<div>
i think you already know the right approach and have given the main steps. <br />
<br />
my two cents to contribute would be:<br />
<br />
1. double check all references from clients and severs to the existing 2012 server. remove or disconnect them before physically remove the server from the network. <br />
<br />
2. double check all resources accessible from the 2012 server to make sure there's no executable ransomware remaining on the network. <br />
<br />
3. once the new 2012 server has been installed from the scratch using genuine media (read only preferred), never run any old application or executable from the backup of previous 2012 server.
</div>


<div>
So I DO need to transfer fsmo roles to 03 server or when I dcpromo will it know to give them to the 03 server thats on the domain?
</div>


rhwimmers

<div>
Your title: <br />

<blockquote>
How to reinstall 2012 server (with active 2003 <b>member server</b>)
</blockquote>
<blockquote>
<br />
I have a domain with an 03 server and 2012 (r2 I think) server. &nbsp;The 2012 box is GC and has all the roles, but the 2k3 server is still a member of the domain etc - the domain function level is obv 2003. &nbsp;<br />

</blockquote>
<br />
So you misunderstand. &nbsp;The domain functional level has NOTHING TO DO with <b>member servers</b> &nbsp;Domain and Forest functional levels ONLY apply to DCs. &nbsp;If the 2003 is a member server and not a DC (this is where terminology is IMPORTANT!!!) then your domain functional level could well be 2012 if that was the only DC!<br />
<br />

<blockquote>
Glad the 03 box wasn't decommissioned yet as the 2012 box got hit with ransomware. &nbsp;Unfortunately their usb backup drive was also encrypted and they had no offsite setup. &nbsp;I need to reload the OS as I can't get SQL running again - cant uninstall it, cant install it, cant repair...its all kind of jacked. &nbsp;
</blockquote>
Whoa - SQL? &nbsp;Your subject doesn't mention SQL and it's not clear where it was running. On the DC? &nbsp;On the 2003 box? &nbsp;On a third unnamed system? &nbsp;What?! &nbsp;Depending on where it is and what it was (and whether or not it's data was encrypted) You COULD potentially shutdown the services, copy the MDF and LDF files to a new SQL server, attach them, and go from there.<br />
<br />

<blockquote>
Whats the best process to get it reloaded and back as the GC of the domain? Do I need to assign the roles to the 03 box first, then dcpromo, then reinstall OS and probably with a different name then before for good measure?
</blockquote>
What I'd probably do is setup a new VM (this should be ALL VIRTUALIZED - makes backups and replication (for off site DR and backups) potentially easier AND if gives you another license for server 2012 (R2). &nbsp;One 2012 server license grants you TWO VMs (with one physical install as it's host ONLY - no other services AT ALL).
</div>


Principal Support Engineer

DrDave242

<div>
<div class="content wysiwyg-content">
I have a domain with an 03 server and 2012 (r2 I think) server. &nbsp;The 2012 box is GC and has all the roles, but the 2k3 server is still a member of the domain etc - the domain function level is obv 2003. &nbsp;Glad the 03 box wasn't decommissioned yet as the 2012 box got hit with ransomware. &nbsp;Unfortunately their usb backup drive was also encrypted and they had no offsite setup. &nbsp;I need to reload the OS as I can't get SQL running again - cant uninstall it, cant install it, cant repair...its all kind of jacked. &nbsp;Whats the best process to get it reloaded and back as the GC of the domain? Do I need to assign the roles to the 03 box first, then dcpromo, then reinstall OS and probably with a different name then before for good measure?<br />
Thanks
</div>
</div>


I have a domain with an 03 server and 2012 (r2 I think) server.  The 2012 box is GC and has all the roles, but the 2k3 server is still a member of the domain etc - the domain function level is obv 2003.  Glad the 03 box wasn't decommissioned yet as the 2012 box got hit with ransomware.  Unfortunately their usb backup drive was also encrypted and they had no offsite setup.  I need to reload the OS as I can't get SQL running again - cant uninstall it, cant install it, cant repair...its all kind of jacked.  Whats the best process to get it reloaded and back as the GC of the domain? Do I need to assign the roles to the 03 box first, then dcpromo, then reinstall OS and probably with a different name then before for good measure?
Thanks

How to reinstall 2012 server (with active 2003 member server)

Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.

Ransomware

Operating systems perform basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheral devices such as disk drives and printers. For large systems, the operating system makes sure that different programs and users running at the same time do not interfere with each other. The operating system is also responsible for security, ensuring that unauthorized users do not access the system. Operating systems provide a software platform on top of which other programs, called application programs, can run.

Operating Systems

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Windows Server 2012

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Windows Server 2003

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.