Howzatt
asked on
What impact will demoting Domain Controllers have? Is there a way to test?
For some reason there are 6 domain controllers at 1 site. I don't see the need for them and would like to do some clean up tasks.
There are:
4 x 2008 R2 DC's (which one of them is the PDC)
2 x 2003 DC's.
I only want to keep 2 of the 2008 R2 DC's.
Are far as I can see the domain functional level etc is at 2008 R2 level, so just wondering if there would be any other potential impacts by demoting these DC's back to member servers?
It's not causing us chaos or anything, just the odd GP delay. Demoting & promoting is just one of things you only have to do once every few years, so I never remember the important details :)
There are:
4 x 2008 R2 DC's (which one of them is the PDC)
2 x 2003 DC's.
I only want to keep 2 of the 2008 R2 DC's.
Are far as I can see the domain functional level etc is at 2008 R2 level, so just wondering if there would be any other potential impacts by demoting these DC's back to member servers?
It's not causing us chaos or anything, just the odd GP delay. Demoting & promoting is just one of things you only have to do once every few years, so I never remember the important details :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
First off, pretty sure if you have 03 dcs the functional level can't be 08.
Demoting a DC does have the added affect of removing dhcp and DNS so make sure those old 03 dcs are not being referenced. Don't forget to check dhcp helper rules in your firewall.
Here are my notes to self for upgrading the functional level of the domain. I mostly do 2012r2 but it applies to 08r2 for the most part:
http://blogs.technet.com/b/canitpro/archive/2014/04/02/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012.aspx
http://community.spiceworks.com/how_to/57636-migrate-active-directory-from-server-2003-to-server-2012-r2
http://networkadminkb.com/KB/a15/transitioning-a-windows-2003-domain-to-windows-2008-r2.aspx
check for frs usage
http://blogs.technet.com/b/askds/archive/2012/01/20/friday-mail-sack-it-s-a-dog-s-life-edition.aspx#sysvol
NetDOM /query FSMO
active directory domains and trusts -> raise forest functional level
check ad rep status
Repadmin /syncall /force /APed
reboot all DCs
migrate from frs to dfs
http://blogs.technet.com/b/filecab/archive/2014/06/25/streamlined-migration-of-frs-to-dfsr-sysvol.aspx
add dfsrdiag to windows 2012r2
http://www.dell.com/support/article/us/en/19/SLN289692/EN
Repadmin /syncall /force /APed
Dfsrdiag.exe pollad
#to run this on all dcs:
Get-ADDomainController -Server domainname.com -Filter * | % { Update-DfsrConfigurationFr
Demoting a DC does have the added affect of removing dhcp and DNS so make sure those old 03 dcs are not being referenced. Don't forget to check dhcp helper rules in your firewall.
Here are my notes to self for upgrading the functional level of the domain. I mostly do 2012r2 but it applies to 08r2 for the most part:
http://blogs.technet.com/b/canitpro/archive/2014/04/02/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012.aspx
http://community.spiceworks.com/how_to/57636-migrate-active-directory-from-server-2003-to-server-2012-r2
http://networkadminkb.com/KB/a15/transitioning-a-windows-2003-domain-to-windows-2008-r2.aspx
check for frs usage
http://blogs.technet.com/b/askds/archive/2012/01/20/friday-mail-sack-it-s-a-dog-s-life-edition.aspx#sysvol
NetDOM /query FSMO
active directory domains and trusts -> raise forest functional level
check ad rep status
Repadmin /syncall /force /APed
reboot all DCs
migrate from frs to dfs
http://blogs.technet.com/b/filecab/archive/2014/06/25/streamlined-migration-of-frs-to-dfsr-sysvol.aspx
add dfsrdiag to windows 2012r2
http://www.dell.com/support/article/us/en/19/SLN289692/EN
Repadmin /syncall /force /APed
Dfsrdiag.exe pollad
#to run this on all dcs:
Get-ADDomainController -Server domainname.com -Filter * | % { Update-DfsrConfigurationFr
Can you post the results of the following commands so we can get a better idea of your environment.
dcdiag /v /e > c:\dcdiag.txt
repadmin /showrepl >c:\repadmin.txt
Also as rindi has stated we need to know what other services are running in your enviroment