Windows Server 2003 AD Hardware Replacement

By bell0010 ·
We want to decommission both of our AD boxes within our domain becasue of age and replace them with newer hardware. What is the best way to do this while preserving the users, groups, etc.?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -


by retro77 In reply to Windows Server 2003 AD Ha ...

Start with buying the new hardware. Installing Windows 2003, when going through the AD process [dcpromo] join an existing forest or domain. Then once your new AD Domain Controllers are online, use dcpromo to remove the old DCs from the domain.

Collapse -


by Triathlete1981 In reply to Start.....

that's how you do it! and once all info is replicated to the new servers, decommission the primary DCs and let the backups (your new servers) take over.

Collapse -


by bell0010 In reply to Start.....

What if we wanted to use the same name and static IP address of the old box? How does this complicate the migration compared to using a new name and IP address for the new replacement hardware?

Collapse -


by Churdoo In reply to Followup

Just one comment before we get started. Before you can DCPROMO your new servers as ADC's, you will need to forestprep and domainprep your existing AD. Put the W2K3 Server CD into your OLD server, the one with the Schema Master Role, and find and launch "adprep /forestprep" and then "adprep /domainprep". If you're installing R2 onto the new servers, then the correct adprep is on the 2nd CD of the R2 set. Basically this upgrades your current AD database to W2K3 AD.

Same IP addy is not a problem because you can just change the IP of your new DC's to the IP's of your old DC's after you have the old ones decommissioned and removed from the network; DNS will update and everyone will be happy.

Using same names, however, presents a challenge because you can't have the same names present on the network at the same time, AND you can't change the name of a server once it's DCPROMO'd to a DC.

First, I would encourage you to make your setup dynamic enough where you can change a server name without detrimental effects, because this will become a problem any time you will need to refresh a server, and having a network design that is dependent on static names is not very robust; your network should be able to handle a server name change.

If however, you don't want to change the design of your network now and really want to maintain the same server names, then since you have 2 DC's, you can do it with somewhat of a shell game; I'd say you can DCPROMO your current 2nd DC DOWN, and change its name and IP. Change the name and IP of one of your new boxes to your 2nd DC permanent name/IP and DCPROMO it up. (you will have had to run the adprep that I mentioned above, prior to this point.) Transfer or restore DNS and/or any other services from your old 2nd DC to the new 2nd DC.

Once DC replication has occurred, and you've tested your network functionality, you can do the same with your remaining DC; you'll have to DCPROMO the box DOWN, so it will allow you to change its name, and then once renamed, you can name and DCPROMO your remaining new box in its place. Transfer DNS and any/all other services you're running, onto the box, and test.

This method will actually leave your "2nd" DC holding all of the AD Roles; you'll want to verify and/or redistribute the roles as appropriate.

Collapse -

static IP

by Triathlete1981 In reply to Problem

give the new server a different static IP than the current one. once replication is done, decommission the old one and give the new server the desired static IP.

best do this over a weekend so the transition is seamless

and if this guy mentioned this already, sorry, i didn't want to read the novel

Collapse -

Accounts migrate also?

by bell0010 In reply to Problem

Following your instructions, will this migrate all the users/groups/passwords/etc., over to the new replacement?
Also...what does adprep do?

Collapse -

Migration Guide

by retro77 In reply to Accounts migrate also?

What I did is I downloaded the migration guide:

Find the senario that fits what you are doing and read through it about 10 times. Then make yourself a list of what you are going to do and in what order. That way when you go to do the migration after hours or on a weekend you have a game plan and your boss sees that you have your ducks in a row. For the workstations, remember that the users have to be logged off.

Related Discussions

Related Forums