Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to migrate to a new domain controller

Domain Controllers

How to migrate to a new domain controller

by  58sniper  Posted    (Edited  )
Here are the basic steps needed to replace a domain controller.

[ol]
[li]Backup the existing Domain Controller[/li]
[li]Test existing DC and resolve ALL issues[/li]
[ol]
[li]DCDiag[/li]
[ol]
[li][link http://technet.microsoft.com/en-us/library/cc773199(WS.10).aspx]http://technet.microsoft.com/en-us/library/cc773199(WS.10).aspx[/link] [/li]
[li][link http://technet.microsoft.com/en-us/library/cc776854(WS.10).aspx]http://technet.microsoft.com/en-us/library/cc776854(WS.10).aspx[/link] [/li]
[li]DCDIAG /v /c /d /e[/li]
[/ol]
[li]NetDiag[/li]
[ol]
[li][link http://technet.microsoft.com/en-us/library/cc783438(WS.10).aspx]http://technet.microsoft.com/en-us/library/cc783438(WS.10).aspx[/link] [/li]
[li]netdiag /v[/li]
[/ol]
[/ol]
[li]Check replication health (if more than one DC exists)[/li]
[ol][li]repadmin /showreps[/li]
[li]http://technet.microsoft.com/en-us/library/cc778305(WS.10).aspx[/li][/ol]
[li]Install OS on new server and patch to current level[/li]
[li]Add new server to domain[/li]
[li]Verify server is in correct AD site[/li]
[ol]
[li]nltest /dsgetsite[/li]
[/ol]
[li]Add DNS role to new server[/li]
[li]Enable DNS Zone Transfer on the existing DC and include the IP address of the new server. [/li]
[ol]
[li][link http://technet.microsoft.com/en-us/library/cc782181(WS.10).aspx]http://technet.microsoft.com/en-us/library/cc782181(WS.10).aspx[/link] [/li]
[/ol]
[li]Make necessary schema changes (if upgrading to new version of OS that requires schema changes)[/li]
[ol]
[li][link http://technet.microsoft.com/en-us/library/cc753437(WS.10).aspx]http://technet.microsoft.com/en-us/library/cc753437(WS.10).aspx[/link] [/li]
[/ol]
[li]run DCPROMO on new server and select "additional domain controller for an existing domain" option.[/li]
[ol]
[li][link http://technet.microsoft.com/en-us/library/cc732887(WS.10).aspx]http://technet.microsoft.com/en-us/library/cc732887(WS.10).aspx[/link] [/li]
[li][link http://msdn.microsoft.com/en-us/library/ee797379(CS.10).aspx]http://msdn.microsoft.com/en-us/library/ee797379(CS.10).aspx[/link][/li]
[/ol]
[li]Wait for replication (20-30 minutes)[/li]
[ol]
[li]repadmin /showreps[/li]
[li]http://technet.microsoft.com/en-us/library/cc778305(WS.10).aspx[/li]
[/ol]
[li]Check DNS on the new server[/li]
[ol]
[li]Have the Zone details replicated?[/li]
[li]Are the forwarders setup correctly? [/li]
[ol]
[li][link http://technet.microsoft.com/en-us/library/cc754941.aspx]http://technet.microsoft.com/en-us/library/cc754941.aspx[/link] [/li]
[/ol]
[/ol]
[li]Is the event log clear of errors?[/li]
[li]Add the Global Catalogue role to the new Domain Controller[/li]
[ol]
[li][link http://support.microsoft.com/kb/313994]http://support.microsoft.com/kb/313994[/link] [/li]
[/ol]
[li]Transfer the FSMO roles to the new Domain Controller[/li]
[ol]
[li][link http://support.microsoft.com/kb/324801]http://support.microsoft.com/kb/324801[/link] [/li]
[/ol]
[li]Verify FSMO Roles[/li]
[ol]
[li]Netdom query FSMO[/li]
[/ol]
[li]Verify the Primary DNS IP address[/li]
[li]Run DCDIAG on both Domain Controllers - fix any issues[/li]
[li]Run NetDiag on both Domain Controllers - fix any issues[/li]
[li]Configure the new Domain Controller to use an external time source[/li]
[li]Transfer file server functionality (if used)[/li]
[ol]
[li][link http://www.microsoft.com/windowsserver2008/en/us/fsmt.aspx]http://www.microsoft.com/windowsserver2008/en/us/fsmt.aspx[/link] [/li]
[/ol]
[li]Transfer print server functionality (if used)[/li]
[ol]
[li][link http://technet.microsoft.com/en-us/library/cc722360.aspx]http://technet.microsoft.com/en-us/library/cc722360.aspx[/link] [/li]
[/ol]
[li]Transfer DHCP functionality (if used)[/li]
[ol]
[li][link http://support.microsoft.com/kb/962355/]http://support.microsoft.com/kb/962355/[/link] [/li]
[li]Update DHCP scope with new server/DNS information [/li]
[/ol]
[li]Transfer any other server roles, features (if used)[/li]
[li]Update Exchange (if used)[/li]
[ol][li][link http://www.msexchange.org/tutorials/Exchange-System-Manager-Domain-Controller-Selection.html]http://www.msexchange.org/tutorials/Exchange-System-Manager-Domain-Controller-Selection.html[/link][/li][/ol]
[li]Transfer other applications (if used)[/li]
[ol]
[li]Running other apps like SQL, Exchange, etc. on a Domain Controller is NOT recommended[/li]
[/ol]
[li]Update logon scripts[/li]
[li]Update Group Policy Objects (GPOs)[/li]
[li]Backup the new server[/li]
[li]Stop old Domain Controller for 2 days - continue only if no issues[/li]
[li]Remove the Global Catalog role from the old Domain Controller[/li]
[li]Run DCPROMO on the OLD server to demote to a member server[/li]
[li]Remove OLD server from domain[/li]
[li]Make sure all references to the old server name are removed from DNS[/li]
[li]If an unsucessful removal occurs, cleanup Active Directory[/li]
[ol][li][link http://support.microsoft.com/kb/216498]http://support.microsoft.com/kb/216498[/link][/li][/ol]
[/ol]
Register to add this FAQ to your archive
Register to rate this FAQ  : BAD 1 2 3 4 5 6 7 8 9 10 GOOD
Please Note: 1 is Bad, 10 is Good :-)

Part and Inventory Search

Back
Top