Solved

Domain Controller

Posted on 2013-06-12
6
302 Views
Last Modified: 2013-06-13
I am going to be replacing a windows 2003 domain controller with a windows 2008R2 domain controller. I want to re-use the same hostname and the same IP address. Is it better for me to leave the current domain controller promoted and just change the hostname and IP address or will that cause issues with my new domain controller if I don’t demote the old one?
This is a secondary domain controller that holds the PDC Role, does DFS, and is also our DHCP server.
I attempted this once and I wasn’t able to transfer the PDC role because it said the new domain controller wasn’t a replication partner. I added it to sites and trusts but maybe I just didn’t wait long enough. It also wouldn’t let me create the dfs with the same name as the old one but I think I found how to do that by deleting it from the system folder in AD, is that all that is necessary for DFS?
Basically I am just looking for some best practices when trying to re-use the IP and hostname to make this as smooth as possible. Thanks for your input!
0
Comment
Question by:Winsoup
6 Comments
 
LVL 23

Assisted Solution

by:Thomas Grassi
Thomas Grassi earned 150 total points
ID: 39241123
I just went thru this process.
I was going to keep the same names and ip address for my dc's but after the issues I had with a member server tried to make it the same name even deleting the original server from the domain and adding the new one had issues.

So yes you can but I would suggest you create new names especially on the DC's

You can keep all the DC's on at the same time then run dcpromo on the old dcs to demote them

Make sure you move all the roles to the new DC's first
0
 
LVL 5

Assisted Solution

by:MisterTwelve
MisterTwelve earned 150 total points
ID: 39241232
yes, the best options is demote DC, reinstall New OS(2008R2), Add to domain with the same name after delete the old computer account from AD, then promote to DC again.

After delete account from domain, ensure your Domain controllers replicate all changes!


If you do like this, you dont have any problem.

Best regards
0
 
LVL 13

Accepted Solution

by:
Michael Machie earned 200 total points
ID: 39241584
One question: Are you planning on using the same Domain name?  

One thing to keep in mind that you want to make sure your new Domain Controllers are running at the highest functional level. Adding the new 2008 Server as a DC in the same Domain as your 2003 server will have issues, because 2003 can only operate at 2003 functionality, whereas server2008 can run at 2000,2003 and 2008. However, the highest functional level you can use is based on your oldest DC, which is Server2003. Once this functional level is specified during installation, you can't really change this without rebuilding AD so you need to put some thought into how to proceed.

As  'trgrassijr55' stated, I also recommend using different computer names. He mentioned making sure all roles are configured on the new DC and I see you want it to be the DHCP server. If you build them all on the same Domain and demote the original DC after, make sure to configure DHCP on the new Server and before connecting it to the same network, disable the DHCP Service until cutover day. You cannot have two Servers in the DHCP role, using the same scopes, on the same network without problems.

If you plan on keeping the same Domain name and/or plan on using the current DC's name and IP, I would highly suggest you set the new DC up in a separate LAN - not connected to the same network as your current 2003 DC - and configure it. On cutover day you can remove the old 2003 DC and connect the new one - you won't get any IP or name conflicts this way. If you follow MisterTwelve's method, you may lose your AD structure entirely, which is fine if you are starting from scratch, and which is not fine if you plan on migrating AD. Once you demote a 2003 Server from the DC role Active Directory is lost.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 3

Author Comment

by:Winsoup
ID: 39241641
Yes it will be on the same domain.

I will still have a couple of domain controllers running on 2003 so I will not be raising the functional level just yet, they will all run at the 2003 level.
What if I just transfer the roles on this DC to our primary DC, then demote the old DC and change the hostname and IP address and then set the new one up with that hostname and IP address, then promote it to a DC and transfer the roles back from the primary DC?
I do have the DHCP database all transferred over already it's just not authorized yet.  

Do you see any issues that would arise doing it that way?
I definitely do not want to rebuild AD!
0
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39241762
Yea, that actually sounds like a good way of doing it, and should work without much issue. I would suggest you do this during off-hours if possible though, in case of conflicts or problems.
0
 
LVL 3

Author Comment

by:Winsoup
ID: 39244375
Thanks for the advice everyone, I apprectiate the input!
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question