Solved

Host Hyper-V server is getting it's Authentication/DNS from a DC that I need to remove.  How do I proceed

Posted on 2014-02-25
14
320 Views
Last Modified: 2014-11-12
I have two DC's 1 is virtual.  I need to remove the physical DC to rebuild it.  However, the Host member Hyper-V server is authenticating to the server I need to rebuild.

How do I proceed to accomplish this task?
0
Comment
Question by:J.R. Sitman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
14 Comments
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39886252
Active Directory is a multi-master topology, so as long as your DC is healthy, advertising, and working properly (use dcdiag to check this) machines will seamlessly move among available DCs. They won't lock onto and authenticate against only one. So you can remove a DC easily and transparently without extra steps.
0
 
LVL 9

Expert Comment

by:TunerML
ID: 39886257
You will however want to ensure that the DC you are rebuilding does not hold the FSMO roles, and if it does transfer them to the DC that will remain active during this period.
0
 

Author Comment

by:J.R. Sitman
ID: 39886271
So lets say the physical DC is off.  If I reboot the Host Hyper-V server, it will authenticate to the VM on itself that is the DC?

All FSMO roles have been moved to the VM DC.
0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 39886287
No, that is a chicken-and-egg scenario. If you envision rebooting your hyper-v server within the time it takes to rebuild your physical DC, stand up another DC in the interim, even if only temporarily.
0
 

Author Comment

by:J.R. Sitman
ID: 39886393
That's what I thought.  Does it need to be a DNS server?

Thanks
0
 
LVL 58

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
ID: 39886479
If your only other DNS servers with AD zones are VMs on the host, yes. AD is heavily dependent on DNS.
0
 

Author Comment

by:J.R. Sitman
ID: 39886534
got it.  It will using the existing scope that exists on AD, correct?
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39886567
Scope?
0
 

Author Comment

by:J.R. Sitman
ID: 39886573
Sorry, was thinking DHCP.  I just checked it has the proper "Zones"
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39886581
So I am not sure there was a question there, but the rule is the same as it is for a domain controller. You want to make sure a DNS server is always available. If that means making a temp DC also be a DNS server then do that.
0
 

Author Comment

by:J.R. Sitman
ID: 39886635
got it.  All is good.

Thanks
0
 

Author Comment

by:J.R. Sitman
ID: 39887025
Final question.  I have the DHCP scope split over two DC.  If the DC that I'm shutting down is one DHCP and the other is the VM, is that a problem?
0
 
LVL 58

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
ID: 39887056
It would be for clients requesting leases if you rebooted the host or guest while the physical machine is down. Or if the host also gets its address from DHCP. Otherwise, no.
0
 

Author Closing Comment

by:J.R. Sitman
ID: 39893511
Thanks for all the help
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question