Solved

Taking the last 2003 DC out of a 2008 R2 domain.

Posted on 2013-05-19
6
326 Views
Last Modified: 2013-06-24
I need to take the last 2003 dc out of my 2008 R2 domain. I have transferred the fsmo roles and verified they have been transferred. We have also migrated to Exchange 2010. The dc fsmo roles transfer took place about 2 weeks ago and all logs and replication look good. We now have 2 2008 R2 Dcs both as GCs. The one thing I about forgot is transferring the time server role. However, several years back I set a GPO for time services at the domain level and it applied all DCs. I have check the registry of the 2008 DCs and the GPO is applied.  With this GPO applied is there any need to do any type of tranfer of time services? Seems that I can just demote the 2003 DC since the fsmo roles have been transferred.

Barry
0
Comment
Question by:barrykeel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 5

Expert Comment

by:zabicki
ID: 39180014
you should create a new time server (PDC role). it is possible to run AD without a time server but it is a real nightmare. when the time offset is more than 5 min. kerberos (default settings) just stops working.
just create a new tm server on the new pdc, change GPO and the network should be fine.

simple speaking - shortcuts are ok went you hiking  . . only
0
 
LVL 2

Expert Comment

by:thomasclm
ID: 39180237
Just make sure that your PDC emulator is pointing to a good time source.. All other DC's will sync with the PDC.
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 39180306
Here is the command to update time source (run it on the pdc emulator)

W32tm /config /manualpeerlist:<timesourcename/IP> /syncfromflags:manual /update

I would prefer that you shutdown the 2003dc for few days/hours and see if there are any issues apart from replication error then take a full backup of it and then destroy it.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:barrykeel
ID: 39180735
So the command still needs to be run on the PDC even wirh the GPO in effect? I would definitely shut it down for a week just as I did the old Exchange.
0
 
LVL 5

Accepted Solution

by:
zabicki earned 500 total points
ID: 39180775
the command needs to be run on you new time server

because you have win 2008 r2 first run w32tm /unregister, reboot the machine, run w32tm register again reboot the machine and run  W32tm /config /manualpeerlist:<timesourcename/IP> /syncfromflags:manual /update where <timesourcename/IP> is an available server from http://www.pool.ntp.org/en/
then change your gpo to point to the new machine and unregister the old w2003k machine.

make sure that everything has been moved before the decommissioning
0
 
LVL 5

Expert Comment

by:zabicki
ID: 39180781
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question