Quick question regarding the best way to do this and as always greatly appreciate any/all insights, tips and thoughts.
We currently have a FFL/DFL 2008 R2 with two 2008 R2 domain controllers.
I am planning to (after all tests/prerequisite steps, e.g. DNS health, AD replication, FSMO role transfer to other DC, etc. are successful) demote a 2008R2 DC and then replace it a newly built 2016 server standard as a DC.
Here is my challenge, i.e. the question I would like to clarify.
We are trying to keep the same name/IP (it is static obviously) for the new 2016 DC (temporary name assigned and already built but not in domain yet) as we currently have for the existing 2008R2 DC. The intent is to avoid having to individually reconfigure/repoint all services (e.g. static DNS/WINS Settings) on all member server network cards, applications/appliances that point to DC based on name/IP for LDAP integration, etc.
So would the steps be as follows or is there something else that needs to be done, before, during or after that I am still missing?
Existing name of current 2008R2 DC e.g. SERVERDC2 (with IP 192.168.1.2)
1. Move all FSMO roles, etc. to other DC (SERVERDC1 2008R2), demote SERVERDC2 as domain DC into being only a member server, then remove it as a member server from the domain into a workgroup.
2. Rename new 2016 server, currently in workgroup with temp name, to SERVERDC2 and promote it to the domain as a member server.
3. Assign the same static IP that the previous SERVERDC2 (2008R2) had, i.e. 192.168.1.2.
4. Promote (install AD, etc.) new SERVERDC2 (2016) as domain controller.
5. Allow for DNS, AD replications across domain from other DC SERVERDC1 (2008R2) to new SERVERDC2 (2016).
6. Run health checks again (AD, DNS, etc.) and resolve any arising issues.
7. Move all FSMO roles from SERVERDC1 (2008R2) to new SERVERDC2 (2016) and then turn off SERVERDC1 (2008 R2)for a few hours to make sure everything works and then repeat step to remove SERVERDC1 (2008R2) and replace with another SERVERDC1 (now 2016) added the same way as SERVERDC2 (2016) and thus replacing the existing SERVERDC1 (2008R2) with same name and IP as well.
Do I demote the existing DCSERVER2 (2008R2) as DC from the domain into being merely a member server, but then do not remove it from the domain, i.e. the computer account remains registered in domain (DNS, WINS), into a workgroup so when I change the name of the new 2016 DC from the temp name to SERVERDC2 and promote it to the domain then the computer account already exists? I am inclined to think that I totally remove the existing DC (as DC and member server) and then add everything as new, but only because we normally do not need to keep the same name/IP. So is there anything special I need to take into account or consider because of that requirement or are the above steps (1-7) correct with full removal and then full promotion/addition of new server with same name/IP?