[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

best way to add a new DC and retire an old one..

Posted on 2013-05-17
8
Medium Priority
?
320 Views
Last Modified: 2013-05-24
So right now, I have two 2008 non-R2 servers acting as both of my DCs. These DCs are playing  the roles of DHCP, DNS, and AD.

I need to decommission one of these physical servers and replace it with a new system, running Server 2008 R2 64 bit.

Do you know of any walkthrough helping me with this exact scenario? I'm having problems getting DNS to migrate gracefully. I feel that I have DHCP and AD already working, but I'd want to be completely sure.

My idea was that I can have all 3 servers up at once and then shut down one of the older DCs once I know the new DC is fully functional.

Also, once the project is done, does having two different DCs on two different Server 2008 versions matter? One serverwill be on R2, the older server will not.
0
Comment
Question by:jumpassociates
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 41

Accepted Solution

by:
footech earned 2000 total points
ID: 39176403
If you're using AD-integrated DNS zones, then that is one of the easiest operations.  As soon as you promote the new server to be a DC and install DNS on it, the zones will replicate to the new server.  Assuming that you have a separate _msdcs zone with a delegation for it in your domain zone, you may want to manually update the delegation with the new name server.

There are migration guides for DHCP and other roles.
http://technet.microsoft.com/en-us/library/dd379535(WS.10).aspx

Of course, before demoting the old server, if it holds any of the FSMO roles, you will want to transfer those to a different DC.
It's best to run dciag /v and dcdiag /v /test:dns on all servers to verify functionality, as well as repadmin /showrepl.

There is no problem with having a mix of 2008 and 2008 R2 DCs.
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 39176617
before making the first R2 domain controller, need to run adprep (or adprep32 if your current servers are not x64) from the \support\adprep folder on the R2 media 3 times

adprep /forestprep
adprep /domainprep
adprep /rodcprep
0
 

Author Comment

by:jumpassociates
ID: 39182098
If I already have 2 2008 DCs, and I'm going to add another 2008 DC to the mix, do I still have to run adprep for each server I add to the domain?

And when I finally retire one of the older DCs, what is the best way to remove it gracefully?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 41

Expert Comment

by:footech
ID: 39182374
There is a difference between 2008 and 2008 R2 so please be clear in your comments.  If adding a 2008 R2 DC to your exising 2008 DCs:
adprep /forestprep only needs to be run once for each forest.
adprep /domainprep only needs to be run once for each domain.
adprep /rodcprep only needs to be run once for each forest where you plan on having read-only DCs.

See here for the procedure to remove a DC.
http://technet.microsoft.com/en-us/library/cc771844(v=ws.10).aspx
0
 

Author Comment

by:jumpassociates
ID: 39185199
ahh..thanks for the clarification. Yes, I will be adding an R2 server to be a DC in an environment that already has 2 non-R2 servers.

So just to be clear...
1) run adprep commands as appropriate
2) install roles on new R2 server (in this case, im adding DHCP, DNC, and AD)
3) run dcpromo
4) remove old DC

Does that sound right, or am I skipping anything in there?
0
 
LVL 41

Assisted Solution

by:footech
footech earned 2000 total points
ID: 39185697
Although you could delay it, I'd say normally the dcpromo will be mixed in to your step 2, right after the AD DS and DNS roles are added.  Get that done first, wait a bit for replication, run your checks for replication, etc. to make sure things are healthy like I mentioned in my first post, then migrate your DHCP, etc...
0
 

Author Comment

by:jumpassociates
ID: 39191801
can you clarify on this:
Assuming that you have a separate _msdcs zone with a delegation for it in your domain zone, you may want to manually update the delegation with the new name server.
0
 
LVL 41

Assisted Solution

by:footech
footech earned 2000 total points
ID: 39191876
Do you have a zone like _msdcs.<yourdomain.com>?  If so, to update the delegation, open the zone <yourdomain.com>, double-click on the _msdcs entry, right click it and select properties, update the entries as needed.
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question