Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


InTheWayBoy

Phase Out First DC In 2003 Network

Recommended Posts

Looking to phase out the first DC in our network, which is running 2003 SP1 in a virtual server. I want to implement some redundancy by adding another DC/DNS server, but would like them both to be as similar as possible. The new server template I run is 2003 R2 SP2, and the current DC is the last server on the network that isn't at that level. I just want to forget the OS instead of updating it.

I've done this before under emergency situations where I could afford downtime, but with this I want to make it smooth. I plan to deploy one new virtual server as a DC/DNS, and let replication handle the heavy work. Then transfer the FSMO roles to the new server, and make it's other services the primary ones (WINS, DHCP, etc) on the network. Once that is stable I'll deploy a second virtual server as a DC/DNS, again letting replication do it's thing. After verifying that I can then remove the first server from AD using dcpromo. Oh yeah, and make sure to make the new virtual servers also GC's.

Aside from any major mistakes, I just have a few questions:

1. When it's all said and done should I point the DNS servers to themselves and then the other, or vice versa. I've read both and can't figure out which to go with.

2. We have an Exchange 2003 server, and also use IAS for our vpn authentication. Are there any extra precautions I should take because of their AD requirements?

3. Is there a simple way to verify that replication has completed 100% before I demote the first DC?

Share this post


Link to post
Share on other sites

1. When it's all said and done should I point the DNS servers to themselves and then the other, or vice versa. I've read both and can't figure out which to go with.

2. We have an Exchange 2003 server, and also use IAS for our vpn authentication. Are there any extra precautions I should take because of their AD requirements?

3. Is there a simple way to verify that replication has completed 100% before I demote the first DC?

1. You should point the DNS entries at themselves first, using the other server as a secondary (same with WINS, if you're configuring that).

2. If IAS is installed on the virtual server DC, then you will need to install and configure on one of the new DCs and point your switches / servers / anything else using IAS to the new server.

3. You can use tools like replmon to view replication.

Note though, that you will need to update the schema from an R2 cd on the virtual server DC before you can make a server running R2 a domain controller.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...