asked on

Demote DC on Exchange server.

Hello,

I have an environment running two DCs, but the setup is not recommended and I want to change the setup.

The current setup is, that the primary DC is running Server 2012 R2 & 2nd is Server 2016. That is not what bothers me, what's bothering me is the 2nd DC running Server 2016 is also an Exchange Server. I want to confirm if I demote it, will it cause any issues to the Exchange Server services?

Once I demote the 2^nd DC I will create two new VMs and upgrade DC to Server 2019 and remove the 2012 R2 one.

M A

-->will it cause any issues to the Exchange Server services?
No if you change the preferred DC in Exchange server.

Set-ADServerSettings -PreferredServer dc1.domain.local

Open in new window

https://docs.microsoft.com/en-us/powershell/module/exchange/set-adserversettings?view=exchange-ps

Ensure FRS is migrated to DFSR before migrating/upgrading to 2019.

Ahmed Al-Takrouri

ASKER

@MA,

So I will login to the 2nd DC which Exchange is isntalled on it, this the below command and then demote it?

Set-ADServerSettings -PreferredServer SRVname.domainname.xyz

Open in new window

M A

Yes correct.
You will have to restart the server after demotion. I suggest to do this activity after your working hours.

M A

Ensure your FSMO holder is transferred and the DC is healthy.

SOLUTION

kevinhsieh

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Ahmed Al-Takrouri

ASKER

@Kevin,

As per the article it says "How to Move Exchange off a DC" but in my case I'm moving DC out of Exchange not the other way around. So I'm not touching the Exchange, once I demote the DC role the server is still under domain.

That's why I'm confused and wanted to confirm before I proceed with this step and cause my Exchange to crash.

ASKER CERTIFIED SOLUTION

Seth Simmons

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Konrad Sagala

First you should consider deployment of two new domain controllers with Windows Server 2019, than you should (if you have Software Assurance for Exchange Server), installation of new member server with Windows server 2019 and Exchange 2019 (2016 is already out of standard support) and migrate mailboxes and other Exchange services to new machine. When migration will be completed you should uninstall Exchange 2016 than demote DC.
Demoting domain controller completely modify local security permissions so it can block any application services.

Ahmed Al-Takrouri

ASKER

thanks folks appreciate it.

Ahmed Al-Takrouri

ASKER

I ran the command

Set-ADServerSettings -PreferredServer SRVname.domainname.xyz

Open in new window

and below is the results, is that good or something is missing?

on the ConfigurationDomainController & PreferredGlobalCatalog no data mentioned only PreferredDomainControllers & RecipientViewRoot

----------

[PS] C:\Windows\system32>Set-ADServerSettings -PreferredServer ServerName.DomainName.com
[PS] C:\Windows\system32>Get-AdServerSettings

ConfigurationDomainCont PreferredDomainControll PreferredGlobalCatalog RecipientViewRoot ViewEntireForest
roller ers
----------------------- ----------------------- ---------------------- ----------------- ----------------
{<DomainName.com, ServerName... DomainName.com False

[PS] C:\Windows\system32>

kevinhsieh

What is your goal with Set-ADServerSettings -PreferredServer ? You need to either leave the environment as is, or plan to migrate Exchange to a new server. You shouldn't be running powershell commands.