DNS server? If it is make sure clients are pointing to the new DC/DNS for DNS (both static and DHCP clients)
Thanks
Mike
Is this box also a DNS server? If it is make sure clients are pointing to the new DC/DNS for DNS (both static and DHCP clients)
Thanks
Mike
Thanks Mike, it is a DNS/DHCP server as well and I'm running Network Monitor to see what is connecting to it via DNS. Is there any particular order you would recommend transferring the FSMO roles? Thanks.
Active today
There is no set defined order just make sure you get them all. I would not demote the old DC until you're certain you have all clients accessing the new DC for DNS.
MO
MO
Active today
I would first check the health of Proposed role holder using dcdiag /q
Then I will check replication health using repadmin /replsum
Then only I will move FSMO roles using one of the below two article
http://technet.microsoft.com/en-us/library/cc779716(v=ws.10).aspx
http://www.elmajdal.net/win2k8/Transferring_FSMO_Roles_in_Windows_Server_2008.aspx
I have written an article to configure time service in windows Domain env Please go through it and configure time server accordingly
http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_10789-Time-Service-Configuration.html
Do not use navy servers as your external time source it had issues in past read below article
Did Your Active Directory Domain Time Just Jump To The Year 2000?
http://blogs.technet.com/b/askpfeplat/archive/2012/11/19/did-your-active-directory-domain-time-just-jump-to-the-year-2000.aspx
Then I will check replication health using repadmin /replsum
Then only I will move FSMO roles using one of the below two article
http://technet.microsoft.com/en-us/library/cc779716(v=ws.10).aspx
http://www.elmajdal.net/win2k8/Transferring_FSMO_Roles_in_Windows_Server_2008.aspx
I have written an article to configure time service in windows Domain env Please go through it and configure time server accordingly
http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_10789-Time-Service-Configuration.html
Do not use navy servers as your external time source it had issues in past read below article
Did Your Active Directory Domain Time Just Jump To The Year 2000?
http://blogs.technet.com/b/askpfeplat/archive/2012/11/19/did-your-active-directory-domain-time-just-jump-to-the-year-2000.aspx
Featured Post
Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention.
Multiple USB devices need t…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month4 days, 11 hours left to enroll
Earn Certification
MCSA Configuring Windows 7 Exam 70-680
$49.00$44.10
689 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.