Solved

FSMO Roles question

Posted on 2014-01-30
3
667 Views
Last Modified: 2014-01-30
I currently have 2 servers.  I intend on adding a third and then retiring the oldest one.
I have one AD Domain.  
Server1 is windows 2003 DC, which has FSMO Roles
Server2 is windows 2008 DC.  

When I installed Server2, I promoted it to DC but never transferred the FSMO roles becuase I cound't risk a failure in the transfer and then have to sieze the roles.  

I want to retire Server1.  
I intend to do it this way...
Add Server3, join domain and then promote to DC.  
Now I have 3 DCs, where Server1 still has the FSMO roles.  
Next I will attempt to transfer FSMO roles from Server1 to Server3.  
If that fails, I will then Sieze the FSMO roles on Server3.  
Once I seize the roles on Server3, I will take down Server1, never to be used again.

Once this is completed, I will now have Server2 as DC and Server3 as DC with FSMO roles.  

Server2 has never had FSMO roles and will never. .
If I sieze the roles on Server3, will that impact Server2 functioning in the domain as a DC?   in General will my approach work?  
TIA
0
Comment
Question by:BuddyWeaver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 3

Accepted Solution

by:
BertSublime earned 100 total points
ID: 39821333
Your approach seems great,  obviously you are checking the health of the doamin before starting and after promotion of server 3.

you shouldn't have to seize the roles, if you do there is a problem with the domain.  

I would also have a quick read of the following,  which give some great info on roles as well as recommendations on placement.  

http://support.microsoft.com/kb/223346
0
 
LVL 7

Assisted Solution

by:dsnegi_25dec
dsnegi_25dec earned 100 total points
ID: 39821358
it will work .
0
 

Author Closing Comment

by:BuddyWeaver
ID: 39821409
thanks for the confirmations
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
time server cant sync - rpc service is unavailable. 5 49
user Log on times in AD 5 37
Ransomware case 23 95
Deploying MSI package with GPO 3 17
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question