Solved

Host Hyper-V server is getting it's Authentication/DNS from a DC that I need to remove.  How do I proceed

Posted on 2014-02-25
14
317 Views
Last Modified: 2014-11-12
I have two DC's 1 is virtual.  I need to remove the physical DC to rebuild it.  However, the Host member Hyper-V server is authenticating to the server I need to rebuild.

How do I proceed to accomplish this task?
0
Comment
Question by:J.R. Sitman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
14 Comments
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39886252
Active Directory is a multi-master topology, so as long as your DC is healthy, advertising, and working properly (use dcdiag to check this) machines will seamlessly move among available DCs. They won't lock onto and authenticate against only one. So you can remove a DC easily and transparently without extra steps.
0
 
LVL 9

Expert Comment

by:TunerML
ID: 39886257
You will however want to ensure that the DC you are rebuilding does not hold the FSMO roles, and if it does transfer them to the DC that will remain active during this period.
0
 

Author Comment

by:J.R. Sitman
ID: 39886271
So lets say the physical DC is off.  If I reboot the Host Hyper-V server, it will authenticate to the VM on itself that is the DC?

All FSMO roles have been moved to the VM DC.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 39886287
No, that is a chicken-and-egg scenario. If you envision rebooting your hyper-v server within the time it takes to rebuild your physical DC, stand up another DC in the interim, even if only temporarily.
0
 

Author Comment

by:J.R. Sitman
ID: 39886393
That's what I thought.  Does it need to be a DNS server?

Thanks
0
 
LVL 58

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
ID: 39886479
If your only other DNS servers with AD zones are VMs on the host, yes. AD is heavily dependent on DNS.
0
 

Author Comment

by:J.R. Sitman
ID: 39886534
got it.  It will using the existing scope that exists on AD, correct?
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39886567
Scope?
0
 

Author Comment

by:J.R. Sitman
ID: 39886573
Sorry, was thinking DHCP.  I just checked it has the proper "Zones"
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39886581
So I am not sure there was a question there, but the rule is the same as it is for a domain controller. You want to make sure a DNS server is always available. If that means making a temp DC also be a DNS server then do that.
0
 

Author Comment

by:J.R. Sitman
ID: 39886635
got it.  All is good.

Thanks
0
 

Author Comment

by:J.R. Sitman
ID: 39887025
Final question.  I have the DHCP scope split over two DC.  If the DC that I'm shutting down is one DHCP and the other is the VM, is that a problem?
0
 
LVL 58

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 500 total points
ID: 39887056
It would be for clients requesting leases if you rebooted the host or guest while the physical machine is down. Or if the host also gets its address from DHCP. Otherwise, no.
0
 

Author Closing Comment

by:J.R. Sitman
ID: 39893511
Thanks for all the help
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question