Jesse Turner
asked on
Migrating DC server 2003 sp2 32bit AD, DNS, DHCP to Server 2008 R2
I currently have 2 DC on seperate boxes running Server 2003 sp2 32bit. 1 DC replicates to the other DC. The roles are AD, DNS, DHCP. I will also be upgrading my Exchange server 2003 to a new server box as well. (do I need to prep for that during this migration even though the current exchange resides on a seperate box and I will be migrating that over to a new server box as well?)
I currently have 300 users, 275 computers, a few GPO's, etc... I have searched online for step by step but find different answers, so I just want to make sure what the easiest way to migrate this all over flawlessly.
Thank you for your help
I currently have 300 users, 275 computers, a few GPO's, etc... I have searched online for step by step but find different answers, so I just want to make sure what the easiest way to migrate this all over flawlessly.
Thank you for your help
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Nope, this procedure is exactly suitable for your scenario :) Yes, you need to perform adprep as it is shown in article.
We do not show you how to do in-place upgrade (which is not supported in your scenario) but valid procedure to add the first 2008 R2 Domain Controller in current environment.
So, first of all you need this one
http://kpytko.pl/2011/08/2 5/adding-f irst-windo ws-server- 2008-r2-do main-contr oller-with in-windows -2003-netw ork/
If you have more questiosn, do not hesitate to ask
Krzysztof
We do not show you how to do in-place upgrade (which is not supported in your scenario) but valid procedure to add the first 2008 R2 Domain Controller in current environment.
So, first of all you need this one
http://kpytko.pl/2011/08/2
If you have more questiosn, do not hesitate to ask
Krzysztof
Looking at the description of your environment you have to be cautious.
I'm guessing (hoping) you have more than one DHCP and DNS, if not you should be even more cautious.
I will recommend to add the 2008 and just make it DNS and GC, wait for replication to take place, if your 2003 holds all your DHCP tables, I will recommend you to split them to at least 2 servers physical or virtual. This part is tricky as you will have to create the scopes but not start them yet. When you are ready you will have to change/reduce the scope of your current DHCP and then start the corresponding segment on the new DHCP server. This will prevent DHCP collisions and will make it easy to machines to renew their IPs automatically without rebooting. This process takes time depending on your settings, you can lower the time your DHCP keeps IPs alive to reduce wait period but if it's not too long you can leave it and work on other things on your new server.
When you have finished all updates on your 2008... DHCP, DNS, etc... then transfer your FSMO from 2003.... do not remove/demote the server... test everything works correctly... specially your exchange... test... test... demote the server only when you know every single client is working fine with the new DC.
I'm guessing (hoping) you have more than one DHCP and DNS, if not you should be even more cautious.
I will recommend to add the 2008 and just make it DNS and GC, wait for replication to take place, if your 2003 holds all your DHCP tables, I will recommend you to split them to at least 2 servers physical or virtual. This part is tricky as you will have to create the scopes but not start them yet. When you are ready you will have to change/reduce the scope of your current DHCP and then start the corresponding segment on the new DHCP server. This will prevent DHCP collisions and will make it easy to machines to renew their IPs automatically without rebooting. This process takes time depending on your settings, you can lower the time your DHCP keeps IPs alive to reduce wait period but if it's not too long you can leave it and work on other things on your new server.
When you have finished all updates on your 2008... DHCP, DNS, etc... then transfer your FSMO from 2003.... do not remove/demote the server... test everything works correctly... specially your exchange... test... test... demote the server only when you know every single client is working fine with the new DC.
ASKER
Thank you all for you answers on this and I will give credit out soon, However I did have one more question which could turn into more questions later
Would it be easier to just go from Windows 2003 to Windows 2012 R2?
Would it be easier to just go from Windows 2003 to Windows 2012 R2?
HI,
this installation just transfer FSMO role to this windows server 2012, right?" IF you have checked the domain with command line tools dcdiag, repadmin, ADREPLSTATUS(GUI version) and DNSLint for errors transfer the FSMO roles to the new DC.
BEFORE demoting the server follow this steps:
- reconfigure your clients/servers that they not longer point to the old DC/DNS server on the NIC
- to be sure that everything runs fine, disconnect the old DC from the network and check with clients and servers the connectivity, logon and also with one client a restart to see that everything is ok
- then run dcpromo to demote the old DC, if it works fine the machine will move from the DC's OU to the computers container, where you can delete it by hand. Can be that you got an error during demoting at the beginning, then uncheck the Global catalog on that DC and try again
- check the DNS management console, that all entries from the machine are disappeared or delete them by hand if the machine is off the network for ever
- also you have to start AD sites and services and delete the old server name under the site, this will not be done during demotion.
this installation just transfer FSMO role to this windows server 2012, right?" IF you have checked the domain with command line tools dcdiag, repadmin, ADREPLSTATUS(GUI version) and DNSLint for errors transfer the FSMO roles to the new DC.
