Solved

Decommissioning old domain controller in several remote sites

Posted on 2014-10-24
8
136 Views
Last Modified: 2015-01-02
I have some remote offices old domain controller box that I need to decommission.

Each office sites got their own aD domain controller with global catalog and has each dedicated AD site.

I'm going to build two AD domain  controllers / global catalog in the data centre in its own AD site.

So is there any steps or consideration that I need to do before and after decommissioning the old domain controllers in each office sites ?

Do I have to delete or eliminate the AD site in each office location ?
0
Comment
  • 5
  • 3
8 Comments
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40402148
If anyone also know what is the best practice of building AD sites for multiple office branch location that'd be greatly appreciated to share it here. Thanks.
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40402172
are you removing the AD sites entirely and consolidating?
is the site itself going away (office closing) or just domain controllers?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40402184
I'm consolidating the domain controllers so instead of the small remote branch office and hotels has its own domain controller, they can use the two domain controllers in the data centre.

This is for 170 sites for multiple different hotel and apartment within one continent in Asia.

The link to the data centre is MPLS link.
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40402189
So if no AD domain controller exist in one site physically do I still must keep the AD site or I can safely delete it ?
0
 
LVL 34

Assisted Solution

by:Seth Simmons
Seth Simmons earned 500 total points
ID: 40402206
a couple things...
1) no domain controller means that there could be latency with logons because of reaching out over the wan to talk to another server
2) if you delete the site, that will make things worse because a domain controller will take over a site if there isn't one in place there so without the site makes things more complicated.  also, without a subnet for that site, other domain controllers will constantly throw warnings about clients talking to it from subnets that don't exist

better off leaving the sites there with the appropriate subnets
clients will still find a domain controller
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40526975
Seth,

Assuming that the 10 MBps WAN link is always on with no bottleneck issue, can I just demote the domain controllers in each AD sites and then leave the AD sites as you suggested?

because my problem at the moment is that there are too many domain controllers to be managed in each sites. Therefore the only domain controllers will be in the main Data Center only not on each sites.
0
 
LVL 34

Accepted Solution

by:
Seth Simmons earned 500 total points
ID: 40528674
if you remove the domain controllers in other sites, then the sites will be taken over by the existing domain controllers since none exist in the others

for example, if you have sites in japan - say tokyo, nagoya, osaka and you remove the domain controllers in nagoya and osaka but leave the AD sites, the domain controller(s) in tokyo (or a DC in another site) would take network requests for systems in the nagoya and osaka sites that don't have their own domain controller

the problem comes in when the connection breaks
some parts of asia that i've been in don't have reliable connectivity at all but others have excellent reliability and speed
0
 
LVL 7

Author Closing Comment

by:Senior IT System Engineer
ID: 40528744
Thanks
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question