Solved

Decom Server 2003 to Server 2012

Posted on 2014-12-23
6
113 Views
Last Modified: 2015-01-05
hey guys,

We have an old Server 2003 server here, and we added 2 new Server 2012 DC's. So far everything is syncing up and replicating properly.

I want to decom the Server 2003 now, i moved all the FSMO roles already. Is there anything else I need to do or do i just run DCPROMO?
0
Comment
Question by:Cobra25
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 58

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 250 total points
ID: 40515601
As long as there are no errors in the event logs and dcdiag comes up clean, you can dcpromo the old server to demote it.
0
 
LVL 4

Author Comment

by:Cobra25
ID: 40515649
dcdiag/netdiag is clean...

So after thats done, i'll just raise the DFL to 2012?
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40515691
I would. But it isn't technically required.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 4

Author Comment

by:Cobra25
ID: 40515706
Do i need to do anything with DFS?
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40515713
If you are still using FRS for replication, I'd upgrade to DFS. But again, not technically required.
0
 
LVL 10

Accepted Solution

by:
Michael Ian Claridge earned 250 total points
ID: 40515727
Hello,

Below is some very high level considerations when decommissioning any domain controller, I hope this is of some use to you:

DHCP

Check the DHCP scopes, it may not be uncommon for the DC you are decommissioning to be used for primary or secondary DNS resolution for the domain clients for each scope.

DNS

Similar to the importance of checking the DHCP scopes for DNS settings, servers within the domain could also have their primary or secondary DNS set to the IP address of the server you are decommissioning.

NTP

In some cases you could find that NTP is being used for time synchronization by other member servers, this will become a problem if the NTP server set is the DC that you are decommissioning. Windows Time should ideally be configured as type NT5DS, which is DOMHIER (Domain Hierarchy), this addresses future complications around static time configuration to a solitary time service.

GPO

Consider reviewing the group policy objects within the domain to ensure that the server you are decommissioning has no direct relationships, for example software distribution, printer mappings, drive mapping at logon etc.

File Shares

Ensure that no file shares are being used by member servers or other Windows Clients.

Network Monitor

Network Monitor can be installed and used to trace all network connectivity, this will help you understand if the server is being used by any other service which may have been missed in the above

listed considerations, and this will also provide a deeper more successful recon before the Domain Controller is decommissioned.

FSMO

You should always check and validate if the DC you are decommissioning is currently hosting any of the 5 FSMO roles, this can be done via Ntdsutil.exe. Additionally if the server is hosting any FSMO roles that they are moved to a different domain controller.

Global Catalogue

You should always check and validate whether the DC you are decommissioning is currently a Global Catalogue server (GC), this can be checked via “Active Directory Sites and Services”. It is important to note that if the DC you are decommissioning is a GC it is not the only GC within the same active directory site.

DNS Server Functionality

You should always check and validate that DNS changes submitted on the DC you are decommissioning are / have been registered to other DNS servers within the forest before continuing with the decommissioning process, this can be confirmed via netdiag /test:DNS from a command prompt.

Communication To Other DC’s

You should always check and validate that other DC’s within the forest can be located successfully, this can be tested and confirmed by using netdiag /test:dsgetdc /v

Operations Master Communications

You should always check and validate that the operations master FSMO role can be discovered, confirmed to be online and is responding.

Uninstall Active Directory

Once you confirm that the domain controller you are decommissioning provides no implicit resource to other clients within the forest, and that you have also confirmed the health, availability and functionality of the other domain controllers within the forest it is safe to uninstall Active Directory from the domain controller, this can be done via DCPROMO.

Regards

Michael Ian Claridge
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring s…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question