Improve company productivity with a Business Account.Sign Up

x
?
Solved

Moving a W8K DC to another network

Posted on 2013-11-04
11
Medium Priority
?
740 Views
Last Modified: 2013-11-05
Hello


Environment:  TCI/IP Network: 192.168.0.0/24
Windows 2008 R2 single DC, AD, DNS, DHCP
IP = 192.168.0.100
Mask = 255.255.255.0
DG : 192.168.0.50
DNS : 192.168.0.100

This DC will soon be disconnected from the present network and connected to another network : 192.0.20.0/24 (the server is moving physically to another company)
The Default Gateway for this new network is 192.0.20.50
DNS is 192.0.20.1 (another Windows 2008 DC)

What I plan to do is the following:

Activate the secondary Network Interface Card on the server with the following settings:
IP = 192.0.20.100
Mask : 255.255.255.0
DG: 192.0.20.50
DNS1 :  192.0.20.100 (the server itself)
DNS2: 192.0.20.1 (another W8K DNS Server on the network)

The primary NIC will be deactivated and disconnected from the network 192.168.0.0/24 which will not exist anymore
Also DHCP will be deactivated since this new network has his own DHCP server

Should it be OK?

Any better solution to “move” a DC server from one network to another network?

Important: this server will not serve anymore as a DC and no PC will be in his AD domain. All PC will be integrated on the new AD environment. But access to this PC is important for a legacy application. This server should be PING able and access though MSTSC



Thank you very much
0
Comment
Question by:gadsad
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 43

Expert Comment

by:kevinhsieh
ID: 39623328
I would not bring up the second NIC. Just change the IP address, gateway, and DNS on the primary NIC. DO NOT demote the server. Deactivate the DHCP
0
 

Author Comment

by:gadsad
ID: 39623453
I had rather do like that, it is easier: change on the primary NIC, IP, Gateway and DNS
And not bring up the second NIC

But since it is a DC with AD I am afraid to do that
SHould it be OK?

Thanks
0
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 668 total points
ID: 39623840
Hmmmm, I would say you SHOULD demote this DC before you move it.  If you don't you'll cause issues with replication, authentication, etc... for machines which are still on that domain.  I know it sounds like that domain will disappear, but still...  Further to this, you won't be able to join it to the new domain if you leave it running as a DC.

Just DCPROMO it out of the domain then join it to the new domain.  Don't worry about IP addressing - just change it when it gets moved, or right before you shut it down.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
LVL 18

Assisted Solution

by:Sarang Tinguria
Sarang Tinguria earned 664 total points
ID: 39623971
Agree with craigbeck Just wanted to add that take system state backup first prior demoting the DC, (Assuming you have only one DC in domain)
Then change the Ip address of the server and join it to new domain (If possible)
0
 
LVL 43

Expert Comment

by:kevinhsieh
ID: 39623983
Changing from a DC to standalone server can break the legacy application as all of the domain based accounts and related permissions will disappear. Not worth the risk IMHO.
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 39623992
@kevinhsieh - that's assuming the legacy application relies on domain-based apps and permissions.  It could be that the app is just 'on' that server and uses its own user database, permissions, etc.

Just a thought...
0
 

Author Comment

by:gadsad
ID: 39624002
The application is not based on AD and on the domain. It has its own permissions and database.
0
 
LVL 43

Accepted Solution

by:
kevinhsieh earned 668 total points
ID: 39624034
Does the application database run as a service? Which account does it run under? What are the NTFS permissions on the files, as all of the permissions for domain users and groups would become invalid. If it is trivial to fix any issues when the server is going from DC to standalone, then it should be almost as easy, as cms safer to just move it to a new server environment. If it isn't trivial, Best to minimize the the changes. I have seen database applications (Best Software's FAS) break of you just change the IP address of the server.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39626290
You can create test env and check if the application is working without domain.If yes then you can promote the DC if not required.You can also involve and confirm with app vendor for any dependicies on AD for app to work.
0
 

Author Closing Comment

by:gadsad
ID: 39626545
thank you
0

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

You have missed a phone call. The number looks like it belongs to the bunch of numbers which your company uses. How to find out who has just called you?
If you need to implement application level security in an Access database application or other VBA code, I strongly encourage you to take advantage of Active Directory groups.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question