Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 462
  • Last Modified:

Convert Physical Domain Controller to Virtual

Hi,

In our current environment there are 2 physical Domain Controllers at 2 different remote locations acting as the main domain controllers.  What we are trying to do is convert the physical domain controllers to virtual domain controllers.  I've already done a lot of research of what everyone is suggesting and basically to just spin up new virtual machines and make them domain controllers instead of doing a P2V, which is perfectly fine with me.

Location A:
- DC1
- All FSMO Roles
- DHCP for that location
- DNS

Location B:
- DC2
- DHCP for that location
- DNS

For right now I'm working on Location B.  I've spun up a virtual machine, made it a domain controller, added it to the domain, and all replication for Active Directory and DNS has been successful because its currently pointing towards the original 2 domain controllers for replication for DNS.

Since DC2 in Location B is a DHCP server for this location, I already Exported the DHCP by running the following command in CMD:

netsh dhcp server export C:\dhcp.txt all

Now from what I've been told for the next steps would be to perform the following:

- Stop the DHCP Service on DC2
- Run the following command on the new domain controller to import the DHCP Export file from DC2
netsh dhcp server import c:\dhcp.txt all
- Make sure the services for DHCP are running on the new domain controller
- Open DHCP and verify that it's Authorized.

Also:
Everything in Location B has their DNS initially set to look towards DC2 (Ex: 192.168.1.2) currently.  If we are spinning up a new virtual domain controller, with the steps above almost carried out, can we just change the new virtual domain controller to have the same IP as the original DC2 domain controller?  Because if we had a new domain controller for this Location B, everything is already set to point to DC2 and not the new domain controller.

Suggestions please...

Thanks
1
Lumious
Asked:
Lumious
  • 3
  • 2
2 Solutions
 
Cliff GaliherCommented:
You could, but I'm not a big fan of changing IP addresses of infrastructure servers. It is just as easy TO change the setting in DHCP and reboot client machines. As they check their leases, the new setting even if the lease hasn't expired yet. Less risk of ab issue arising.
0
 
LumiousAuthor Commented:
Hi,

As of right now, "nothing" is looking towards the new domain controller that I created.  So are you suggesting "not" to change the IP of the new domain controller to the original IP of DC2?

If I change the settings in DHCP to the new domain controller I created, client machines will probably be fine, but what about other devices that have their DNS set to the original DC2 address (Ex: applications, routers, switches, printers, etc...)

Suggestions please...

Thanks
0
 
Cliff GaliherCommented:
Most of those devices don't use DNS. So it'd be a non-issue. And the ones that do....change them.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LumiousAuthor Commented:
Hi,

If we decide to change in the DHCP Settings to point to one of the new domain controllers, could you provide the steps to perform these changes when you get a chance?

Everyone:
Still Open to Suggestions...

Thanks
0
 
Cliff GaliherCommented:
Open DHCP, expand the scope, expand scope options, edit the DNS scope option. Very very straightforward.
0
 
vivigattCommented:
Specifically, you have to change the DHCP "DNS Server" option (option 6) for it to have one of your working DC as the 1st IP address (preferred DNS server). The clients will have to release their lease and request a new lease or to be rebooted for this setting to be taken into account (or you can use some kind of scripts, for instance based on "ipconfig /release ; ipconfig /renew" commands).
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now