?
Solved

Server 2003 demote DC keep DNS

Posted on 2014-10-24
4
Medium Priority
?
685 Views
Last Modified: 2014-10-27
I'm looking for step by step instructions.

I have several Domain Controllers.  Mostly Server 2008 R2.  However, I still have two Domain Controllers with Server 2003 that I want to Demote; I need to keep the DNS after the demotion.

There are still many Static IP Servers pointing to it for DNS resolution as well as other devices.  I want to eventually change their settings to the newer 2008 R2 Domain Controllers with DNS.  But for now I need these two Server 2003 Domain Controller to serve up DNS until they are all changed.

I can't wait until I get everything moved.  I need to demote now and move DNS later.
Step by Step on how I keep my DNS please.  After the Demotion I know the DNS will be gone.  I'm looking for step by step on how to keep the DNS exactly the same way.  I can't have any down time outside the demotion and DNS repair.
Thanks
0
Comment
Question by:cridog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 18

Expert Comment

by:Don S.
ID: 40402519
DNS does not automatically go away when you demote a DC.  Those are two separate things.
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40402523
you would need to configure the domain controller(s) for zone transfers of the zones you want to transfer
on the 2003 servers, add a zone as secondary and specify one of the domain controllers that have the zone transfer enabled

Modify DNS zone transfer settings
http://technet.microsoft.com/en-us/library/cc782181(v=ws.10).aspx
0
 

Author Comment

by:cridog
ID: 40402634
dons6718 - DNS is still installed but there is nothing in it.  It is not useful at this point.  I'm trying to make it useful with the domains DNS entries.  It will still be the DNS server everyone else is hitting.  It needs to be able to respond with useful information.

Seth - Sounds like the right track.  The link shows me how to modify DNS zone transfer settings.  And I'm sure that is what I need to do.  However, I'm looking for a step by step solution.  So I demote the 2003 server; restart it; now what.  Where do I go to modify DNS zone transfer?  Is that all I need to do?  After I modify the DNS zone transfer it will work.  I'm missing the steps.  

Thanks
0
 
LVL 35

Accepted Solution

by:
Seth Simmons earned 2000 total points
ID: 40406319
Where do I go to modify DNS zone transfer?

DNS console in administrative tools

After I modify the DNS zone transfer it will work.

it's a 2 step process - allow zone transfer on the other domain controller and add the zone as secondary on the demoted 2003 server

on the 2008 server, open the dns console, right click on a zone and select properties
click the zone transfer tab
check the box to allow zone transfers and check the option you want to either allow transfer to any server or you can restrict to only allow the servers you want

once that is done, open the dns console on the 2003 server,  right click on the server and select new zone
you fill in the info as far as the name, etc. but for zone type it will have 4 options - primary, secondary, stub and AD integrated; select secondary.  it will ask for the master server to transfer to, put the address of the 2008 server you just allowed the zone transfer on
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month12 days, 19 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question