Adding a 2008 R2 domain controller to an SBS2003 Environment.

Posted on 2013-11-26
Last Modified: 2013-11-29
Hello all,

I currently have a single domain controller which also happens to be still running SBS 2003.  I have migrated all other roles off of this server over the past two years and it is ONLY a domain controller now.  I am looking to make one of my other servers, which are member servers running 2008 R2, a domain controller and then fully decommisioning this server for good.  Does anybody have a step by step guide to doing just this?  I recently migrated off of Exchange 2003 on this box and went to Exchange 2010 on a different box, so dealing with exchange is over with, now I just have to create a secondary domain controller on a 2008 R2 box and then shut this one down for good.  Thanks in advance for any and all help!
Question by:zagnutttt4
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
LVL 96

Accepted Solution

Lee W, MVP earned 400 total points
ID: 39679128
1. Run DCDIAG /C /E /V on the existing DC and correct any unexpected/unexplained errors.
2. Run ADPREP32 on the SBS 2003 system (ADPREP32 can be found on the 2008 R2 DVD).  
3. Run DCPROMO on the 2008 R2 system.
4. WAIT - a day or two give everything time to replicate - then RUN DCDIAG /C /E /V again on both servers.  
5. Assuming everything checks out, shutdown SBS and leave it powered off for a few days.
6. Uninstall Exchange from SBS through the control panel - you'll need your SBS 2003 CDs
7. After a few days and assuming everything is working  -- IMPORTANT -- turn the SBS server back on and then transfer the FSMO roles (reference )
8. Upon completion of the transfer, run DCPROMO on the SBS server and demote it.
9. Remove the SBS server entirely from the network.
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39679138
For the most part, there is nothing in particular to SBS here. Simply follow the guidance for adding a domain controller to any environment (TechNet has plenty of articles) and demoting old domain controllers.

Now, there *are* two caveats though (like I said, for the most part...)

1) Uninstall exchange 2003 before you demote the SBS 2003 server. I know you said you moved to Exchange 2010, but you didn't really indicate what you did with the Exchange 2003 services. If you simply set them to disabled, you will still want to uninstall them. Otherwise bad things happen to AD down the road. And you can't uninstall them *after* you demote the server. Demoting the server makes changes that break the Exchange installer/uninstaller.

2) Save transferring the FSMO roles until one of the last steps before demoting the 2003 server. Once transferred, SBS will be out of licensing compliance. Not a big deal if you are already in a position to demote and decommission, but can bite you if you are trying to move other things like files or data.
LVL 24

Assisted Solution

Sandeshdubey earned 100 total points
ID: 39679678
See this link Transition from Small Business Server to Standard Windows Server:

In addition after the FSMO role is moved dont forget to configure authorative time server role on PDC role holder server(new Win2k8 R2).

Change all of the clients (and the new 2008 R2 DC itself), to point to the 2008 R2 DC for their preferred DNS server this may be in DHCP options or the TCP/IP settings.Poin the exchange member server dns to new server.Ensure that DNS/GC role is configured on NEW DC.

Verify the health of DC by dcdiag /q and repadmin /replsum.Check the sysvol content on new  DC to ensure that policies and script folder is replicated.

As suggested shurdown the server during business hour and check the impact before you proceed with demoting SBS server.
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why


Author Comment

ID: 39680185
Thanks guys!  I may actually first add a 2nd domain controller running 2003 R2 to my SBS2003 network and then after that, decomission the old SBSbox, and then finally, add a secondary domain controller AFTER that that is running 2008 R2.  If I want to add a 2nd domain controller that is currently running 2003 R2, would I follow the same process?  One thing to keep in mind is that we no longer have the installation media for either 2003 SBS OR 2003 R2.  How would I go about running ADPREP on the 2003 R2 box from SBS if I do not have the installation media?
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39680313
The short answer is that if you don't have access to *any* media then you can't prep AD for 2003 R2 (or any other version for which you don't have media.)
LVL 24

Expert Comment

ID: 39683295
Yes you need to prepare the domain to add Win2003R2/Win2008 R2 server to Windows sbs 2003 domain.ADPREP.exe cannot be downloaded since it is provided along with the OS.There is no link to download adprep.exe. You will find it in the install media of your OS.

You can try using trail version to perform ADPREP
Windows Server 2008 R2 Evaluation Free 180-Day Trial:

Author Comment

ID: 39685351
Thanks guys - I downloaded a trial version of Server 2008 and ran ADPREP from that.  I have decided to go with my original plan and make a Server 2008 machine my second domain controller, and will be proceeding from there.

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question