Solved

Replacing old windows 2003 server with Windows 2008 domain controller

Posted on 2013-11-19
7
988 Views
Last Modified: 2013-12-08
I have an old Windows 2003 domain controller running on a VMware virtual machine on Windows 2008 server. There is a second domain controller on the network that I want to remove from the network.

I'm getting a brand new server running Windows 2008 R2 that I want to use as the new domain controller.  

By the way, I already have a new Windows 2008 R2 running Exchange 2010 standard and Exchange has been working great for over one year now.  I don't want to mess this up, especially if Exchange is in the picture.

Here is what I'm thinking about doing.

1. Remove the second domain controller from the network  - demote it to just a windows server.  It's currently being used as a file sharing server right now, which will be replaced also with a  new windows 2008 r2 server.

2. Migrate 2003 to 2008 R2 as domain controller.

3. Remove 2003 from the network.

At the end I should have only one domain controller running on Windows 2008 R2 (new server), Exchange working without any problems (existing server), and a new file server (this server replaces the current second domain controller on the network as file sharing only).

What is the easiest and fastest way of doing this without any potential down time?
0
Comment
Question by:Anthony H.
  • 3
  • 2
  • 2
7 Comments
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 250 total points
Comment Utility
The plan of action looks good however I will recommend to promote new Server in domain point the dns setting of client,exchange and member server to new DC then shutdown the old server during business hours and check the impact if no issue reported you can demote the server as per requirement.

However I will recommend to have atleast two DC in the network for redundancy with single DC you will be at risk.You also need to move the FSMO role to new DC and dont forget to configure authorative time server role on DC.http://support.microsoft.com/kb/816042

See this will be helpful to promote the DC:http://msmvps.com/blogs/mweber/archive/2012/07/30/upgrading-an-active-directory-domain-from-windows-server-2003-or-windows-server-2003-r2-to-windows-server-2012.aspx

If you are planning to remove Win2003 DC below links will be helpful.
http://technet.microsoft.com/en-us/library/cc740017(WS.10).aspx (how to demote a DC)
http://technet.microsoft.com/en-us/library/cc755937(WS.10).aspx (how to decommisioning a DC)
http://technet.microsoft.com/en-us/library/cc771844(WS.10).aspx (how to removing a DC from a Domain)

Hope this helps
0
 
LVL 13

Assisted Solution

by:SagiEDoc
SagiEDoc earned 250 total points
Comment Utility
You plan is spot on, Sandeshdubey is also right. The only thing you need to add is enabling the global catalog on the new 2008 domain controller and making sure it is in the correct site if you have more than two. Also it is important as Sandeshdubey said to have at least two DC's. When I did our domain migration from 2003 to 2008 I set up all the new 2008 DC's, gave them plenty time to replicate and settle and then one by one removed the 2003 DC's. I did the removal after hours because I wanted the IP addresses moved from the old DC's to the new DC's as I had a lot of clients and devices configured with static DNS addresses.
0
 

Author Comment

by:Anthony H.
Comment Utility
I'm not following or understanding what you mean to setup my 2008 first.

Could you please elaborate more and point more specifics?

would this encompass everything that I need to do? > http://www.youtube.com/watch?v=LatpzBtkJUI
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 13

Expert Comment

by:SagiEDoc
Comment Utility
What we mean is that you must setup a new server loaded with Server 2008 R2 and then add the DC roll to this server. Once this new server is up and running as a DC you can demote the 2003 DC and decommission it.
0
 

Author Comment

by:Anthony H.
Comment Utility
I have to transfer all the fsmo roles to the 2008 r2 before "demoting" 2003 right?
0
 
LVL 13

Expert Comment

by:SagiEDoc
Comment Utility
That would be correct.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
Comment Utility
Yes,you need to transfer fsmo role before you demote DC and also configure authorative time server role as suggested.

I will recommend to shutdown the old dc and check the impact during business hours and if no issue reported by users then proceed with demotion.
0

Featured Post

Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now