Solved

best way to add a new DC and retire an old one..

Posted on 2013-05-17
8
313 Views
Last Modified: 2013-05-24
So right now, I have two 2008 non-R2 servers acting as both of my DCs. These DCs are playing  the roles of DHCP, DNS, and AD.

I need to decommission one of these physical servers and replace it with a new system, running Server 2008 R2 64 bit.

Do you know of any walkthrough helping me with this exact scenario? I'm having problems getting DNS to migrate gracefully. I feel that I have DHCP and AD already working, but I'd want to be completely sure.

My idea was that I can have all 3 servers up at once and then shut down one of the older DCs once I know the new DC is fully functional.

Also, once the project is done, does having two different DCs on two different Server 2008 versions matter? One serverwill be on R2, the older server will not.
0
Comment
Question by:jumpassociates
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 40

Accepted Solution

by:
footech earned 500 total points
ID: 39176403
If you're using AD-integrated DNS zones, then that is one of the easiest operations.  As soon as you promote the new server to be a DC and install DNS on it, the zones will replicate to the new server.  Assuming that you have a separate _msdcs zone with a delegation for it in your domain zone, you may want to manually update the delegation with the new name server.

There are migration guides for DHCP and other roles.
http://technet.microsoft.com/en-us/library/dd379535(WS.10).aspx

Of course, before demoting the old server, if it holds any of the FSMO roles, you will want to transfer those to a different DC.
It's best to run dciag /v and dcdiag /v /test:dns on all servers to verify functionality, as well as repadmin /showrepl.

There is no problem with having a mix of 2008 and 2008 R2 DCs.
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 39176617
before making the first R2 domain controller, need to run adprep (or adprep32 if your current servers are not x64) from the \support\adprep folder on the R2 media 3 times

adprep /forestprep
adprep /domainprep
adprep /rodcprep
0
 

Author Comment

by:jumpassociates
ID: 39182098
If I already have 2 2008 DCs, and I'm going to add another 2008 DC to the mix, do I still have to run adprep for each server I add to the domain?

And when I finally retire one of the older DCs, what is the best way to remove it gracefully?
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 40

Expert Comment

by:footech
ID: 39182374
There is a difference between 2008 and 2008 R2 so please be clear in your comments.  If adding a 2008 R2 DC to your exising 2008 DCs:
adprep /forestprep only needs to be run once for each forest.
adprep /domainprep only needs to be run once for each domain.
adprep /rodcprep only needs to be run once for each forest where you plan on having read-only DCs.

See here for the procedure to remove a DC.
http://technet.microsoft.com/en-us/library/cc771844(v=ws.10).aspx
0
 

Author Comment

by:jumpassociates
ID: 39185199
ahh..thanks for the clarification. Yes, I will be adding an R2 server to be a DC in an environment that already has 2 non-R2 servers.

So just to be clear...
1) run adprep commands as appropriate
2) install roles on new R2 server (in this case, im adding DHCP, DNC, and AD)
3) run dcpromo
4) remove old DC

Does that sound right, or am I skipping anything in there?
0
 
LVL 40

Assisted Solution

by:footech
footech earned 500 total points
ID: 39185697
Although you could delay it, I'd say normally the dcpromo will be mixed in to your step 2, right after the AD DS and DNS roles are added.  Get that done first, wait a bit for replication, run your checks for replication, etc. to make sure things are healthy like I mentioned in my first post, then migrate your DHCP, etc...
0
 

Author Comment

by:jumpassociates
ID: 39191801
can you clarify on this:
Assuming that you have a separate _msdcs zone with a delegation for it in your domain zone, you may want to manually update the delegation with the new name server.
0
 
LVL 40

Assisted Solution

by:footech
footech earned 500 total points
ID: 39191876
Do you have a zone like _msdcs.<yourdomain.com>?  If so, to update the delegation, open the zone <yourdomain.com>, double-click on the _msdcs entry, right click it and select properties, update the entries as needed.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question