Solved

demoting DC/AD Server 2000, and joining to another domain running Server 2008 Standard

Posted on 2014-01-14
4
376 Views
Last Modified: 2014-01-14
Currently have two domains in our network. I would like to get it down to one, with one active directory.

The server that needs to be moved is running Server 2000.  It has Active Directory installed and is performing DNS. The other server is 2008 Standard which also has AD/DNS/DHCP, and is a file server/print server as well. The older server is really only hosting MAS90 which all of our clients use. Because the clients are all joined to the newer server's domain, we have authentication errors in the mapped drives to the old server. I need to get the old server on the new domain and use the newer machine's AD to authenticate shares.

Is this as simple as demoting the old server and joining the new domain, or do I need to uninstall DNS, AD, and transfer FSMO roles?

Thanks for the look.
0
Comment
Question by:riley71
  • 2
  • 2
4 Comments
 
LVL 10

Expert Comment

by:remmett70
ID: 39780505
Since they are separate domains, you won't need to worry about FSMO roles.  So Demote the 2000 server and once it is a stand-alone server.  You add it to the new domain as a member server.  
 
You will need to apply the share and file permissions of the new domain to the 2000 server once it is part of the new domain.
0
 

Author Comment

by:riley71
ID: 39780513
Perfect. That is what I was hoping. Does the DCpromo command require a restart? And if so, how do I guarantee access back into the server afterward? Or can I demote and join the new domain immediately?
0
 
LVL 10

Accepted Solution

by:
remmett70 earned 500 total points
ID: 39780524
DCPromo will require a reboot once completed.  During the demotion, you will be given the chance to set the password for the local administrator account of the server.
0
 

Author Closing Comment

by:riley71
ID: 39780550
Great! Thanks. I will be performing the demotion in a couple of hours.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question