troubleshooting Question

Replacing primary AD DC

Avatar of baysysadmin
baysysadmin asked on
WSUSActive Directory
12 Comments2 Solutions186 ViewsLast Modified:
I have a 2012 DC with these roles
WSUS
DHCP
DNS
DFS
Certificate Authority
Network Policy Server

The plan is to replace this server hardware with new server. I would like to keep the same name and IP.
Ive done it once before but at that time I didnt have all these new roles.

  • I plan to rename DC1 it to DC-old, but keep the IP
  • Build the new DC1 with temp IP
  • Setup all same roles on new DC1
  • Transfer original IP to new DC1 and update the DNS records.
This way I dont need to change all the server and device settings that are referencing the IP

I guess to get to my question, I am not sure what affect renaming the DC will have on the Certificate Authority, will the workstations generate a new certificate with the new CA server once they connect to it for the first time?
The main reason we use the CA is in conjunction with NPS for wifi and LAN authentication for workstations.

As for the other roles, im confident I can replicate the settings on the new DC.

for WSUS I found this guide, unless someone has a better one?
http://www.vkernel.ro/blog/migrating-wsus-from-one-server-to-another
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 2 Answers and 12 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 12 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros