Link to home
Start Free TrialLog in
Avatar of Pkafkas
Pkafkas

asked on

How to swap out existing domain controllers with 2 new domain Controllers

Hello:

We have 2 Windows 2  x Windows 2008 existing Domain Controllers and it is my intention to replace them with 2 new x Windows 2012 R2 Domain Controllers.

I have dome this before with Windows 2003 Server; but, I want to make sure that I am not missing anything important.  I can describe my plan below and I want to make sure that I am not missing anything important.  I have heard of others having problems setting up new Domain Controllers and I do not want to have those same problems.    Please comment on my plan below and let me know if I am missing anything important.

1.  Clearly Identify what role each current Domain Controller is providing.
        a.  Global Catalogue Server
        b.  Primary FSMO roles
        c.  DNS Server.
        d.  DHCP server ( and scope settings)

2.  Identify which Servers/PC's/Appliances have static settings that connect to the current Domain Controllers.
        a.  Firewalls - VPN / Router - DNS / Router DHCP - Relay.
        b.  Servers
        c.  Etc.

3.  Create 2 new Domain Controllers that are DNS servers as well.
        a.  Begin changing the DNS server Ip address settings on each appliance from the older DC's to the new DC's.
        b.  use the instructins from: https://blogs.technet.microsoft.com/canitpro/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-server-2003-network/

        c.  Then begin changing the roles for each appliance (from step 2) to point to the new Domain Controllers.   This must be performed in a step by step and systematic/. organized approach.


4.  Plan to change the primary FSMO roles from the primary DC to one of the new DC's.

5.  Then when everything you can think of has been changed, now power off 1 of the Domain Controllers.
        a.  This will test if any other configuration are changes are still required.
        b.  If something undesirable happens then just power it back on.
        c.  If nothing bad happens after 3 days then one may proceed to demote that domain controller.


Question1:  Does the above plan provide a good starting point, for this project?
        a.  Any other suggestions?


Question2:  Does the web site reference https://blogs.technet.microsoft.com/canitpro/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-server-2003-network/  provide a good reference?


Question3:  How can we test if the new Domain Controllers can see each other correctly?
         a.  I heard a story that someone setup 2 new Domain Controllers and they could not see each other.
         b.  Then eventually both DC's stopped working and no one could logon to the network.
 

Question4:  How can I properly demote the Domain Controller from the domain?
         a.  I have found 2 web resources:
                 i.  https://technet.microsoft.com/en-us/library/cc771844(v=ws.10).aspx
                ii.  https://www.youtube.com/watch?v=CQnwiRHoveY
Avatar of Albert Widjaja
Albert Widjaja
Flag of Australia image

Do you have to use the same IP address for the new replacement domain controllers ?
ASKER CERTIFIED SOLUTION
Avatar of Lee W, MVP
Lee W, MVP
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pkafkas
Pkafkas

ASKER

Since I have never used DCDiag and since we do nto have a test environment I believe it would be best to work with a consultant who has done this before.  I have swapped out 2003 Windows Servers that were domain controllers, is it that much different for 2008 R2 and 2012 R2?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pkafkas

ASKER

The interest is there I just want to be careful, since I feel that there is not margin for error at my work.  I think my plan is solid; but, I have never run DCDiag before.  

I think I will research DCDiag and setup 1 new Domain controller at a time.  Then begin researching the migration process as much as i can.  I should work with a consultant so I can work with them and make sure that it goes well.  That is to change the FSMO roles and such.

Then the next Domain controller will need to incorporate a DHCP scope as well.  Thank you for your feedback.
Avatar of Pkafkas

ASKER

I did not see the 1st comment, or question to me.  No, I do not need to use the same I P address.  This will be a brand new Server with a new hostname and IP address.

I think we have gotten away from my original question.  I obviously want to learn and get the experience under my belt; but, I wish to handle the project responsibly as well.  Question1 is  the plan for preparation a good start for the Domin Name swap?  

Question2 continued, it does appears that I should research something called DCDiag as well.  Am I missing any other necessary steps, from my Outlined plan?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pkafkas

ASKER

All of these questions are part of the research process.  An honest response is appreciated and I hope my honesty is appreciated as well.

The true sign of a non-professional is not to assume that everything will be easy and as a result not coming up with a thoughtful plan.  It has been my experience that putting a plan together helps ease the nerves.  With this specific plan, I will research and perhaps work with a consultant for the first DC.  Thank you for the tip on DCDIAG.
Avatar of Pkafkas

ASKER

Due to my research and carful planning everything thankfully went well.  I wish other Administrators just as much luck with projects that they may have never done before in the future.  The key is preparation and working responsibly with the data.  It goes to show you, that one should believe in your abilities and pick and choose whom to listen to.