Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Taking the last 2003 DC out of a 2008 R2 domain.

Posted on 2013-05-19
6
323 Views
Last Modified: 2013-06-24
I need to take the last 2003 dc out of my 2008 R2 domain. I have transferred the fsmo roles and verified they have been transferred. We have also migrated to Exchange 2010. The dc fsmo roles transfer took place about 2 weeks ago and all logs and replication look good. We now have 2 2008 R2 Dcs both as GCs. The one thing I about forgot is transferring the time server role. However, several years back I set a GPO for time services at the domain level and it applied all DCs. I have check the registry of the 2008 DCs and the GPO is applied.  With this GPO applied is there any need to do any type of tranfer of time services? Seems that I can just demote the 2003 DC since the fsmo roles have been transferred.

Barry
0
Comment
Question by:barrykeel
6 Comments
 
LVL 5

Expert Comment

by:zabicki
ID: 39180014
you should create a new time server (PDC role). it is possible to run AD without a time server but it is a real nightmare. when the time offset is more than 5 min. kerberos (default settings) just stops working.
just create a new tm server on the new pdc, change GPO and the network should be fine.

simple speaking - shortcuts are ok went you hiking  . . only
0
 
LVL 2

Expert Comment

by:thomasclm
ID: 39180237
Just make sure that your PDC emulator is pointing to a good time source.. All other DC's will sync with the PDC.
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 39180306
Here is the command to update time source (run it on the pdc emulator)

W32tm /config /manualpeerlist:<timesourcename/IP> /syncfromflags:manual /update

I would prefer that you shutdown the 2003dc for few days/hours and see if there are any issues apart from replication error then take a full backup of it and then destroy it.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:barrykeel
ID: 39180735
So the command still needs to be run on the PDC even wirh the GPO in effect? I would definitely shut it down for a week just as I did the old Exchange.
0
 
LVL 5

Accepted Solution

by:
zabicki earned 500 total points
ID: 39180775
the command needs to be run on you new time server

because you have win 2008 r2 first run w32tm /unregister, reboot the machine, run w32tm register again reboot the machine and run  W32tm /config /manualpeerlist:<timesourcename/IP> /syncfromflags:manual /update where <timesourcename/IP> is an available server from http://www.pool.ntp.org/en/
then change your gpo to point to the new machine and unregister the old w2003k machine.

make sure that everything has been moved before the decommissioning
0
 
LVL 5

Expert Comment

by:zabicki
ID: 39180781
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question