?
Solved

DCPromo down 2003 domain controller when Exchange 2007 is running on same server

Posted on 2015-01-21
3
Medium Priority
?
568 Views
Last Modified: 2015-01-23
I am currently migrating from a single server running Server 2003 R2 that runs the following services: 2003 AD Domain Controller, DNS, DHCP, File and Print Sharing, Exchange 2007. I have already moved the file and print sharing to a new Server 2008 R2 VM (domain member server) and I will be running adprep (on 2003) and dcpromo on another 2008 R2 VM next week to be the first 2008 DC,  additional DNS server and new DHCP server.

Once the new 2008 DC is online and everything has run for a few days to a week, I want to dcpromo down the 2003 server and remove DNS and DHCP (making it a member server) so the 2008 server is the only DC/DNS/DHCP server in the domain. Does anyone have any experience or opinion in removing the 2003 DC role from a live Exchange 2007 server?

Additionally, the role of Exchange 2007 will be moved to a separate 2008 R2 VM and a new version of Exchange in the near future as well. My thought is that having Exchange 2007 and 20?? in a coexistence scenario would be easier if the 2003 DC  role is eliminated and the domain is running with only the 2008 DC with the forest/domain level at 2008.

I suppose I could dc promo up the 2008 server, move Exchange and then take down the old server's Exchange and DC role at the same time, but I would perfer to have AD as clean and final as possible before tackling the Exchange migration.

I appreciate any input.
0
Comment
Question by:markpg47
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 40562663
Yikes you have a lot of services on 1 server (single point of failure). Not to mention that Active Directory and Exchange is not supported on the same server. If you demote your 2003 DC you will break Exchange period.

You are going to have to do the following high level steps
- create a new server for Exchange
- migrated all Exchange mailboxes/address lists/eamil address policies/etc to the new server
- promote your new 2008R2 domain controller (adprep/ etc)
- transfer all of the roles to the 2008R2 server (FSMO roles)
- Decommission Exchange from your 2003 server
- Demote the 2003 domain controller from the domain

Will.
0
 

Author Comment

by:markpg47
ID: 40562708
I was just as surprised to see the DC and Exchange on the same box too, now I have three V-Servers to handle operations. So, just to confirm, take care of Exchange (CAS, DB and clients) first before anything else, correct? I can see securing Exchange before doing anything drastic to the server (dcpromo) but, any reason why moving Exchange should come before prep and promo for the 2008 server? BTW, the domain is at 2003, the forest function level is at 2000.
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 2000 total points
ID: 40562743
I guess you can bring in another DC 2008R2 without any issue. Personally this doesn't take very long and i would not be worried about that. I would be more concern about getting my Exchange environment moved to a new server before something drastic happens with your current setup.

So the answer is yes you can, but Exchange is going to be much more work to setup/move etc so i would start there.

Will.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This video discusses moving either the default database or any database to a new volume.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month11 days, 16 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question