General discussion

Locked

New Domain controller, Need Help

By grimace66 ·
We are a small business that is getting a new server that is to be used as the New ?Primary Domain Controller? This will replace an existing domain that approx 10 XP boxes login to. The server is currently handling DHCP, WINS, Login, and file storage. What is the easiest way to replace the old server with the new without having to worry about the profiles on the user machines? Or basically not having the users even be aware of the switch. Will I be able to change the domain name, or will it be easier to leave it the same?

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by grimace66 In reply to New Domain controller, Ne ...

Existing Server is 2003, New server will be 2003 RC2

Collapse -

by CG IT In reply to New Domain controller, Ne ...

"Primary Domain Controller" or PDC really isn't what the term implies. All DCs on a network are peers as AD is multi-master [that is not to imply all FSMO roles are assigned to a DC rather in an AD environment, DCs all are peers with each other].

So, are you physically changing out the box? or just upgrading software. Upgrading software to RC2 is probably the easiest way. pop the disc in and upgrade to the newer version [RC2 is an allowed upgrade path but upgrades over beta versions do have some risks].

If you are physically changing out the box, DC promo promote the new box that is a member server of the domain to a domain controller. Let the DCs replicate. Assign the GC role to the new server. DC promo demote the old server to a member server and all other roles will be transfered to the last server on the network. If you have more than 1 server on the network, then you have to use the ntdsutil to transfer the FSMO roles to the new server.

Collapse -

by CG IT In reply to

well you don't "have" to use the ntdsutil to transfer roles but it's a utility to do so.

Collapse -

by cbcats In reply to New Domain controller, Ne ...

Creating an additional domain controller:
http://technet2.microsoft.com/WindowsServer/en/library/4aae5014-fbce-42dc-b5f7-e1dde3072f381033.mspx?mfr=true


Forcing the Removal of a Domain Controller:
http://technet2.microsoft.com/WindowsServer/f/?en/library/8eac646c-72bf-4f82-a656-c712b525ba561033.mspx

Please backup everything befor trying these incase it back fire on you. Also its best if you search using http://search.microsoft.com/results.aspx?q=&l=1&mkt=en-US&FORM=QBME1 to check will work and that everything is cover.

Collapse -

by cbcats In reply to New Domain controller, Ne ...

Creating an additional domain controller:
http://technet2.microsoft.com/WindowsServer/en/library/4aae5014-fbce-42dc-b5f7-e1dde3072f381033.mspx?mfr=true


Forcing the Removal of a Domain Controller:
http://technet2.microsoft.com/WindowsServer/f/?en/library/8eac646c-72bf-4f82-a656-c712b525ba561033.mspx

Please backup everything befor trying these incase it back fire on you. Also its best if you search using http://search.microsoft.com/results.aspx?q=&l=1&mkt=en-US&FORM=QBME1 to check will work and that everything is cover.

Collapse -

by grimace66 In reply to New Domain controller, Ne ...

I will be changing out the box completely

Collapse -

by Dumphrey In reply to New Domain controller, Ne ...

Personally, I would add the second DC, it will have to update the schema to fir RC2 in with 2k3 standard, and then weight the new DC in DNS to be the preferd DC. Copy all files in the "home" folder if useing a "My Documents" redirection to the new DC. Change GPO to refect this movement. After a day or so, when AD has replicated for sure you could move all FSMO roles to new DC and remove DC role from old DC. But me, I prefer to have 2 DC.

Collapse -

by JFowler In reply to New Domain controller, Ne ...

I would DC Promo the new Server but also keep the old as a BDC. Set primary DNS to the new server IP address on all client and then Secondary DNS as the old servers IP. If you have your new machine go down for any reason your BDC will still let everyone authenticate with Active Directory.

Back to Networks Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums