Decom Server 2003 to Server 2012

hey guys,

We have an old Server 2003 server here, and we added 2 new Server 2012 DC's. So far everything is syncing up and replicating properly.

I want to decom the Server 2003 now, i moved all the FSMO roles already. Is there anything else I need to do or do i just run DCPROMO?
LVL 4
Cobra25Asked:
Who is Participating?
 
Michael Ian ClaridgeConnect With a Mentor Acting Service Delivery ManagerCommented:
Hello,

Below is some very high level considerations when decommissioning any domain controller, I hope this is of some use to you:

DHCP

Check the DHCP scopes, it may not be uncommon for the DC you are decommissioning to be used for primary or secondary DNS resolution for the domain clients for each scope.

DNS

Similar to the importance of checking the DHCP scopes for DNS settings, servers within the domain could also have their primary or secondary DNS set to the IP address of the server you are decommissioning.

NTP

In some cases you could find that NTP is being used for time synchronization by other member servers, this will become a problem if the NTP server set is the DC that you are decommissioning. Windows Time should ideally be configured as type NT5DS, which is DOMHIER (Domain Hierarchy), this addresses future complications around static time configuration to a solitary time service.

GPO

Consider reviewing the group policy objects within the domain to ensure that the server you are decommissioning has no direct relationships, for example software distribution, printer mappings, drive mapping at logon etc.

File Shares

Ensure that no file shares are being used by member servers or other Windows Clients.

Network Monitor

Network Monitor can be installed and used to trace all network connectivity, this will help you understand if the server is being used by any other service which may have been missed in the above

listed considerations, and this will also provide a deeper more successful recon before the Domain Controller is decommissioned.

FSMO

You should always check and validate if the DC you are decommissioning is currently hosting any of the 5 FSMO roles, this can be done via Ntdsutil.exe. Additionally if the server is hosting any FSMO roles that they are moved to a different domain controller.

Global Catalogue

You should always check and validate whether the DC you are decommissioning is currently a Global Catalogue server (GC), this can be checked via “Active Directory Sites and Services”. It is important to note that if the DC you are decommissioning is a GC it is not the only GC within the same active directory site.

DNS Server Functionality

You should always check and validate that DNS changes submitted on the DC you are decommissioning are / have been registered to other DNS servers within the forest before continuing with the decommissioning process, this can be confirmed via netdiag /test:DNS from a command prompt.

Communication To Other DC’s

You should always check and validate that other DC’s within the forest can be located successfully, this can be tested and confirmed by using netdiag /test:dsgetdc /v

Operations Master Communications

You should always check and validate that the operations master FSMO role can be discovered, confirmed to be online and is responding.

Uninstall Active Directory

Once you confirm that the domain controller you are decommissioning provides no implicit resource to other clients within the forest, and that you have also confirmed the health, availability and functionality of the other domain controllers within the forest it is safe to uninstall Active Directory from the domain controller, this can be done via DCPROMO.

Regards

Michael Ian Claridge
0
 
Cliff GaliherConnect With a Mentor Commented:
As long as there are no errors in the event logs and dcdiag comes up clean, you can dcpromo the old server to demote it.
0
 
Cobra25Author Commented:
dcdiag/netdiag is clean...

So after thats done, i'll just raise the DFL to 2012?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Cliff GaliherCommented:
I would. But it isn't technically required.
0
 
Cobra25Author Commented:
Do i need to do anything with DFS?
0
 
Cliff GaliherCommented:
If you are still using FRS for replication, I'd upgrade to DFS. But again, not technically required.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.