BEFORE demoting the server follow this steps:
- reconfigure your clients/servers that they not longer point to the old DC/DNS server on the NIC
- to be sure that everything runs fine, disconnect the old DC from the network and check with clients and servers the connectivity, logon and also with one client a restart to see that everything is ok
- then run dcpromo to demote the old DC, if it works fine the machine will move from the DC's OU to the computers container, where you can delete it by hand. Can be that you got an error during demoting at the beginning, then uncheck the Global catalog on that DC and try again
- check the DNS management console, that all entries from the machine are disappeared or delete them by hand if the machine is off the network for ever
- also you have to start AD sites and services and delete the old server name under the site, this will not be done during demotion.
The installation of 2012 is somewhat similar.
In my case I was not able to find or run ADPREP command.
So I end up doing the installation without it and I'm still in a "hybrid-transition" with 2003 DC, DNS, DHCP servers, Exchange 2003 and 2012 PDC, DNS, DHCP.
In other words, yes you can do it... you won't find many docs about it... you will find to 2008 but basically is the same... I did it like that...
In my case I was not able to find or run ADPREP command.
So I end up doing the installation without it and I'm still in a "hybrid-transition" with 2003 DC, DNS, DHCP servers, Exchange 2003 and 2012 PDC, DNS, DHCP.
In other words, yes you can do it... you won't find many docs about it... you will find to 2008 but basically is the same... I did it like that...
ASKER
Ok so I went with the 2008 R2 operating system as my new DC
I followed all the steps that iSiek posted as a link http://kpytko.pl/2011/08/25/adding-first-windows-server-2008-r2-domain-controller-within-windows-2003-network/
Now DNS is installed on this server, what do I do now, add the DHCP role and then what?
I followed all the steps that iSiek posted as a link http://kpytko.pl/2011/08/25/adding-first-windows-server-2008-r2-domain-controller-within-windows-2003-network/
Now DNS is installed on this server, what do I do now, add the DHCP role and then what?
If you can't shutdown your clients connections, you must do a progressive pass of the DHCP to your new box.
Yes, you can install the DHCP role, just make sure you don't have any collision in the scopes. To prevent that, you should reduce your actual DHCP scope or prevent this server from giving some IPs out; Those IPs left out you should put them on the new DHCP server and wait for the renovation process to take place... this can be long depending on your DHCP settings.
You can always turn one off and start the other one right away but you can't have 2 DHCP giving the same range of addresses in a LAN.
Then, you should transfer FSMO. You got some links for this but here is another: How to view and transfer FSMO roles in Windows Server 2003
Yes, you can install the DHCP role, just make sure you don't have any collision in the scopes. To prevent that, you should reduce your actual DHCP scope or prevent this server from giving some IPs out; Those IPs left out you should put them on the new DHCP server and wait for the renovation process to take place... this can be long depending on your DHCP settings.
You can always turn one off and start the other one right away but you can't have 2 DHCP giving the same range of addresses in a LAN.
Then, you should transfer FSMO. You got some links for this but here is another: How to view and transfer FSMO roles in Windows Server 2003
ASKER
I migrated over the DHCP scopes and my New Server 2008 shows it in there and its authorized.
However when I turn off the old 2003 server my clients will not grab a vaild license from the new server
I do have a cisco 6506 switch and can see in the config that is shows ip helper-address as 10.128.xxx.xx which is my old 2003 server, do I need to switch these entries, could that be causing my problem?
Is there a way I can change the IP address of the old server to something else and change the new one to what the old one was instead?
However when I turn off the old 2003 server my clients will not grab a vaild license from the new server
I do have a cisco 6506 switch and can see in the config that is shows ip helper-address as 10.128.xxx.xx which is my old 2003 server, do I need to switch these entries, could that be causing my problem?
Is there a way I can change the IP address of the old server to something else and change the new one to what the old one was instead?
As I mentioned before, when you are migrating DHCP Server scopes from only 1 DHCP server you will not have the results you are expecting unless you shutdown all the computers in your organization. They have a valid IP and still alive!, they won't get a new one until the current one expires.
If your old 2003 box is just that a box with a file server only role left, then yes... everything should be pointing to your new 2008 box.
If your old 2003 box is just that a box with a file server only role left, then yes... everything should be pointing to your new 2008 box.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
So you never turn off your old DHCP!!!!
ASKER
No I did turn it off but for some reason the clients couldn't grab a vaild IP address from the new server even though I imported all the IP address scopes.
ASKER
Thank you all for your help
ASKER
Do I have to run any of the ADPREP stuff if I'm doing it this way? Or do I just install server 2008 on the new server box, then load the roles AD, DNS, DHCP and then what?