Solved

Adding a 2nd DC to a current SBS 2008 and demoting SBS 2008?

Posted on 2016-10-26
12
88 Views
Last Modified: 2016-11-05
I have a customer with a SBS 2008 server.  The customer has approved an upgrade to Windows 2012 R2 with Exchange 2016 OR Windows 2016 with Exchange 2016.  The goal would be to add the 2nd/new DC to the network and then, remove the SBS 2008 server.  
I'm seeking recommendations on how to remove the SBS 2008 server while making the new Windows server the primary DC.
Unlike Standard Windows Server (2008/2012/2016), can SBS 2008 be demoted using DCPromo?
0
Comment
Question by:eitconsulting
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 41861562
Yes, but then it must be retired. You cannot run SBS as a member server. It will know it is out of licensing compliance.
0
 
LVL 17

Expert Comment

by:Malmensa
ID: 41861563
An SBS box has to be the FSMO role holder for all roles, and cannot be demoted. You can transfer the FSMO roles on the 2012DC, however the SBS box will get upset and shutdown periodically.

If you want to keep the SBS box I operation, then it has to remain a DC, with all FSMO roles.
0
 

Author Comment

by:eitconsulting
ID: 41861574
@Malmensa "If you want to keep the SBS box I operation, then it has to remain a DC, with all FSMO roles."
As I stated above, I want SBS 2008 out of the network once the new 2012 R2 server is added.
My goal is to keep the AD data hence, adding a new Standard server and Exchange Server followed by removing the SBS.  
I'm seeking recommendations on how to remove the SBS 2008 server while making the new Windows server the primary DC and ultimately maintaining the Active Directory content.  I want to avoid having to remove each computer from a current DC (SBS) and add the computers to a new DC since it'll take longer and can be messy due to having to restore end-user profiles.

@Cliff  No mention of keeping the SBS server.  SBS 2008 must go after I add a 2nd DC hence, I'm seeking a way to remove SBS after I've added the 2nd DC.  So, you mentioned "retiring" but no further information on how to retire SBS 2008.   How would the SBS be retired so that the added/new DC can be the primary DC?
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 41861580
Same as any other DC. Move FSMO roles. Dcpromo (which is what you asked and I said "yes"), then remove the computer object from AD. Nothing unique to SBS here.

Just spelled out that it must be retired (using normal methods') pretty much as soon as you remote it with dcpromo. So demoting it should be one of the last things you do. Don't plan in moving mailboxes', removing exchange, copying files after. Do all of it beforehand.
0
 
LVL 5

Expert Comment

by:mbkitmgr
ID: 41861658
This is just my opinion.

Being SBS means its a small domain.  For the sites that I have migrated to NON SBS Servers I have just created a new domain and moved their data and workstations to the new domain.

I ran some scripts provided my MS Support for one migration, and they even admitted the process the scripts "ran" didn't always succeed.  I have seen postings on several forums showing ways of doing it, but I can move mailboxes, data and workstations to a new domain in 12 hours
0
 
LVL 17

Assisted Solution

by:Malmensa
Malmensa earned 200 total points
ID: 41861745
"As I stated above, I want SBS 2008 out of the network once the new 2012 R2 server is added.
 My goal is to keep the AD data hence, adding a new Standard server and Exchange Server followed by removing the SBS."

Yep, that will work. Just make sure you are finished with the SBS box before you transfer FSMO roles. Once you transfer, it needs to be removed. You might need to run a metadata cleanup, to tidy things afterwards, but that is no big drama.

https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx
0
 

Author Comment

by:eitconsulting
ID: 41864709
When "Adding a Domain (Win2016 Srv Std) to an existing Domain (SBS 2011), will the FSMO roles replicate over to the new server (win2016 Srv Std)?  If not, what other step(s) is necessary to ensure the added domain has the FSMO role(s)?
Adding-a-domain.png
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 41864711
FSMO roles do not replicate. Only one server holds any given role at any given time. You can gracefully transfer them. Technet has official documentation that a quick google search will churn up (I'm on my mobile so can't really do so easily at the moment or I'd paste a link.)
0
 

Author Comment

by:eitconsulting
ID: 41864714
Yeah, I've googled that.  In the past, I've added a Win2012 R2 domain to an existing Win2012 domain.  Then, proceeded to remove the first (Win2012) domain Not Checking "This is the Last Domain in the Network".  The second domain (Win2012 R2) therefore had the roles transferred over without any issues or the use of NTDSUTIL.
https://support.microsoft.com/en-us/kb/255504
0
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 300 total points
ID: 41864721
Same still applies, and won't be an issue *if* the environment is guaranteed healthy. But I am a firm believer in baby steps. I always prefer to transfer roles as a separate step. That way you can check event logs and diag tools to see that all DCs agree that the roles indeed transferred. I've seen people simply transfer, or just demote, but one of their DCs was in journal wrap and therefore didn't take the changes. Then *couldn't * take the changes because fixing the particular journal wrap condition required it be able to contact the machine it thought still had the schema master role. A lot of extra work was creeated in rebuilding that DC and migrating some other data that existed on it. A situation that could've been avoided with more careful monitoring and smaller steps.
0
 

Author Comment

by:eitconsulting
ID: 41864729
I converted the customer's SBS 2008 Std to a VM using the Disk2VHD utility and transferred it over to my laptop.   Boots up fine.  I'm going to install a Windows 2016 Server VM with Exchange 2016 on my laptop and test everything out.  My Dell Precision laptop has 64GB of RAM, a 2TB SSD, and a decent i-7 processor so, testing from  the laptop should be good.  I'll post an update here after I've tested adding a 2nd domain, transfer issues (if any) of FSMOs, and removal of the SBS 2008 server from the network.
0
 
LVL 57

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 300 total points
ID: 41864738
The way your comment reads, it sounds you plan on running only one 2016 VM. While slightly off-topic....please don't. Exchange really is not designed to be on a domain controller. And while SBS "got away" with it, SBS clearly is no more.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question