Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 143
  • Last Modified:

Replacing windows 2000 server domain controller with new hardware running server 2012 r2. best/easiest procedure

Replacing  Domain controller currently running Server 2000 on ancient hardware with new hardware. The new hardware will be running windows server 2012 R2.  What is the best way to go about this?  It is a small network with about 25 clients.  The clients are mostly Windows 7 Pro.
0
gpwalk
Asked:
gpwalk
  • 6
  • 5
  • 2
  • +1
2 Solutions
 
Paul MacDonaldDirector, Information SystemsCommented:
Build the new server.
Join it to the domain.
Promote it to a domain controller.
Move all the FSMO roles from the server being replaced to the new server.
Demote the old server.
Remove the old server from the domain.

FWIW, I strongly recommend at least two DCs for fault tolerance.  If you don't have two DCs, have very good backups.
0
 
gpwalkAuthor Commented:
Some additional information:  there are two addition servers on the network.  Both are configured as application servers, both running server server 2003. one is x64, the other is 32 bit.
0
 
Paul MacDonaldDirector, Information SystemsCommented:
The other member servers won't change the procedure.
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
Marc LCommented:
2012 domain controllers need at least a 2003 domain, so you'll have to first upgrade to 2003, but the basic procedure would be:

1. Install domain controllers that run Windows Server 2003 or later. These domain controllers can be deployed on an evaluation version of Windows Server. This step also requires running adprep.exe for that operating system release as a prerequisite.
2. Remove the Windows 2000 domain controllers. Specifically, gracefully demote or forcibly remove Windows Server 2000 domain controllers from the domain and used Active Directory Users and Computers to remove the domain controller accounts for all removed domain controllers.
3. Raise the forest functional level to Windows Server 2003 or higher.
4. Install domain controllers that run Windows Server 2012.
5. Remove domain controllers that run earlier versions of Windows Server.

https://technet.microsoft.com/en-us/library/hh994618.aspx
0
 
it_saigeDeveloperCommented:
The application servers will not affect the process and should not be affected by the process.  The only items affected are the DC's, however, I think you may be in a catch 22 as Server 2012 requires that your Forest and Domain Functional Levels be at least Windows Server 2003.  This means that you will *have* to use an intermediary server (Windows Server 2003 or Windows Server 2008) in order to proceed.

Essentially you will still use Paul's steps, but you would first add the intermediary.  Once the intermediary is in place (using Paul's steps).  Demote the 2000 Server, raise the Forest and Domain Functional Levels and then use Paul's steps again to add the 2012 Server.

-saige-
0
 
gpwalkAuthor Commented:
That seems simple enough but:
What about the machine name of the servers. Does the matter as long as they are not the same?
What about the SIDs?  and share name the clients are linked to?
I'm not sure how to identify all of the FSMO roles.
0
 
gpwalkAuthor Commented:
Now this is beginning to NOT sound simple enough.
I have 24 hours to accomplish this once I begin.
0
 
it_saigeDeveloperCommented:
There are 5 FSMO Roles (PDC Emulator, Domain Naming Master, Infrastructure Master, RID Master and Schema Master).  

Transferring them is a well documented process:
http://support.microsoft.com/kb/255690
http://support.microsoft.com/KB/255504
http://www.petri.com/transferring_fsmo_roles.htm

As for the Machine Name, you are correct, they cannot be the same.
Don't concern yourself with the SIDs.  These are generated in AD and since you are not creating a new Domain, they will not be affected.

-saige-
0
 
it_saigeDeveloperCommented:
What version of 2012 R2 are you going to use (Standard or DataCenter)?

-saige-
0
 
it_saigeDeveloperCommented:
Also you mentioned Shares.  Do you have shares on your existing DC?

-saige-
0
 
gpwalkAuthor Commented:
it Sage
2012 R2 is standard
Yes the current 2000 domain controller is a data server as well, with shared drives.
0
 
gpwalkAuthor Commented:
What would be the pitfalls of just creating a new domain using the 2012 server?
Since the entire Domain consists of 4 servers(One is the win 2K controller and the others are 2003 servers)
Other than:
1. New SIDs, which would be a new desktop on each client there are 24 clients total.
2. Possibly having to reinstall networked applications
3 New user profile.
4 Moving the shared data on the old controller(WIN2K) to the new controller/
0
 
it_saigeDeveloperCommented:
Ultimately, I think this would cause more work than you realize and you would not be able to get this completed in a 24hour period.  You would end up with literally days [if not weeks] of clean-up work because this user is missing this or that user is missing that, etc...

No, if you can't promote one of your existing 2003 servers to a domain controller, I was thinking of leveraging Hyper-V on the new server (unless someone else has a better idea).

In a nutshell, here are the steps involved:

1.  Install Server 2012.
2.  Join the server to the domain as a member server.
3.  Add the Hyper-V role (and only the Hyper-V role).
4.  Create a virtual guest for a 2003 Server.
5.  Install the 2003 server OS and join it to the domain.
6.  Promote the 2003 server to a DC.
7.  Transfer your FSMO roles.
8.  Ensure correct replication.
9.  Demote the 2000 server (but leave it online).
10. Raise the Forest and Domain Functional Levels to Windows Server 2003.
11.  Create a virtual guest for a 2012 Server.
12.  Install the 2012 server OS and join it to the domain.
13.  Promote the 2012 server to a DC.
14.  Repeat steps 7 and 8.
15.  Demote the 2003 server and remove it from the domain.
16.  Remove the 2003 guest from the Hyper-V console.

As I said this is just a quick summary of the steps, there is a lot of work to do and I don't want you to do anything that you are not comfortable with.  If you feel that you can create a new domain and accomplish everything, then I want you to do that.

-saige-
0
 
gpwalkAuthor Commented:
My ultimate decision was to build a new forest and DC, then move the users and PC to the new domain.
Thank you all.  It came down to business decision rather than a technical solution only.  There were very few technical issues
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

  • 6
  • 5
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now