sglee
asked on
Keep existing domain name or create a new domain name when replacing the server on the same network
Hi,
I am about to replace existing server with new server using newer server operating system and like to know if you would create a new local domain name in the new server or use existing domain name.
For example, existing domain name is called "Hersheychocolate.local". Would you create a new domain name "Hershey.local" in the new server or keep the existing one?
Is there an advantage of using existing domain name in the new server with respect to user file goes?
Typically, before I replace the server, I dis-join the workstation PC, set up new server on the same network and join workstation PCs to the new domain name. Consequently a new user profile is created in C:\Users and I have to move files from "My Documents, Downloads, Favorites, Pictures, Videos" folders from old profile to new profile.
What are the pros and cons?
Thanks.
I am about to replace existing server with new server using newer server operating system and like to know if you would create a new local domain name in the new server or use existing domain name.
For example, existing domain name is called "Hersheychocolate.local". Would you create a new domain name "Hershey.local" in the new server or keep the existing one?
Is there an advantage of using existing domain name in the new server with respect to user file goes?
Typically, before I replace the server, I dis-join the workstation PC, set up new server on the same network and join workstation PCs to the new domain name. Consequently a new user profile is created in C:\Users and I have to move files from "My Documents, Downloads, Favorites, Pictures, Videos" folders from old profile to new profile.
What are the pros and cons?
Thanks.
It depends on the health state of the current ad domain and the number of PCs you have.
In big healthy domain it is maybe better to add a new server as additional AD controller to the current domain, transfer all FSMO roles to it and demote and dismiss the old server. In this way you have little to no work on workstations.
In small and/or unhealthy ad domains your procedure is also an option.
But for a new domain I would use a part of your publicly registered domain. If you own hershey.com domain, I would use ad.hershey.com for ad domain - in case you would need publicly trusted certificated for your server somewhere in future.
For migrating PCs from one domain directly to other you can try Forensit User Profile Wizard. It makes the migration easier.
For second option-
Pro: New healthy domain named as you wish
Con: More work on permissions, workstations
In big healthy domain it is maybe better to add a new server as additional AD controller to the current domain, transfer all FSMO roles to it and demote and dismiss the old server. In this way you have little to no work on workstations.
In small and/or unhealthy ad domains your procedure is also an option.
But for a new domain I would use a part of your publicly registered domain. If you own hershey.com domain, I would use ad.hershey.com for ad domain - in case you would need publicly trusted certificated for your server somewhere in future.
For migrating PCs from one domain directly to other you can try Forensit User Profile Wizard. It makes the migration easier.
For second option-
Pro: New healthy domain named as you wish
Con: More work on permissions, workstations
ASKER
Existing domain controller is healthy, no issues. There are about 12 active user accounts and 8 workstation PCs. One of 8 workstation PCs has multiple users on different shifts;hence, 12 user accounts.
Currently they have one domain controller and one application server in Hyper-V server. it is application server that has user files and folders. Domain controller has NO user data.
I am setting up Hyper-V server in new server box.
Are you saying that I can transfer existing user accounts and folder permission from current server to the new server?
If that is the case, I don't have to dis-join workstation PCs from current server and join them to new server?
I would love to do that if possible. That way I don't have to do anything on workstation computers.
Currently they have one domain controller and one application server in Hyper-V server. it is application server that has user files and folders. Domain controller has NO user data.
I am setting up Hyper-V server in new server box.
Are you saying that I can transfer existing user accounts and folder permission from current server to the new server?
If that is the case, I don't have to dis-join workstation PCs from current server and join them to new server?
I would love to do that if possible. That way I don't have to do anything on workstation computers.
ASKER
One more thing:
existing Domain Controller and Application Server are running on Windows Server 2012 R2.
new Server OS is Windows Server 2019.
existing Domain Controller and Application Server are running on Windows Server 2012 R2.
new Server OS is Windows Server 2019.
Are you saying that I can transfer existing user accounts and folder permission from current server to the new server?If you take the approach I suggested, correct.
If that is the case, I don't have to dis-join workstation PCs from current server and join them to new server?Correct.
ASKER
Wow! I would love to do that.
Is there a website link or youtube video that shows how that is done?
When I setup a new server and create virtual machines for domain controller and application server, how do I handle IP address and computer names? Obviously you can't have two computers with same name or same IP address on the same network simultaneously.
somehow new DC and app server need to have the same name because login scripts like below?
net use F: \\App_server\Share
net use G: \\App_server\Scan
...
Is there a website link or youtube video that shows how that is done?
When I setup a new server and create virtual machines for domain controller and application server, how do I handle IP address and computer names? Obviously you can't have two computers with same name or same IP address on the same network simultaneously.
somehow new DC and app server need to have the same name because login scripts like below?
net use F: \\App_server\Share
net use G: \\App_server\Scan
...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I am going to create a test server to make sure I understand the process.
In Windows Server 2012 R2 Hyper-V,
1. I will create a test domain controller (running W20012R2) called "Hershey1" and will call domain name "Hershey.local".
2. In Hershey1 DC, I will Setup DHCP, DNS, create a couple of user accounts and a simple login script.
3. I will create an APP server (running W20012R2) called "App1", assign static IP address , join it to Hershey.local", create a few folders and files, create a couple of shared folders and create user permissions.
4. I will create a Win10 VM, join it to the domain and install some software and create short cuts on the desktop.
On another computer, I will install Windows 2019 Hyper-V and create two virtual machines - "Hershey2" and "App2":
1. Should I assign a static IP address to "Hershey2" & "App2" at this point or let it receive dynamic IP from "Hershey1"?
Basically how much do I have to prep two new servers before transferring fsmo roles from Hershey1?
In Windows Server 2012 R2 Hyper-V,
1. I will create a test domain controller (running W20012R2) called "Hershey1" and will call domain name "Hershey.local".
2. In Hershey1 DC, I will Setup DHCP, DNS, create a couple of user accounts and a simple login script.
3. I will create an APP server (running W20012R2) called "App1", assign static IP address , join it to Hershey.local", create a few folders and files, create a couple of shared folders and create user permissions.
4. I will create a Win10 VM, join it to the domain and install some software and create short cuts on the desktop.
On another computer, I will install Windows 2019 Hyper-V and create two virtual machines - "Hershey2" and "App2":
1. Should I assign a static IP address to "Hershey2" & "App2" at this point or let it receive dynamic IP from "Hershey1"?
Basically how much do I have to prep two new servers before transferring fsmo roles from Hershey1?
For App2 server is not important when you install it. You can also install it after you install Hershey2 DC, transfer all FSMO roles and decommission Hershey1. I would probably wait with App2 to the end, but it's up to you.
Assign a static IP to both new servers.
Assign a static IP to both new servers.
ASKER
I found this youtube video and it was very through. https://youtu.be/yQD-oFp8Hzo
I would take my answer above in context first. If AD was a huge mess to begin with and you replace the domain, then you're better off changing domains. A pro (from the server/AD) aspect is that you're starting with a clean slate.
In terms of workstation approach:
Con: you have to figure out exactly what to transfer and make sure not to miss anything important (granted, there are programs out there that can help you with that).
Pro: potentially getting rid of things that are no longer needed. If old AD was causing a lot of issues, some of those system issues may go away.
It might be a slight bit easier with your existing approach if you actually have both servers online at the same time (Note: you won't be able to give both systems the same name). Then you can quickly disjoin old domain and join the new one.