Solved

Replacing 03 Server Domain Controller

Posted on 2014-12-14
12
299 Views
Last Modified: 2014-12-14
So here's the skinny..

I have three servers running 03 server standard. The main server ( the domain controller ) needs to be replaced as it is just moving too slow. Besides it running the office of 25 or so computers, I have about 30 additional people who remote desktop into it daily so downtime is a big no-no. I have a new server ready to go with WIndows Server 2012 R2 on it and I want to make this transition as seamless as possible. The old domain controller works but is very bogged down and slow when it is being RDP'd into etc etc.

What do you guys propose as the best route to go here?
0
Comment
Question by:hcste
  • 4
  • 4
  • 2
  • +1
12 Comments
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 334 total points
Comment Utility
You'll need to let us know what's actually on this main server first before we can recommend the steps you need to take to migrate to your 2012 R2 server.

First things first, you can follow this guide to configure your new 2012 R2 server as a Domain Controller in your 2003 network.

Besides it running the office of 25 or so computers, I have about 30 additional people who remote desktop into it daily so downtime is a big no-no
This is no good, users should never be logging into a domain controller of all places to do end-user work. You're best off setting up your new 2012 R2 server as a Hyper-V host and then firing up two 2012 R2 Virtual Machines, one as your domain controller and file server, the other as a 2012 R2 Remote Desktop Services server with the end-user applications. Microsoft will allow you to do this free of charge (as in you will not have to pay for extra licenses for the Virtual Machines) providing you do not install any other roles on the host apart from Hyper-V. You will still have to pay for Remote Desktop CALs though.
0
 

Author Comment

by:hcste
Comment Utility
For now, and for other reasons that don't need to be explained, lets consider that the end users have to remote into the Domain Controller. (Though If you have a similar link regarding setting up the 2012 R2 server as a Hyper-V host, I'd love to review it.)

With that being said, if I follow that guide, it will make my new server a  domain controller. At that point, will it duplicate the users/configuration if I were to shut down the original domain controller automatically?
0
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
Completely agree - you should not be running Remote Desktop Services/Terminal Services on a domain controller.  From a security and managability standpoint this is a HUGE professional no-no.

As VB ITS suggests, you want to use the PHYSICAL install of Server 2012 R2 as a Hyper-V host ONLY - no DC, no file server, no RDS, then install TWO VMs - one for your DC and one for your RDS server.  From a licensing standpoint, there is ZERO additional cost for this.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
If you aren't familiar with proper domain/server setup and separation of services and don't have the time (or inclination to learn) I STRONGLY recommend you look for an outside consultant who can do this for you.  If you have the time to learn, then I recommend setting up a test network and starting to play - install the roles, setup VMs, and ask questions as they come up.
0
 

Assisted Solution

by:FrancoisvanRensburg
FrancoisvanRensburg earned 166 total points
Comment Utility
Make sure your current DC's are fully service packed. Need down time for this.
Then Make sure you raise your domain level to windows 2003. after that all you have to do is do a dc promo on the 2012 box. This can all be done live. Also make sure you satisfy the server 2012 pre-requisites before promoting. after you are sure your 2012 server promo is successful you can transfer your FSMO's to the nser 2012 DC. would recommend you run DNS on the 2012 server as well.
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 334 total points
Comment Utility
Though If you have a similar link regarding setting up the 2012 R2 server as a Hyper-V host, I'd love to review it
It's as simple as installing the Hyper-V role through Server Manager. Step by step instructions can be found here: http://technet.microsoft.com/en-au/library/hh846766.aspx#BKMK_SERVER

With that being said, if I follow that guide, it will make my new server a  domain controller. At that point, will it duplicate the users/configuration if I were to shut down the original domain controller automatically?
No, it will just replicate AD data such as user accounts, security groups, computer objects, etc.

What exactly do you need replicated from the old server to the new 2012 R2 server? Files shares? Programs? Shared printers?

To be honest, I'm starting to agree with Lee in that if you don't feel you are well equipped to do this migration at this point in time it might be best to hire an external consultant to do the grunt work for you. That way if anything goes wrong, the blame isn't squarely placed on you!
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:hcste
Comment Utility
Okay, again, for the sake of my actual question, lets put the hyper-v recommendation aside.  Either way I want a backup DC.

My question is once I promote the new server as a domain controller, would all the users/configuration duplicate if I were to physical shut down the original DC?
0
 

Author Comment

by:hcste
Comment Utility
VBS IT I understand where you are coming from and I already have a plan of action. But I also posed the questions to pick your brains and get some fresh input.
0
 

Assisted Solution

by:FrancoisvanRensburg
FrancoisvanRensburg earned 166 total points
Comment Utility
No you need to manually transfer the FSMO roles to the new DC before shutting the old server down. Also make sure you DCPROMO the old Server to remove as DC. Make sure you configure the new DC as a Global Catalog. If you just shut down the old server you going to have a dirty AD and possible replication errors
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 334 total points
Comment Utility
My question is once I promote the new server as a domain controller, would all the users/configuration duplicate if I were to physical shut down the original DC?
Yes it will duplicate the Active Directory data from your 2003 server to your 2012 R2 server once it has been setup correctly, providing nothing hampers AD replication. As for other roles that may be installed on your 2003 server such as DNS, DHCP, RRAS, file shares etc. only you would be able to answer that question as we don't have physical access to your server to determine what else needs to be migrated over. I suppose you could always shut down the old server after you've made the 2012 R2 server a DC and see what breaks (after hours obviously!)
0
 

Author Comment

by:hcste
Comment Utility
And regarding the Hyper-V, Why wouldn't you recommend that I just make the Hyper-V server the host and DC and create a VM for just RDS?
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 334 total points
Comment Utility
Because Microsoft allows you to have up to two Server 2012 R2 Hyper-V virtual machines at no cost, providing you have purchased Server 2012 R2 Standard. Why not make use of this free license? Again this is all dependant on the fact that you have no other roles installed on the host apart from the Hyper-V role. The moment you install any other role on the host you are violating Microsoft's licensing terms and be liable to fines by Microsoft should they perform an audit on your business.

Virtual machines can be more easily restored to different hardware in the event of a DR scenario, and that's probably the major benefit in my eyes. Say your physical server goes down tomorrow, providing you've got proper backups of your virtual machine, you can just have it up and running again within minutes on a separate server or even a powerful desktop PC that supports virtualization (which almost all new PCs do these days).

There's also the fact that once you make the host a DC, you are violating Microsoft's licensing terms the moment you use the same 2012 R2 license key for your RDS VM (as mentioned earlier in my post). If you purchase a different 2012 R2 license for your RDS machine though then you're good to go, but then again that'd be a waste of a free 2012 R2 VM that's on offer isn't it? :)
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now