Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Re: How to migrate existing domain controler
Re: How to migrate existing domain controler [message #155650] Wed, 03 June 2009 04:29 Go to next message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello Alexfoo,

Do you have new hardware or do you need to use the same hardware? Will you
keep the server names or can they be different? What OS architecture do you
have and what will be 2008, 32bit or 64bit?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello,
>
> I'm lookin for a best practices that is the closest from my needed.
> I got two domain controllers on old hardware servers that I need to
> migrate
> to knew hardware servers. These two DCs are also DNS, DHCP.
> The good thing is that they haven't any FSMO roles or other roles, all
> roles are on other server. All the Forest and Domain are 2003 Native.
>
> All thread on DC servers talk about migration on other domain or
> forest. This is not what I'm looking for.
>
> In the same time I wonders if it's possible to migrate them to Windows
> 2008 server. Actually they are 2003 R2 SP2.
>
> If you know a best practice that is close from what I'm looking for...
> I know it's something that seems easy but I don't want to miss
> something.
>
> Thanks in advance.
>
Re: How to migrate existing domain controler [message #155651 is a reply to message #155650] Wed, 03 June 2009 04:49 Go to previous messageGo to next message
Alexfoo  is currently offline Alexfoo
Messages: 5
Registered: June 2009
Junior Member
Hi,

First thanks for your quick reply.

Yes I will have new hardware. And I want to keep the names (otherwise I just
add new DC to the domain and dismount the old one)


Actually we have one forest in 2003 native.One DC in 2008 servers that host
all the roles, but wihout DNS and DHCP.
Different physical sites with 2 domain controllers on each that are defined
as well logically in "Sites and services". The replication configuration
trough each site is pretty simple and work fine.

The DCs are 2003 Servers R2 SP2 32bits and are part of the replication of
the principale site.

If possible I want to migrate them to Windows 2008 x64. But if it's add a
big amout of work it's no use because x64 is not really needed on a DC (my
opinion).

Thanks !

"Meinolf Weber [MVP-DS]" wrote:

> Hello Alexfoo,
>
> Do you have new hardware or do you need to use the same hardware? Will you
> keep the server names or can they be different? What OS architecture do you
> have and what will be 2008, 32bit or 64bit?
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
> > Hello,
> >
> > I'm lookin for a best practices that is the closest from my needed.
> > I got two domain controllers on old hardware servers that I need to
> > migrate
> > to knew hardware servers. These two DCs are also DNS, DHCP.
> > The good thing is that they haven't any FSMO roles or other roles, all
> > roles are on other server. All the Forest and Domain are 2003 Native.
> >
> > All thread on DC servers talk about migration on other domain or
> > forest. This is not what I'm looking for.
> >
> > In the same time I wonders if it's possible to migrate them to Windows
> > 2008 server. Actually they are 2003 R2 SP2.
> >
> > If you know a best practice that is close from what I'm looking for...
> > I know it's something that seems easy but I don't want to miss
> > something.
> >
> > Thanks in advance.
> >
>
>
>
Re: How to migrate existing domain controler [message #155654 is a reply to message #155651] Wed, 03 June 2009 05:13 Go to previous messageGo to next message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello Alexfoo,

Before starting run replmon from the run line or repadmin /showrepl(only
if more then one DC exist), dcdiag /v and netdiag /v from the command prompt
on the old machine to check for errors, if you have some post the complete
output from the command here or solve them first. For this tools you have
to install the support\tools\suptools.msi from the 2003 installation disk.

Upgrade on the schema master with an account of the schema admins/enterprise
admins with adprep /forestprep, adprep /domainprep and adprep /rodcprep to
version 44 from the 2008 installation disk.

With new hardware and having additional DC's keeping the names is not a problem.
Go DC by DC and remove one of the old machines from the domain with dcpromo,
wait for replication to all other DCs and then remove it from AD UC computers
container, where it will be moved to after demoting. Then cleanup AD sites
and services from the DC name and check that all entries in DNS server/zone
properties and in the zone structure is removed. Again wait for replication
between all DCs.

