Decommissioning Win2003 domain controller & AD integrated DNS
Hi,
I have single forest AD domain with multiple AD sites.
I'm about to decommission the old Windows Server 2003 Domain Controller and with AD integrated DNS in each of the AD Sites.
What manual steps should I do to make sure that the DNS and AD replication can still be working without any issue?
Regarding the Global Catalog that is used by the Exchange Server 2010 SP3 in Data Center AD site, do I need to do anything to prevent email submission issue ?
Thanks in advance.
I have single forest AD domain with multiple AD sites.
I'm about to decommission the old Windows Server 2003 Domain Controller and with AD integrated DNS in each of the AD Sites.
What manual steps should I do to make sure that the DNS and AD replication can still be working without any issue?
Regarding the Global Catalog that is used by the Exchange Server 2010 SP3 in Data Center AD site, do I need to do anything to prevent email submission issue ?
Thanks in advance.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Dirk. My DFL and FFL is still on Windows Server 2003 level.
Will,
Yes, there are two more Win 2008 R2 DC/GC in my Data Centre and the Headquarter AD Site that is writeable.
But in my HQ office, there is only one Win2012R2 DC/GC and this old Win2k3 DC/GC, so would that still be OK after I demote the old Win2k3 DC/GC ?
Will,
The site where you are decommissioning the 2003 DC do you have Exchange hosted in this site? If so, you will be required to have another DC/GC in this site to ensure that Exchange will continue to function properly.
Yes, there are two more Win 2008 R2 DC/GC in my Data Centre and the Headquarter AD Site that is writeable.
But in my HQ office, there is only one Win2012R2 DC/GC and this old Win2k3 DC/GC, so would that still be OK after I demote the old Win2k3 DC/GC ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok, as for the DNS server role, is there anything that I need to do manually in each of the other DC/GC ?
or do I just do the DCPROMO from Win2k3 server to demote it and then look in the remaining DNS server for any reference to the old win2k3 server name ?
or do I just do the DCPROMO from Win2k3 server to demote it and then look in the remaining DNS server for any reference to the old win2k3 server name ?
When you demote the domain controller DNS will no longer be integrated on this 2003 server, however you will need to manually uninstall the DNS server role as this does not happen when you demote the domain controller.
Will.
Will.
ASKER
ok, so how about the replication partner setting or any other configuration that I need to remove in the otehr DNS server or Domain Controller ?
is there anything that I need to be aware of before or after the decommission process ?
is there anything that I need to be aware of before or after the decommission process ?
ASKER
ok, last thing to ask.
Regarding the Exchange Server 2010, do I need to restart any service or just leave it untouched ?
Because in Exchange Management Console > Server Configuration > Client Access | System Settings tab, I can see the three DC/GC as follows PRODDC01-VM (2008 R2), PRODDC02 (2003 to be decom), PRODDC03-VM (2008 R2).
I need to avoid any client Outlook 2010/2013 connection issue or email delivery issue if possible.
Regarding the Exchange Server 2010, do I need to restart any service or just leave it untouched ?
Because in Exchange Management Console > Server Configuration > Client Access | System Settings tab, I can see the three DC/GC as follows PRODDC01-VM (2008 R2), PRODDC02 (2003 to be decom), PRODDC03-VM (2008 R2).
I need to avoid any client Outlook 2010/2013 connection issue or email delivery issue if possible.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ah I see,
The PDC emulator in the domain has been transferred to the new2k12R2DC server, however, some of the server that I can see from the network sniffer appliance still using this old Windows Server 2003 as the NTP source.
w32tm /query /source command showing the result is still pointing to the oldDC2k3 box, so should I be worry or it will be automatically contact the other DC for time synch ?
The PDC emulator in the domain has been transferred to the new2k12R2DC server, however, some of the server that I can see from the network sniffer appliance still using this old Windows Server 2003 as the NTP source.
w32tm /query /source command showing the result is still pointing to the oldDC2k3 box, so should I be worry or it will be automatically contact the other DC for time synch ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Many thanks for the calrification WIll,
I was logging in to each of the server which is still talking to the oldDC2k3 and then re-issue this command:
but yes, according to your explanation, it should not be needed as long as the other Domain Controllers are also pointing to the PDC emulator which is synched to the NTPpool.org.
I was logging in to each of the server which is still talking to the oldDC2k3 and then re-issue this command:
w32tm /config /syncfromflags:domhier /update
w32tm /resync /rediscover
net stop w32time
net start w32timebut yes, according to your explanation, it should not be needed as long as the other Domain Controllers are also pointing to the PDC emulator which is synched to the NTPpool.org.
That's is correct.
Will.
Will.
ASKER
ok, got it. so in the event that the DCPROMO failed, is there any roll back plan ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
THanks !
ASKER
Do I need to do the following steps everytime I demote old Win2003 DC ?
What's the impact to the Exchange Server when I restart the KDC service one DC by one DC ?