If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.
Replacing 03 Server Domain Controller
So here's the skinny..
I have three servers running 03 server standard. The main server ( the domain controller ) needs to be replaced as it is just moving too slow. Besides it running the office of 25 or so computers, I have about 30 additional people who remote desktop into it daily so downtime is a big no-no. I have a new server ready to go with WIndows Server 2012 R2 on it and I want to make this transition as seamless as possible. The old domain controller works but is very bogged down and slow when it is being RDP'd into etc etc.
What do you guys propose as the best route to go here?
I have three servers running 03 server standard. The main server ( the domain controller ) needs to be replaced as it is just moving too slow. Besides it running the office of 25 or so computers, I have about 30 additional people who remote desktop into it daily so downtime is a big no-no. I have a new server ready to go with WIndows Server 2012 R2 on it and I want to make this transition as seamless as possible. The old domain controller works but is very bogged down and slow when it is being RDP'd into etc etc.
What do you guys propose as the best route to go here?
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
For now, and for other reasons that don't need to be explained, lets consider that the end users have to remote into the Domain Controller. (Though If you have a similar link regarding setting up the 2012 R2 server as a Hyper-V host, I'd love to review it.)
With that being said, if I follow that guide, it will make my new server a domain controller. At that point, will it duplicate the users/configuration if I were to shut down the original domain controller automatically?
With that being said, if I follow that guide, it will make my new server a domain controller. At that point, will it duplicate the users/configuration if I were to shut down the original domain controller automatically?
Completely agree - you should not be running Remote Desktop Services/Terminal Services on a domain controller. From a security and managability standpoint this is a HUGE professional no-no.
As VB ITS suggests, you want to use the PHYSICAL install of Server 2012 R2 as a Hyper-V host ONLY - no DC, no file server, no RDS, then install TWO VMs - one for your DC and one for your RDS server. From a licensing standpoint, there is ZERO additional cost for this.
As VB ITS suggests, you want to use the PHYSICAL install of Server 2012 R2 as a Hyper-V host ONLY - no DC, no file server, no RDS, then install TWO VMs - one for your DC and one for your RDS server. From a licensing standpoint, there is ZERO additional cost for this.
If you aren't familiar with proper domain/server setup and separation of services and don't have the time (or inclination to learn) I STRONGLY recommend you look for an outside consultant who can do this for you. If you have the time to learn, then I recommend setting up a test network and starting to play - install the roles, setup VMs, and ask questions as they come up.
Make sure your current DC's are fully service packed. Need down time for this.
Then Make sure you raise your domain level to windows 2003. after that all you have to do is do a dc promo on the 2012 box. This can all be done live. Also make sure you satisfy the server 2012 pre-requisites before promoting. after you are sure your 2012 server promo is successful you can transfer your FSMO's to the nser 2012 DC. would recommend you run DNS on the 2012 server as well.
Then Make sure you raise your domain level to windows 2003. after that all you have to do is do a dc promo on the 2012 box. This can all be done live. Also make sure you satisfy the server 2012 pre-requisites before promoting. after you are sure your 2012 server promo is successful you can transfer your FSMO's to the nser 2012 DC. would recommend you run DNS on the 2012 server as well.
Though If you have a similar link regarding setting up the 2012 R2 server as a Hyper-V host, I'd love to review itIt's as simple as installing the Hyper-V role through Server Manager. Step by step instructions can be found here: http://technet.microsoft.com/en-au/library/hh846766.aspx#BKMK_SERVER
With that being said, if I follow that guide, it will make my new server a domain controller. At that point, will it duplicate the users/configuration if I were to shut down the original domain controller automatically?No, it will just replicate AD data such as user accounts, security groups, computer objects, etc.
What exactly do you need replicated from the old server to the new 2012 R2 server? Files shares? Programs? Shared printers?
To be honest, I'm starting to agree with Lee in that if you don't feel you are well equipped to do this migration at this point in time it might be best to hire an external consultant to do the grunt work for you. That way if anything goes wrong, the blame isn't squarely placed on you!