Now you can use the same name to add the 2008 machine to the domain and promote
it as additional DC.

After every major step run the support tools again to make sure no errors
exist.

Then make the new DCs Global catalog server and move the 5 FSMO roles to
one of the 2008 DCs, they should always be on the newest OS version, when
the PDCEmulator is moved to 2008 a new security group will be created for
example.
If you are ready with the installation part use again the support tools.

Netdiag.exe is not included within 2008, but you can copy the 2003 version
to it and it works fine on 2008.

With new hardware and fresh install look forward and use 64bit version, MS
will go with the new server versions step by step to 64bit, as already done
with SBS/EBS 2008, Exchange 2007, 2008 R2.

When you are not planning to use IPv6 i suggest to disable it complete:
http://blogs.dirteam.com/blogs/paulbergson/archive/2009/03/1 9/disabling-ipv6-on-windows-2008.aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi,
>
> First thanks for your quick reply.
>
> Yes I will have new hardware. And I want to keep the names (otherwise
> I just add new DC to the domain and dismount the old one)
>
> Actually we have one forest in 2003 native.One DC in 2008 servers that
> host
> all the roles, but wihout DNS and DHCP.
> Different physical sites with 2 domain controllers on each that are
> defined
> as well logically in "Sites and services". The replication
> configuration
> trough each site is pretty simple and work fine.
> The DCs are 2003 Servers R2 SP2 32bits and are part of the replication
> of the principale site.
>
> If possible I want to migrate them to Windows 2008 x64. But if it's
> add a big amout of work it's no use because x64 is not really needed
> on a DC (my opinion).
>
> Thanks !
>
> "Meinolf Weber [MVP-DS]" wrote:
>
>> Hello Alexfoo,
>>
>> Do you have new hardware or do you need to use the same hardware?
>> Will you keep the server names or can they be different? What OS
>> architecture do you have and what will be 2008, 32bit or 64bit?
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hello,
>>>
>>> I'm lookin for a best practices that is the closest from my needed.
>>> I got two domain controllers on old hardware servers that I need to
>>> migrate
>>> to knew hardware servers. These two DCs are also DNS, DHCP.
>>> The good thing is that they haven't any FSMO roles or other roles,
>>> all
>>> roles are on other server. All the Forest and Domain are 2003
>>> Native.
>>> All thread on DC servers talk about migration on other domain or
>>> forest. This is not what I'm looking for.
>>>
>>> In the same time I wonders if it's possible to migrate them to
>>> Windows 2008 server. Actually they are 2003 R2 SP2.
>>>
>>> If you know a best practice that is close from what I'm looking
>>> for... I know it's something that seems easy but I don't want to
>>> miss something.
>>>
>>> Thanks in advance.
>>>
Re: How to migrate existing domain controler [message #155658 is a reply to message #155654] Wed, 03 June 2009 05:47 Go to previous messageGo to next message
Alexfoo  is currently offline Alexfoo
Messages: 5
Registered: June 2009
Junior Member
Thanks for your response.

I'm gonna migrate my DCs following your advices.

Regards,

"Meinolf Weber [MVP-DS]" wrote:

