JRome225
asked on
Need to move current DC and AD to new physical virtualized server
We need to move our current Domain Controller and all its settings to a new virtualized machine that has Hyper V on it. What are the correct steps and processes in order to do this? I have created the new Server 2008R2 in a Hyper V environment. Their is also another physical box that houses the database and another that runs QB. I have the virtualized servers ready for these as well on the one new computer. The new computer is also on the same subnet as the old one.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
i find ntdsutil to be easier to move fsmo roles since you don't need to mess with dll's and mmc consoles; simpler from the command line
Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
http://support.microsoft.com/kb/255504
also need to change any static-configured systems to use the new server for DNS and update any DHCP scope(s) you may have for the new DNS server
once the fsmo roles are moved, need to configure that box as the time server
How to configure an authoritative time server in Windows Server
http://support.microsoft.com/kb/816042
i would let them coexist for a week or so then check dcdiag on both boxes and make sure there are no errors before you decommission the old domain controller
Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
http://support.microsoft.com/kb/255504
also need to change any static-configured systems to use the new server for DNS and update any DHCP scope(s) you may have for the new DNS server
once the fsmo roles are moved, need to configure that box as the time server
How to configure an authoritative time server in Windows Server
http://support.microsoft.com/kb/816042
i would let them coexist for a week or so then check dcdiag on both boxes and make sure there are no errors before you decommission the old domain controller
Depending on the server licensing, you could to a P2V conversion. This is non-destructive and safe to experiment with, provided you have an alternate drive to store your image on. Microsoft has a free tool (http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx) that can convert a physical volume to a VHD, which you can then mount in your virtual machine.
Important considerations, if you are coming from a 2003 domain controller, you may have issues if the hardware is too dissimilar, but again... it won't hurt the source machine so long as you export the VHD to an external disk. Other consideratiions have to do with licensing. If it's an OEM license, it may not be within your license terms to move it to a virtual environment on a different machine.
Important considerations, if you are coming from a 2003 domain controller, you may have issues if the hardware is too dissimilar, but again... it won't hurt the source machine so long as you export the VHD to an external disk. Other consideratiions have to do with licensing. If it's an OEM license, it may not be within your license terms to move it to a virtual environment on a different machine.
Ha, Andrew beat me to it. Rebuilding and joining another machine as a DC would be preferred. Transfer FSMO roles to make it the primary, then you can demote the old one after everything is working as it should.
ASKER
Thanks guys, I'll let you know how it goes this weekend.
ASKER
A question though, once the DC is transferred, how will it affect the other servers and computers on the network? Will all machines need to be transfered over to the new DC? Will DNS auto configure the new DC?
you will have to change your DNS server to the new DC at the client level if you're taking the old one down. how difficult that is depends on if you're running DHCP or not, and where
ASKER
DHCP is being run on the router. I will be taking the old one down as it is on the DC.
so just update your DHCP server with the DNS pointer to the new DC
I had three instances whew Windows 2008 r2 domain controller failed/cashed. Though such issues never made a an problem to other domain controllers and I could remove the failed one easily , I am worried to put a domain controller again on virtual. Windows server 2012 or above domain controllers are virtualization aware.
Have a look on the below technet article.
http://technet.microsoft.com/en-us/library/hh831734.aspx
So my recommendation is if possible, upgrade domain controller to windows 2012 so that you can safely virtualize.
Good luck.
Have a look on the below technet article.
http://technet.microsoft.com/en-us/library/hh831734.aspx
So my recommendation is if possible, upgrade domain controller to windows 2012 so that you can safely virtualize.
Good luck.
Ever since virtualization became stable and acceptable and network card teaming was perfected, I've only run one domain controller per domain. I keep it extremely lightweight and I back it up 12 times a day. Safe restoration is literally a blink of an eye away and I never worry about tombstoning or ADS restoration. Call me crazy...
However, if you cannot do this...
Use DIsk2VHD
Source
http://technet.microsoft.com/en-us/sysinternals/ee656415
see here
http://www.altaro.com/hyper-v/using-disk2vhd-for-physical-to-virtual-conversions-p2v/