Can I change the IP address of a Domain Controller

Just a manual edit of the DNS entries?
Do I need to take devices out of the domain first before I change the IP address?

Hopefully you're using DHCP with IP reservations. If that's the case then you only need to edit your DHCP settings. If not then you'll need to either deploy the IP changes via group policy or manually touch each device in the domain. But you shouldn't need to remove the device from the domain first.

Also, your second domain controller should be able to take up the slack while you make the change. You do have a second domain controller, right?

Wrong ;-)
I only have a licence for 2 windows servers and one has to be a database server. There are only 16 PCs on the domain.

Clinton,
You need an additional domain controller.   You have a single point of failure.  If your one DC goes down, has a glitch, anything, you will be in a world of .........

If you don't know what you're doing with AD then a second DC is NOT A GOOD IDEA.  Improper restores of a DC are far more problematic than a good, reliable backup of a single DC.  If you know what you're doing with AD, then YES, you want a second DC.

As for the question of changing the IP, WHY?  IN GENERAL, I don't recommend it.  It should be possible... but it always gives me an uneasy feeling.  If you want a smooth, stable system, then I wouldn't recommend it.  There's no guarantee you won't have a smooth stable system later, but changing the IP of a DC is not something typically done and consequences may not always happen.

As for the question of changing the IP, WHY?

Lee, you bring up a good point. Unless there's a compelling reason to change the IP address then it's best to avoid doing so. If it ain't broke, don't fix it. Right?

There is a good reason for it.
I have built a new server on a VLAN in the office next to the running Live system. I gave it a 192.168.5.0 so that I could build it and test it on a VLAN alongside the live system.
The current live system is on 192.168.0.0 and it co-exists with a voice system on 192.168.1.0
There are some configurations that BT did on site (it took them a week !) to a remote access box to which I have no access and no knowledge. If I change to 192.168.5.0 we'll have to get BT back in which is something we want to avoid at all costs. Another week of BT time and probably chargeable.

Just leave it on a different subnet.  Configure your switch to route between the subnets.  Done.  There's a good argument for keeping servers on their own subnet.

The old server on 192.168.0.0 will be shutdown, removed from the network and retired.

Ok.  That has nothing to do with what I said.

Apologies. I'm not sure what you meant then.
I have two switches. One 192168.0.0 and 192.168.1.0 ( data and voice)
BT have done something with their remote access box to allow them to come in on the 192.168.0.0 subnet and route over to the 192.168.1.0
They have a magic box that only they can access and configure

You should have a business class layer 3 capable network switch (at least one).  You'd define 2 VLANs, one for servers (192.168.5.x) and one for everything else (potentially), 192.168.1.x.  With the switch handling routing between VLANs, you have no need to change the IP of the server.

Your ip change query should have included vlan,

What exactly are you looking to achieve?
If you are looking to isolate servers through the use of vlans, it is preferable to change the IPs of systems that change each says, the workstations, versus the servers.
If the issue relates to your use of a common ip block and difficulties you gave with VPN, using VPN ip overlay configuration.

..


With that said, to transition from one segment to another, you would add the new ip.
In a virtualized environment, add a second network interface, configure it with the new ip.
Then update your DHCP to also listens on the new ip with this ip scope.
Associate it with the vlan.
Now make sure the systems on this vlan can query the DNS, get an ip on the new segment, ......

Configure the SOA to include. ...



You presumably would need to transition the database server to the new ip segment.

If you are adding a second DC it can be located on the new segment .... Then the current retired ......

Thanks everyone but this is getting soooo complicated.
My office is small with a limited budget. I have a licence for two Windows servers; a domain controller and a database server - that's it. There is no budget for a second DC however desirable it may be. My switches are unmanaged and  there is no budget to upgrade them. One of the switches is "owned" by the people who installed the phone system. They decided to create a separate subnet of 192.168.1.0 so I have what I'm given.
I am replacing an aged SBS2008 server with a new Hyper-V server with two guest VMs. Email has been moved into the cloud.
The old server and PCs are  on 192.168.0.0 and to keep things simple I would like to put the new servers on the same subnet.
For convenience of building the new server I put it on 192.168.5.0 (VLAN controlled by the Draytek router). I now want to turn the old server off and turn the new one on and reconnect the PCs to it. If I can put the servers back on 192.168.0.0 then it would make things easier. If not then I'm going to have to contact the phone company to get them to make some config adjustments.
Please see my original question "Can I change the IP address of a Domain Controller"
I'm sure in an ideal world there are much better ways of going about all this and all your contributions are very valid, but I need to keep this simple.

Your question was can you change the IP address, not "should you". That question was answered by multiple contributors. Closing the question with your own comment is inappropriate and a disservice to those who took the time to answer your question.

Apologies Russ but I thought I had ticked your solution as "Best Solution". It appears that something has gone amiss and you've not been credited. I'll have another go.

I'll contact BT (voice provider) and see how much of a deal it is for them to reconfigure their remote access widget. If it's a big deal then I'll chance my arm with an IP address change.
Thanks for everyone's contributions.

Very difficult to undo an admin mistake in Experts Exchange :-(

Thank you. I might have spread the credit around a little. Other experts contributed also. In any event, I hope we have helped.