Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Setting Up New DC's and Services Win 2008 R2

Posted on 2013-01-21
Medium Priority
Last Modified: 2013-01-28
I have a site that is part of a larger global network and we are trying to remove the last of the Windows 2003 DC's in my site in order to raise the Domain Functional Level. The Operations Master is located at another site so I wanted to know if I need to move or change any roles on either the existing Windows 2003 DC or the new Windows 2008 R2 DC's I've brought up at my site before I DCPROMO down the last Windows 2003 DC?

Also, is there any way to export out DHCP configurations and import them into the new Windows 2008 R2 box?
Question by:iNetSystem
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
LVL 11

Accepted Solution

Giladn earned 2000 total points
ID: 38802584

1. Move all FSMO rules to another server (2008 r2) before demoting the last 2003 dc.
    after that you can grand any rule back to the new server.

2. about migrating the dhcp config try this:

open command prompt (right click "run as administrator")
netsh dhcp server export C:\dhcpcb all  (2003 dc)

move the file to your new server and type:
netsh dhcp server import C:\dhcpcb all

post back with results...


Author Comment

ID: 38803090
before I import (i did export the dhcp) will it automatically activate the scope?  Will it bring over all of the scope options?
LVL 11

Expert Comment

ID: 38804619
you cannot have 2 dns servers in 2008 farm, this will auto disable on of the dhcp servers so the answer is no.. you can import config and stop the dhcp server if you want. no risk here if the 2003 is still alive.
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.


Author Comment

ID: 38805657
I'm sorry - could you please clarify?

If I import the DHCP configuration into the new 2008 R2 DC that I exported out from the existing 2003 DHCP server will it automatically Activate the new DHCP scope and options on the new box?

When I import it in will it bring over all of the options that were part of DHCP on the Windows 2003 box?

Author Comment

ID: 38806131
Also - if the FSMO roles are on a DC at another site I do not need to do anything on the Windows 2003 box before I DCPROMO it out - correct?

Author Comment

ID: 38806615
Can anyone comment on my last two questions please?
LVL 11

Expert Comment

ID: 38809308
sorry -

Ok, importing will bring all "service configuration" which is a YES to your question.
to your second question, you need to move the server's operation roles before demoting, this can be done during work hourse with no impact, I can either guide you or let you do it yourself, if you need my help please post back which FSMO roles the 2003 server currently holds :

if you want to do it yourself :

post back..


Author Comment

ID: 38810388

All of the FSMO roles are located at another site and NOT on my Windows 2003 box that I want to remove.  Do I need to do anything?
LVL 11

Expert Comment

ID: 38810825
in that case, make a backup of all the files and system state and you can demote it using "dcpromo" from run menu..

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question