Solved

Replacing Server 2008 Enterprise with Server 2012 Standard Domain Controller

Posted on 2013-06-25
5
517 Views
Last Modified: 2013-06-30
I have 7 Domain Controllers across 5 sites running either Server 2003 or 2008.  In my HQ, I have 2 Servers running server 2008 Enterprise that are domain controllers.  I would like to start by demoting one of these servers from being a DC, Reformat it and do a clean install of Server 2012 then promote to DC.  Also, name it with the previous name.  Once that is complete, I would do the same with the other server.  The end result would be both DC's in my HQ are running 2012.  I would then be able to start addressing branch offices.

Aside from running the Add/Remove roles under server manager and removing the AD role, is there anything I should be aware of?  I would assume wait sometime for all the other sites to realize the DC has been removed before adding the 2012 DC with the same name.
0
Comment
Question by:ohmErnie
5 Comments
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 167 total points
ID: 39275730
On the 2008 servers you can run dcpromo to demote the boxes when you are ready.    Ace has a great blog on reusing IP/name on new DCs

http://msmvps.com/blogs/acefekay/archive/2010/10/09/remove-an-old-dc-and-introduce-a-new-dc-with-the-same-name-and-ip-address.aspx

When you introduce the first 2012 DC it will upgrade the schema for you in the background.  Just make sure there are no errors and that AD replication is working.

You will be at schema version 56 after the 2012 DCs come into play

http://adisfun.blogspot.com/2013/06/windows-server-2012-r2-preview-schema.html

Thanks


Mike
0
 
LVL 42

Assisted Solution

by:Amit
Amit earned 166 total points
ID: 39275736
Ya, that is correct, demote one DC, make sure if server hold FSMO role move to another server and then demote it. Later install 2012 and upgrade to new server. I suggest to use new name for 2012 server. Rest is easy.

more to read
http://technet.microsoft.com/en-us/library/hh994618.aspx
0
 
LVL 12

Accepted Solution

by:
mlongoh earned 167 total points
ID: 39275738
You need to check if the one you're going to demote and rebuild has any FSMO roles and if so, transfer them to the other DC.  Then I'd make sure that the other DC (or some other server) is handling DNS and DHCP completely (some DHCP scopes get split between servers so you need to make sure that every service that this DC is providing is handled by something else), and then demote the DC, remove it from the domain, delete the object in AD, and do your rebuild.
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 39275872
Will I have an issue with Exchange 2007?  I will not be able to raise my domain functional level from 2003 at this time until I can replace my 2003 DC in a remote site.
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 39277278
If you are planning migrate PDC role holder then you should also consider migrating Time service role
Refer my below article and configure new PDC role holder as authoritative time server

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_10789-Time-Service-Configuration.html
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question