> Hello Alexfoo,
>
> Before starting run replmon from the run line or repadmin /showrepl(only
> if more then one DC exist), dcdiag /v and netdiag /v from the command prompt
> on the old machine to check for errors, if you have some post the complete
> output from the command here or solve them first. For this tools you have
> to install the support\tools\suptools.msi from the 2003 installation disk.
>
> Upgrade on the schema master with an account of the schema admins/enterprise
> admins with adprep /forestprep, adprep /domainprep and adprep /rodcprep to
> version 44 from the 2008 installation disk.
>
> With new hardware and having additional DC's keeping the names is not a problem.
> Go DC by DC and remove one of the old machines from the domain with dcpromo,
> wait for replication to all other DCs and then remove it from AD UC computers
> container, where it will be moved to after demoting. Then cleanup AD sites
> and services from the DC name and check that all entries in DNS server/zone
> properties and in the zone structure is removed. Again wait for replication
> between all DCs.
>
> Now you can use the same name to add the 2008 machine to the domain and promote
> it as additional DC.
>
> After every major step run the support tools again to make sure no errors
> exist.
>
> Then make the new DCs Global catalog server and move the 5 FSMO roles to
> one of the 2008 DCs, they should always be on the newest OS version, when
> the PDCEmulator is moved to 2008 a new security group will be created for
> example.
> If you are ready with the installation part use again the support tools.
>
> Netdiag.exe is not included within 2008, but you can copy the 2003 version
> to it and it works fine on 2008.
>
> With new hardware and fresh install look forward and use 64bit version, MS
> will go with the new server versions step by step to 64bit, as already done
> with SBS/EBS 2008, Exchange 2007, 2008 R2.
>
> When you are not planning to use IPv6 i suggest to disable it complete:
> http://blogs.dirteam.com/blogs/paulbergson/archive/2009/03/1 9/disabling-ipv6-on-windows-2008.aspx
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
> > Hi,
> >
> > First thanks for your quick reply.
> >
> > Yes I will have new hardware. And I want to keep the names (otherwise
> > I just add new DC to the domain and dismount the old one)
> >
> > Actually we have one forest in 2003 native.One DC in 2008 servers that
> > host
> > all the roles, but wihout DNS and DHCP.
> > Different physical sites with 2 domain controllers on each that are
> > defined
> > as well logically in "Sites and services". The replication
> > configuration
> > trough each site is pretty simple and work fine.
> > The DCs are 2003 Servers R2 SP2 32bits and are part of the replication
> > of the principale site.
> >
> > If possible I want to migrate them to Windows 2008 x64. But if it's
> > add a big amout of work it's no use because x64 is not really needed
> > on a DC (my opinion).
> >
> > Thanks !
> >
> > "Meinolf Weber [MVP-DS]" wrote:
> >
> >> Hello Alexfoo,
> >>
> >> Do you have new hardware or do you need to use the same hardware?
> >> Will you keep the server names or can they be different? What OS
> >> architecture do you have and what will be 2008, 32bit or 64bit?
> >>
> >> Best regards
> >>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>> Hello,
> >>>
> >>> I'm lookin for a best practices that is the closest from my needed.
> >>> I got two domain controllers on old hardware servers that I need to
> >>> migrate
> >>> to knew hardware servers. These two DCs are also DNS, DHCP.
> >>> The good thing is that they haven't any FSMO roles or other roles,
> >>> all
> >>> roles are on other server. All the Forest and Domain are 2003
> >>> Native.
> >>> All thread on DC servers talk about migration on other domain or
> >>> forest. This is not what I'm looking for.
> >>>
> >>> In the same time I wonders if it's possible to migrate them to
> >>> Windows 2008 server. Actually they are 2003 R2 SP2.
> >>>
> >>> If you know a best practice that is close from what I'm looking
> >>> for... I know it's something that seems easy but I don't want to
> >>> miss something.
> >>>
> >>> Thanks in advance.
> >>>
>
>
>
Re: How to migrate existing domain controler [message #155660 is a reply to message #155658] Wed, 03 June 2009 06:09 Go to previous message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello Alexfoo,

