What do I need to do to move Active directory functions to another server during a disaster.

I have setup a new root domain server and a new dc. I need to document what I need to do if I lose my current production root domain server and dc's.

Essentially need to list the tasks to move all the functions to the new root domain controller and sub domain controller Like seizing the roles, etc.

What would I need to move to bring up my AD on the new servers. Now these new servers are already online and replicating with production DC's.
rdefinoAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Lionel MMSmall Business IT ConsultantCommented:
If this domain controller is a global catalog, ensure that another global catalog is available to users before demoting it. For information about configuring domain controllers to host the global catalog
Make sure domain controller is not the ONLY Global Catalogue
https://technet.microsoft.com/en-us/library/cc758330%28v=ws.10%29.aspx

If domain controller currently holds one or more operations master roles, transfer the operations master roles to another domain controller before demoting it (see links at bottom of the page too, click on each link for further details)
https://technet.microsoft.com/en-us/library/cc781578%28v=ws.10%29.aspx

Demote a domain controller if you plan to remove it from the domain
https://technet.microsoft.com/en-us/library/cc740017%28v=ws.10%29.aspx

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
kevinhsiehCommented:
Why do you have a root domain and sub domains? Microsoft recommends against it. Recommended structure is a single forest and a single domain. Anything else is unnecessarily complicated and more fragile.

If a DC is unavailable for a period of time (up to days), that usually isn't a problem. You should have another DC already configured to provide DHCP and DNS, and your clients should be configured to use two or more DNS servers. Make sure you have multiple global catalog servers. I generally make every domain controller a global catalog server. FMSO roles can be unavailable for a period of time. If the server will never be recovered, seize any FMSO foles. Once the FMSO roles have been seized, you should never bring back the original DC online. Remove it from AD. Newer versions of ADUC will do the metadata cleanup, older versions (I think 2008 R2 and earlier) require manual metadata cleanup. DNS Namespace and DFS replication would need to be manually cleaned up.

If your DC is going to be offline any any significant period of time and it was the primary DNS server for any clients, I would consider reconfiguring the clients with another primary DNS server if they are getting web pages that are slow to respond, etc.
PberSolutions ArchitectCommented:
I agree with other have said, however here is some information regarding your particular situation.

Did you create a new root and subdomain, or did you just add additional domain controllers to each domain.  Hopefully you did the later, as if you created new domains, it will be more difficult as you will need to migrate.

So lets assume you created additional domain controllers.   Then you would follow what lionelmm has already posted to transfer the GC, transfer FSMO (you don't need to seize as your DCs are still online) and demoting the old DCs.  
One big thing to add is that your clients will likely be pointing to the old DCs for DNS.  If they are static IPs, you will need to change the DNS to point to the new DCs,   If you are DHCP, you will need to change the DHCP scope to  point to the new DCs for DNS.  Keep in mind the clients will only get the new DNS settings when they renew their DHCP lease (which is usually at 50% of the DHCP lease time).   If you have few clients, you can just get them to renew or reboot and you should be good.  If you have many clients, you might want to lower your DHCP lease time, but you need to plan for that.  For example, let say my lease time was 14 days, so clients should ask for a renew at 50% or 7 days.  So in that case, at least a 7 days before I migration, I would drop the DHCP lease time to a few hours.  Then that night, do the migration, then the next morning, the users should get the new DNS settings.  Then maybe the next day, I would bump up the lease back to 14 days.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.