newbie2239
asked on
Taking over a DC IP and FQDN
Came into environment where if a DC in a DC without any FSMO is offline is impacting production.
I suspect the following:
A.Member servers primary DNS point to this server
B. Application owners have hardcode IP or FQDN into there code.
Server is physical cant p2v
So i am thinking of doing the following
A. Assign new IP to DC
B. Add the old IP to a new DC
C. Create a cname that matches the hostname (& fqdn) just to stop having problems
Clean-up Entails
A. Change members server DNS to point to new DC server as primary
B. Followup with determining what is hitting this server directly via IP
C. Finally demote the old DC controller with Dcpromo
I suspect the following:
A.Member servers primary DNS point to this server
B. Application owners have hardcode IP or FQDN into there code.
Server is physical cant p2v
So i am thinking of doing the following
A. Assign new IP to DC
B. Add the old IP to a new DC
C. Create a cname that matches the hostname (& fqdn) just to stop having problems
Clean-up Entails
A. Change members server DNS to point to new DC server as primary
B. Followup with determining what is hitting this server directly via IP
C. Finally demote the old DC controller with Dcpromo
ASKER
Due to complexities in the environment and politics involved my Decision is not to DCPromo to demote the server until everything is tested .
Environment:
AD Servers: mixed Mode: 2003, 2012, 2012 R2 : Legacy Physical , 2012 Servers and Up Virtual.
Server in Question:
2003 Server Run: DC,GC - No FSMO, No DHCP. -
Issue: Out of memory , Hardware issue , No Hardware support , and most importantly 2003 Server
Complexities
1. Harden FW ACLS by IP . Coordination with teams can take a month
2. Potentially Developers coding with FQDN and IP of AD Servers in as there are 15 year old apps in environment.
3. Devices not under my control pointing DNS entries to DC
I have done something similar in the past
1. Access 2003 DC Server, Change IP 2003 server and shutdown the server .
2 . Add IP the IP of the server you just shut down to an existing Domain Controller in the Environment which resides on the same subnet . Server will temporally have 2 IP's
3. . Either reboot the domain Controller server or, ipconfig /registerdns and restart the netlogon service
4. . Test make sure things are working
5. Create another Change Control to access old Domain Controller to power on and Demote using DCpromo.
Environment:
AD Servers: mixed Mode: 2003, 2012, 2012 R2 : Legacy Physical , 2012 Servers and Up Virtual.
Server in Question:
2003 Server Run: DC,GC - No FSMO, No DHCP. -
Issue: Out of memory , Hardware issue , No Hardware support , and most importantly 2003 Server
Complexities
1. Harden FW ACLS by IP . Coordination with teams can take a month
2. Potentially Developers coding with FQDN and IP of AD Servers in as there are 15 year old apps in environment.
3. Devices not under my control pointing DNS entries to DC
I have done something similar in the past
1. Access 2003 DC Server, Change IP 2003 server and shutdown the server .
2 . Add IP the IP of the server you just shut down to an existing Domain Controller in the Environment which resides on the same subnet . Server will temporally have 2 IP's
3. . Either reboot the domain Controller server or, ipconfig /registerdns and restart the netlogon service
4. . Test make sure things are working
5. Create another Change Control to access old Domain Controller to power on and Demote using DCpromo.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You will also want to make sure that you update your DHCP as well.
Will.