If any problems occur use this posting again. So anybody can follow the complete
story.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Thanks for your response.
>
> I'm gonna migrate my DCs following your advices.
>
> Regards,
>
> "Meinolf Weber [MVP-DS]" wrote:
>
>> Hello Alexfoo,
>>
>> Before starting run replmon from the run line or repadmin
>> /showrepl(only if more then one DC exist), dcdiag /v and netdiag /v
>> from the command prompt on the old machine to check for errors, if
>> you have some post the complete output from the command here or solve
>> them first. For this tools you have to install the
>> support\tools\suptools.msi from the 2003 installation disk.
>>
>> Upgrade on the schema master with an account of the schema
>> admins/enterprise admins with adprep /forestprep, adprep /domainprep
>> and adprep /rodcprep to version 44 from the 2008 installation disk.
>>
>> With new hardware and having additional DC's keeping the names is not
>> a problem. Go DC by DC and remove one of the old machines from the
>> domain with dcpromo, wait for replication to all other DCs and then
>> remove it from AD UC computers container, where it will be moved to
>> after demoting. Then cleanup AD sites and services from the DC name
>> and check that all entries in DNS server/zone properties and in the
>> zone structure is removed. Again wait for replication between all
>> DCs.
>>
>> Now you can use the same name to add the 2008 machine to the domain
>> and promote it as additional DC.
>>
>> After every major step run the support tools again to make sure no
>> errors exist.
>>
>> Then make the new DCs Global catalog server and move the 5 FSMO roles
>> to
>> one of the 2008 DCs, they should always be on the newest OS version,
>> when
>> the PDCEmulator is moved to 2008 a new security group will be created
>> for
>> example.
>> If you are ready with the installation part use again the support
>> tools.
>> Netdiag.exe is not included within 2008, but you can copy the 2003
>> version to it and it works fine on 2008.
>>
>> With new hardware and fresh install look forward and use 64bit
>> version, MS will go with the new server versions step by step to
>> 64bit, as already done with SBS/EBS 2008, Exchange 2007, 2008 R2.
>>
>> When you are not planning to use IPv6 i suggest to disable it
>> complete:
>> http://blogs.dirteam.com/blogs/paulbergson/archive/2009/03/1 9/disabli
>> ng-ipv6-on-windows-2008.aspx
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hi,
>>>
>>> First thanks for your quick reply.
>>>
>>> Yes I will have new hardware. And I want to keep the names
>>> (otherwise I just add new DC to the domain and dismount the old one)
>>>
>>> Actually we have one forest in 2003 native.One DC in 2008 servers
>>> that
>>> host
>>> all the roles, but wihout DNS and DHCP.
>>> Different physical sites with 2 domain controllers on each that are
>>> defined
>>> as well logically in "Sites and services". The replication
>>> configuration
>>> trough each site is pretty simple and work fine.
>>> The DCs are 2003 Servers R2 SP2 32bits and are part of the
>>> replication
>>> of the principale site.
>>> If possible I want to migrate them to Windows 2008 x64. But if it's
>>> add a big amout of work it's no use because x64 is not really needed
>>> on a DC (my opinion).
>>>
>>> Thanks !
>>>
>>> "Meinolf Weber [MVP-DS]" wrote:
>>>
>>>> Hello Alexfoo,
>>>>
>>>> Do you have new hardware or do you need to use the same hardware?
>>>> Will you keep the server names or can they be different? What OS
>>>> architecture do you have and what will be 2008, 32bit or 64bit?
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers
>>>> no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>> Hello,
>>>>>
>>>>> I'm lookin for a best practices that is the closest from my
>>>>> needed.
>>>>> I got two domain controllers on old hardware servers that I need
>>>>> to
>>>>> migrate
>>>>> to knew hardware servers. These two DCs are also DNS, DHCP.
>>>>> The good thing is that they haven't any FSMO roles or other roles,
>>>>> all
>>>>> roles are on other server. All the Forest and Domain are 2003
>>>>> Native.
>>>>> All thread on DC servers talk about migration on other domain or
>>>>> forest. This is not what I'm looking for.
>>>>> In the same time I wonders if it's possible to migrate them to
>>>>> Windows 2008 server. Actually they are 2003 R2 SP2.
>>>>>
>>>>> If you know a best practice that is close from what I'm looking
>>>>> for... I know it's something that seems easy but I don't want to
>>>>> miss something.
>>>>>
>>>>> Thanks in advance.
>>>>>
Previous Topic:Multiple Domains on a single physical LAN
Next Topic:Password Change
Goto Forum:
  


Current Time: Sun Sep 24 15:31:26 EDT 2017

Total time taken to generate the page: 0.04950 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software