Thanks for all of the info and tips. I will be doing this in a few weeks
and will let you know if I turn up anything that may be of interest to the
group.
AM2K4
- Original Message -
From: "Mark Caldwell" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 10, 2003 12:19 PM
Subject: RE: [ActiveDir] Changing Hardware for DC
Rich,
I sent a mail to you the other day (you're A-B's account). Give me a
ping if you get a sec. :)
Mark C.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn
Sent: Tuesday, December 09, 2003 6:07 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Changing Hardware for DC
In early days, in a lab, I rebuilt a few DCs before I remembered about
demoting (i.e. I blew them away) and learned ntdsutil the hard way. But
since then I have demoted a number of them and not had a problem.
However,
while searching for something else last night, I ran across a couple of
TechNet and JSI articles about using the /FORCEREMOVAL switch on DCPROMO
for
when a DC just doesn't cooperate... here maybe this will save you the
trouble of searching (and keep you from actually needing them! :)
http://support.microsoft.com/default.aspx?kbid=332199
http://www.jsiinc.com/SUBN/tip6700/rh6741.htm
your DNS records should be taken care of if DNS is working correctly.
Do
transfer the FSMO roles off first as you mentioned. If you haven't done
them before, they're pretty straight-forward except for the schema
master
role. You have to register a dll to use the graphical schema tool (you
can
use ntdsutil but it can be intimidating if you haven't used it much
before).
This article goes through all the roles, just in case.
http://support.microsoft.com/?kbid=255690
good luck -
Rich
-Original Message-
From: Joe [mailto:[EMAIL PROTECTED]
Sent: Monday, December 08, 2003 8:51 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Changing Hardware for DC
Interesting on your demotion experience. I have been running AD and
large
numbers of domain controllers since the bloody oem days and can't say I
have
experienced what you have experienced. I have run into a couple of
DCPROMO's
into DC's before where the SPN didn't make it into the main part of AD
but
never a failed demotion. If the machine was functioning and had dns
entries
I could demote.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Cornetet
Sent: Wednesday, December 03, 2003 8:43 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Changing Hardware for DC
This should work just fine. A couple of things to watch for, though:
1. Wait a while after the demotion of each DC before you rename it. Make
sure your AD has replicated fully.
2. Back in the early days of AD, I did a lot of this sort of thing in
the
lab and found that demoting a DC to a member server was a crap-shoot.
Many
times the demotion would fail, and I'd be in for a long session with
NTDSUtil to clean up. That was in the SP1 days, though - things may be
better now.
An alternate method of doing what you want would be to do a full backup,
then a restore on the new hardware. I think I like your method better,
though.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of AD Man
Sent: Tuesday, December 02, 2003 11:47 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Changing Hardware for DC
Hello,
I need to replace a few DC's with new hardware. I MUST be able to use
the
same machine name and IP address for the new server so I will need to
take
the old server down and bring the new up in its place.
These are the FSMO holders so I just want to make sure there are no
unforeseen issues with doing this.
A few additional notes: These DC's are the FSMO's and DNS is on Bind 8.
Rough plan:
Old server:
-Transfer roles off to another DC
-SystemState backup?
-Demote old server
-Change name
-Change IP
New server:
-Assign 'old' Name
-Assign 'old' IP
-DCPromo New server
-Transfer roles back
-Etc, etc.
What am I missing, do I need to do any kind of DNS cleanup first or this
will happen dynamically?
Any thoughts?
Thanks,
AM
_
Shop online for kids' toys by age group, price range, and toy category
at
MSN Shopping. No waiting for a clerk to help you!
http://shopping.msn.com
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archi