Okay, again, for the sake of my actual question, lets put the hyper-v recommendation aside. Either way I want a backup DC.
My question is once I promote the new server as a domain controller, would all the users/configuration duplicate if I were to physical shut down the original DC?
My question is once I promote the new server as a domain controller, would all the users/configuration duplicate if I were to physical shut down the original DC?
VBS IT I understand where you are coming from and I already have a plan of action. But I also posed the questions to pick your brains and get some fresh input.
No you need to manually transfer the FSMO roles to the new DC before shutting the old server down. Also make sure you DCPROMO the old Server to remove as DC. Make sure you configure the new DC as a Global Catalog. If you just shut down the old server you going to have a dirty AD and possible replication errors
My question is once I promote the new server as a domain controller, would all the users/configuration duplicate if I were to physical shut down the original DC?Yes it will duplicate the Active Directory data from your 2003 server to your 2012 R2 server once it has been setup correctly, providing nothing hampers AD replication. As for other roles that may be installed on your 2003 server such as DNS, DHCP, RRAS, file shares etc. only you would be able to answer that question as we don't have physical access to your server to determine what else needs to be migrated over. I suppose you could always shut down the old server after you've made the 2012 R2 server a DC and see what breaks (after hours obviously!)
And regarding the Hyper-V, Why wouldn't you recommend that I just make the Hyper-V server the host and DC and create a VM for just RDS?
Because Microsoft allows you to have up to two Server 2012 R2 Hyper-V virtual machines at no cost, providing you have purchased Server 2012 R2 Standard. Why not make use of this free license? Again this is all dependant on the fact that you have no other roles installed on the host apart from the Hyper-V role. The moment you install any other role on the host you are violating Microsoft's licensing terms and be liable to fines by Microsoft should they perform an audit on your business.
Virtual machines can be more easily restored to different hardware in the event of a DR scenario, and that's probably the major benefit in my eyes. Say your physical server goes down tomorrow, providing you've got proper backups of your virtual machine, you can just have it up and running again within minutes on a separate server or even a powerful desktop PC that supports virtualization (which almost all new PCs do these days).
There's also the fact that once you make the host a DC, you are violating Microsoft's licensing terms the moment you use the same 2012 R2 license key for your RDS VM (as mentioned earlier in my post). If you purchase a different 2012 R2 license for your RDS machine though then you're good to go, but then again that'd be a waste of a free 2012 R2 VM that's on offer isn't it? :)
Virtual machines can be more easily restored to different hardware in the event of a DR scenario, and that's probably the major benefit in my eyes. Say your physical server goes down tomorrow, providing you've got proper backups of your virtual machine, you can just have it up and running again within minutes on a separate server or even a powerful desktop PC that supports virtualization (which almost all new PCs do these days).
There's also the fact that once you make the host a DC, you are violating Microsoft's licensing terms the moment you use the same 2012 R2 license key for your RDS VM (as mentioned earlier in my post). If you purchase a different 2012 R2 license for your RDS machine though then you're good to go, but then again that'd be a waste of a free 2012 R2 VM that's on offer isn't it? :)
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trialIt's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003
From novice to tech pro — start learning today.
-
Windows Server 2003Certification: MCP Microsoft Certified Partner - Installing and Configu… 288 lessons
-
Microsoft ApplicationsCertification: MCSE Microsoft Certified Systems Engineer - Identity … 440 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
First things first, you can follow this guide to configure your new 2012 R2 server as a Domain Controller in your 2003 network.
This is no good, users should never be logging into a domain controller of all places to do end-user work. You're best off setting up your new 2012 R2 server as a Hyper-V host and then firing up two 2012 R2 Virtual Machines, one as your domain controller and file server, the other as a 2012 R2 Remote Desktop Services server with the end-user applications. Microsoft will allow you to do this free of charge (as in you will not have to pay for extra licenses for the Virtual Machines) providing you do not install any other roles on the host apart from Hyper-V. You will still have to pay for Remote Desktop CALs though.