[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Trasfering FSMO roles

Posted on 2016-11-09
8
Medium Priority
?
130 Views
Last Modified: 2016-11-16
Hello,

We have Win SRV 2008 NON R2 32 bit that currently has the FSMO roles, along with our roles such as DHCP and Radius.  

We are want to decommission this 32bit server and transfer all roles to Win SRV 2008 R2 64bit.  The stuff I find on moving the roles are for moving roles between servers that are 64bit architecture.  Being that we are going from 32bit to 64bit is there anything special or something i need to take into mind before moving FSMO roles?  Also does it matter what roles I move first such as DHCP, Radius, or FSMO?

Below is the article I plan on using to transfer the roles.  If anyone has a better one please share.
http://www.elmajdal.net/win2k8/Transferring_FSMO_Roles_in_Windows_Server_2008.aspx

Thanks
0
Comment
Question by:ozzalot
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 13

Assisted Solution

by:Dustin Saunders
Dustin Saunders earned 248 total points
ID: 41880685
It shouldn't matter what order you move the FSMO in.  So long as you move all 5 you should be just fine, and that's the same article I've used to do it dozens of times.

After you've completed the FSMO move, just look for any errors in the event logs related and run a DCDiag before retiring the old domain controller, but moving FSMO is extremely straightforward.
1
 
LVL 7

Accepted Solution

by:
Andy earned 1008 total points
ID: 41880689
HI,

As long as this is a single domain and there are no other roles installed there's nothing else to do.
Make sure replication has complete between the old and new DC's before you start (repladm).
If you use DNS make sure it's replicated/configured  before you remove DNS from the old DC
Also, if you use DHCP, make sure any required scopes are moved across.
Same for any file and print services.
0
 

Author Comment

by:ozzalot
ID: 41880764
Thank you both for your replies.  One last question before transferring the FSMO roles.  The article talks about making sure the new DC is not a global catalog.  The current DC with the FSMO roles is not a GC.  We have a DC's in sister companies with a one way trust established and also using conditional forwarders.  

Would this be considered a multi-domain/forest?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 248 total points
ID: 41880832
The article also says:  If your environment is a multi-domain/forest - is it?  If not, IGNORE it.  If it's not multi-domain/forest, then make all DCs GCs (at the end of the day you only want 2 per site AT MOST.

FSMO roles don't care about bit level.  DHCP doesn't care about bit level.  Radius I haven't used in well over a decade, but I don't THINK it cares about bit level.
0
 
LVL 83

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 248 total points
ID: 41880864
AD doesn't care at all about bit level.  ALL domain controllers should have GC enabled. When you transfer the DHCP you will want to modify the DNS settings to point to the new servers ip address, remember until the machines update their ip address they will still point to the older dhcp settings
1
 
LVL 25

Assisted Solution

by:Mohammed Khawaja
Mohammed Khawaja earned 248 total points
ID: 41881297
Rule of thumb is that you need a GC at every AD site to ensure faster logons.  In locations with large number of users, you could have more than one GC which gives your redundancy.  With respect to moving FSMO to a DC that should not be a GC, this is a recommendation but it will work if the new DC is a GC.  Just remember that a domain needs at least one GC and it is recommended to have at least one GC for each AD site.
0
 
LVL 7

Assisted Solution

by:Andy
Andy earned 1008 total points
ID: 41881710
Regarding this:

We have a DC's in sister companies with a one way trust established and also using conditional forwarders.

If the two domains have the same root i.e.
company1.contoso.com
company2.contoso.com
This is a single forest with 2 domains

If you're setup is like this:
company.contoso.com
company.fabrikam.com

This is 2 forests with single domains in each.
Just ensure that you check your trust after you migrate, it should be fine but best to check.
And ensure you can get to resources in the trusting domain from the trusted domain.
This is just for completeness in your post migration checks.
1
 

Author Closing Comment

by:ozzalot
ID: 41890356
I am going on vacation and I've been extremely busy so I didn't make any server changes to avoid any problems while I am away.  Thank you all for your replies.  I will pick this up when I come back.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question