[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


Adding a 2008 R2 domain controller to an SBS2003 Environment.

Posted on 2013-11-26
Medium Priority
Last Modified: 2013-11-29
Hello all,

I currently have a single domain controller which also happens to be still running SBS 2003.  I have migrated all other roles off of this server over the past two years and it is ONLY a domain controller now.  I am looking to make one of my other servers, which are member servers running 2008 R2, a domain controller and then fully decommisioning this server for good.  Does anybody have a step by step guide to doing just this?  I recently migrated off of Exchange 2003 on this box and went to Exchange 2010 on a different box, so dealing with exchange is over with, now I just have to create a secondary domain controller on a 2008 R2 box and then shut this one down for good.  Thanks in advance for any and all help!
Question by:zagnutttt4
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
LVL 96

Accepted Solution

Lee W, MVP earned 1600 total points
ID: 39679128
1. Run DCDIAG /C /E /V on the existing DC and correct any unexpected/unexplained errors.
2. Run ADPREP32 on the SBS 2003 system (ADPREP32 can be found on the 2008 R2 DVD).  
3. Run DCPROMO on the 2008 R2 system.
4. WAIT - a day or two give everything time to replicate - then RUN DCDIAG /C /E /V again on both servers.  
5. Assuming everything checks out, shutdown SBS and leave it powered off for a few days.
6. Uninstall Exchange from SBS through the control panel - you'll need your SBS 2003 CDs
7. After a few days and assuming everything is working  -- IMPORTANT -- turn the SBS server back on and then transfer the FSMO roles (reference http://www.petri.co.il/transferring_fsmo_roles.htm )
8. Upon completion of the transfer, run DCPROMO on the SBS server and demote it.
9. Remove the SBS server entirely from the network.
LVL 59

Expert Comment

by:Cliff Galiher
ID: 39679138
For the most part, there is nothing in particular to SBS here. Simply follow the guidance for adding a domain controller to any environment (TechNet has plenty of articles) and demoting old domain controllers.

Now, there *are* two caveats though (like I said, for the most part...)

1) Uninstall exchange 2003 before you demote the SBS 2003 server. I know you said you moved to Exchange 2010, but you didn't really indicate what you did with the Exchange 2003 services. If you simply set them to disabled, you will still want to uninstall them. Otherwise bad things happen to AD down the road. And you can't uninstall them *after* you demote the server. Demoting the server makes changes that break the Exchange installer/uninstaller.

2) Save transferring the FSMO roles until one of the last steps before demoting the 2003 server. Once transferred, SBS will be out of licensing compliance. Not a big deal if you are already in a position to demote and decommission, but can bite you if you are trying to move other things like files or data.
LVL 24

Assisted Solution

Sandeshdubey earned 400 total points
ID: 39679678
See this link Transition from Small Business Server to Standard Windows Server:http://blogs.technet.com/b/infratalks/archive/2012/09/07/transition-from-small-business-server-to-standard-windows-server.aspx

In addition after the FSMO role is moved dont forget to configure authorative time server role on PDC role holder server(new Win2k8 R2).

Change all of the clients (and the new 2008 R2 DC itself), to point to the 2008 R2 DC for their preferred DNS server this may be in DHCP options or the TCP/IP settings.Poin the exchange member server dns to new server.Ensure that DNS/GC role is configured on NEW DC.

Verify the health of DC by dcdiag /q and repadmin /replsum.Check the sysvol content on new  DC to ensure that policies and script folder is replicated.http://blogs.technet.com/b/askds/archive/2011/03/22/what-does-dcdiag-actually-do.aspx

As suggested shurdown the server during business hour and check the impact before you proceed with demoting SBS server.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.


Author Comment

ID: 39680185
Thanks guys!  I may actually first add a 2nd domain controller running 2003 R2 to my SBS2003 network and then after that, decomission the old SBSbox, and then finally, add a secondary domain controller AFTER that that is running 2008 R2.  If I want to add a 2nd domain controller that is currently running 2003 R2, would I follow the same process?  One thing to keep in mind is that we no longer have the installation media for either 2003 SBS OR 2003 R2.  How would I go about running ADPREP on the 2003 R2 box from SBS if I do not have the installation media?
LVL 59

Expert Comment

by:Cliff Galiher
ID: 39680313
The short answer is that if you don't have access to *any* media then you can't prep AD for 2003 R2 (or any other version for which you don't have media.)
LVL 24

Expert Comment

ID: 39683295
Yes you need to prepare the domain to add Win2003R2/Win2008 R2 server to Windows sbs 2003 domain.ADPREP.exe cannot be downloaded since it is provided along with the OS.There is no link to download adprep.exe. You will find it in the install media of your OS.

You can try using trail version to perform ADPREP
Windows Server 2008 R2 Evaluation Free 180-Day Trial:

Author Comment

ID: 39685351
Thanks guys - I downloaded a trial version of Server 2008 and ran ADPREP from that.  I have decided to go with my original plan and make a Server 2008 machine my second domain controller, and will be proceeding from there.

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question