Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Promoting Windows Server 2012 R2 as domain controller in Windows 2003 forest & domain ?

Posted on 2015-02-10
11
Medium Priority
?
175 Views
Last Modified: 2015-03-03
Hi,

I've just rebuilt a physical server of Windows Server 2012 R2 Std. and I' about to promote it as Domain Controller and FSMO role holders, what are the caveats and pitfalls that I need to be aware of when transferring from old Windows 2003 DC ?

I'm planning to make the new 2012 R2 box as a PDC Emulator, Infrastructure and RID master.

The domain and forest functionality level is Windows 2003. Some of the domain controllers are Windows Server 2003 and the rest is Windows Server 2008 R2.

Thanks,
0
Comment
  • 4
  • 2
  • 2
  • +2
11 Comments
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 576 total points
ID: 40600569
As long as you keep the domain and forest functional levels at the 2003 level, there is nothing to be concerned with, at least nothing I would be and can recall being concerned with.  Obviously, functionality offered by 2012 that relies on the functional levels being higher won't be available, but other than that... go for it.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40600583
Ok so what about the FSMO role to be transferred from 2003 to this new 2012 R2 box ?

Is there any special way to do it ?
0
 
LVL 36

Assisted Solution

by:Seth Simmons
Seth Simmons earned 288 total points
ID: 40600591
you can use ntdsutil on the 2012 R2 server to transfer

Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
http://support.microsoft.com/KB/255504?wa=wsignin1.0
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Assisted Solution

by:Manoj Bojewar
Manoj Bojewar earned 568 total points
ID: 40600602
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 568 total points
ID: 40600910
Just a note, if you are going to be demoting your 2003 domain controllers make sure that all of your SRV records have been cleanup accordingly (_msdcs folder).

Will.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40601931
Thanks All for the suggestion.

@Will: Ok so as part of the old DC decommission process, do I need to manually delete the _msdcs folder or entries that point to the old DC ?
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 568 total points
ID: 40602285
Each folder under the _msdcs folder will have GC,DC, domains etc. I would go through these and make sure there are no remnants of the old domain controller in here after demotion. I have seen issues like this when demoting 2003 domain controllers.

SRV records can create a lot of issues if there are objects in there referencing services to domain controllers that do not exist.

So don't delete the folder itself go through the entires and see if there are any objects in there referencing the old DC. If there are delete them.

Will.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40607328
Ok, so one last question:

Can I just perform the DCPromo on the new Windows Server 2012 R2 to be the additional domain controller and make it as Global Catalog during the business hour ?

or would there be any impact to the user or to the Exchange Server email flow during the day ?
0
 
LVL 4

Assisted Solution

by:Manoj Bojewar
Manoj Bojewar earned 568 total points
ID: 40607406
there is no any issue. you can add additional domain controller any time.
0
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 576 total points
ID: 40608329
BEFORE you do any promotion or demotion of a DC, I strongly recommend you review the AD health using DCDIAG /C /E /V and correcting any unexplained/unexpected errors.  If memory serves, if you have any failed DCs in AD, it won't let you add another.
0
 
LVL 8

Author Closing Comment

by:Senior IT System Engineer
ID: 40643146
Thanks !
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question