Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Replacing old windows 2003 server with Windows 2008 domain controller

Posted on 2013-11-19
7
Medium Priority
?
1,011 Views
Last Modified: 2013-12-08
I have an old Windows 2003 domain controller running on a VMware virtual machine on Windows 2008 server. There is a second domain controller on the network that I want to remove from the network.

I'm getting a brand new server running Windows 2008 R2 that I want to use as the new domain controller.  

By the way, I already have a new Windows 2008 R2 running Exchange 2010 standard and Exchange has been working great for over one year now.  I don't want to mess this up, especially if Exchange is in the picture.

Here is what I'm thinking about doing.

1. Remove the second domain controller from the network  - demote it to just a windows server.  It's currently being used as a file sharing server right now, which will be replaced also with a  new windows 2008 r2 server.

2. Migrate 2003 to 2008 R2 as domain controller.

3. Remove 2003 from the network.

At the end I should have only one domain controller running on Windows 2008 R2 (new server), Exchange working without any problems (existing server), and a new file server (this server replaces the current second domain controller on the network as file sharing only).

What is the easiest and fastest way of doing this without any potential down time?
0
Comment
Question by:Anthony H.
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 1000 total points
ID: 39661519
The plan of action looks good however I will recommend to promote new Server in domain point the dns setting of client,exchange and member server to new DC then shutdown the old server during business hours and check the impact if no issue reported you can demote the server as per requirement.

However I will recommend to have atleast two DC in the network for redundancy with single DC you will be at risk.You also need to move the FSMO role to new DC and dont forget to configure authorative time server role on DC.http://support.microsoft.com/kb/816042

See this will be helpful to promote the DC:http://msmvps.com/blogs/mweber/archive/2012/07/30/upgrading-an-active-directory-domain-from-windows-server-2003-or-windows-server-2003-r2-to-windows-server-2012.aspx

If you are planning to remove Win2003 DC below links will be helpful.
http://technet.microsoft.com/en-us/library/cc740017(WS.10).aspx (how to demote a DC)
http://technet.microsoft.com/en-us/library/cc755937(WS.10).aspx (how to decommisioning a DC)
http://technet.microsoft.com/en-us/library/cc771844(WS.10).aspx (how to removing a DC from a Domain)

Hope this helps
0
 
LVL 13

Assisted Solution

by:SagiEDoc
SagiEDoc earned 1000 total points
ID: 39661588
You plan is spot on, Sandeshdubey is also right. The only thing you need to add is enabling the global catalog on the new 2008 domain controller and making sure it is in the correct site if you have more than two. Also it is important as Sandeshdubey said to have at least two DC's. When I did our domain migration from 2003 to 2008 I set up all the new 2008 DC's, gave them plenty time to replicate and settle and then one by one removed the 2003 DC's. I did the removal after hours because I wanted the IP addresses moved from the old DC's to the new DC's as I had a lot of clients and devices configured with static DNS addresses.
0
 

Author Comment

by:Anthony H.
ID: 39664859
I'm not following or understanding what you mean to setup my 2008 first.

Could you please elaborate more and point more specifics?

would this encompass everything that I need to do? > http://www.youtube.com/watch?v=LatpzBtkJUI
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 13

Expert Comment

by:SagiEDoc
ID: 39665513
What we mean is that you must setup a new server loaded with Server 2008 R2 and then add the DC roll to this server. Once this new server is up and running as a DC you can demote the 2003 DC and decommission it.
0
 

Author Comment

by:Anthony H.
ID: 39678389
I have to transfer all the fsmo roles to the 2008 r2 before "demoting" 2003 right?
0
 
LVL 13

Expert Comment

by:SagiEDoc
ID: 39679915
That would be correct.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39680116
Yes,you need to transfer fsmo role before you demote DC and also configure authorative time server role as suggested.

I will recommend to shutdown the old dc and check the impact during business hours and if no issue reported by users then proceed with demotion.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question