How to replace a Win2k3 DC

  • Thread starter Thread starter Clayton Sutton
  • Start date Start date
C

Clayton Sutton

Hi everyone,

We are running two Windows 2003 domain controllers on our network (DC01 and
DC02). The hardware is getting old and we would like to replace both DCs
(both DCs are GCs). However, when we are done the NEW DCs have to have the
same name and IP addresses of the OLD DCs! Anyone have any comments on the
best way to go about this? Here is what I was thinking:


1. Get both new servers ready "offline" with the names DC01 and DC02.
2. Put them on another subnet and do all my updates
3. Run dcprom on the OLD DC02 and shut it down
4. Bring the NEW DC02 online
5. Join it to the domain and run dcpromo
6. Make it a GC server
7. Do the same thing with the OLD DC01 and the NEW DC01

Anyone have anyother input?

Thanks for any and all help



Clayton
 
Clayton Sutton said:
Hi everyone,

We are running two Windows 2003 domain controllers on our network (DC01 and
DC02). The hardware is getting old and we would like to replace both DCs
(both DCs are GCs). However, when we are done the NEW DCs have to have the
same name and IP addresses of the OLD DCs! Anyone have any comments on the
best way to go about this? Here is what I was thinking:


1. Get both new servers ready "offline" with the names DC01 and DC02.
2. Put them on another subnet and do all my updates
3. Run dcprom on the OLD DC02 and shut it down
4. Bring the NEW DC02 online
5. Join it to the domain and run dcpromo
6. Make it a GC server
7. Do the same thing with the OLD DC01 and the NEW DC01

Anyone have anyother input?

Thanks for any and all help
Clayton
Click to expand...

Here are a few links on the subject. The "Swing Kit" is probably your
best option, because it allows you to perform the migration while at
all times providing you with a backout path.

http://www.microsoft.com/windowsserver2003/upgrading/nt4/tooldocs/msfsc.mspx
http://www.microsoft.com/windowsserver2003/techinfo/overview/ads.mspx
www.sbsmigration.com (swing kit)
 
Look at Microsofts instructions on how to move an install to new hardware.
First, back up the Servers. Then initiate a "repair" install. After the
first reboot, put the drive into the new computer and boot. It should
re-detect all of the hardware and come up functional. If this is a single
drive or a mirror, I'd ghost to a new drive and then, if it goes to h3ll,
you can just bring the old one back on line. Since you have 2, you don't
have as much to worry about.

As a second option, just make sure all of the FSMO roles are on one server,
then kill off the other one (the right way - dcpromo it out and unjoin it
form the domain). Then bring up the new one, promote it and if everything
replicates properly, transfer the roles to it. (then take the other one off
line for a couple of weeks to be sure everything works). After that, do the
same with the other.

....kurt
 
I think what you want to do is very sound. I have recommended the exact
procedure you described. Just be sure to use the exact same ip address on
both dc's. Also if you want the fsmo roles to stay on the same machines you
should make note of where they are currently and then where they are once
completed.

You can list out these via dcdiag and you should run it before you start to
make any major changes. DCDiag is available in the tools on your install cd
at d:\support\tools\setup.exe. You should set the verbose and enterprise
flags to get the info. You can download a script I have at
http://pbbergs.dynu.com/windows/windows.htm, just select dcdiag on the gui
and it defaults the options and opens up the output in notepad. Once you
are done you can use the windows gui to move them back.

FSMO role movement
http://support.microsoft.com/default.aspx?scid=kb;en-us;255690&Product=win2000

Be aware of any other server services such as WINS, DHCP, DNS and TS
Licensing Services for example.

--


Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Personally, I would bring a temporary DC into the mix. This way you have no
downtime, and can test that all is well when you turn off the old DC. If
things aren't configured correctly, when you turn that off you will have
problems.

Here's a quick how-to on the subject:
-- http://www.msresource.net/content/view/24/47/


What you propose is fine. I just think it is safer to use a temporary DC.
For testing and uptime purposes. A VM is fine.
 
Kurt said:
Look at Microsofts instructions on how to move an install to new hardware.
First, back up the Servers. Then initiate a "repair" install. After the
first reboot, put the drive into the new computer and boot. It should
re-detect all of the hardware and come up functional. If this is a single
drive or a mirror, I'd ghost to a new drive and then, if it goes to h3ll,
you can just bring the old one back on line. Since you have 2, you don't
have as much to worry about.
Click to expand...


This ("repair install") is a good method and the method preferred
in Win2000.

For Win2003 you may substitute the ASR (Automated System
Recovery) method which essentially automates a system state
restore with a repair install and provides disk info through the
ASR floppy.
 
wow.... what a stupendous and risky waste of time.

read Pegasus's post for the clean, logical, and easy way to do this.

The only thing I would add is that having SAN storage, backup images, or
even just removing a mirror drive from a raid will give you a quick restore
if a server goes south.


--
Manny Borges
MCSE NT4-2003 (+ Security)
MCT, Certified Cheese Master

There are 10 kinds of people who understand binary. Those who do and those
who don't.
Herb Martin said:
Kurt said:
Look at Microsofts instructions on how to move an install to new
hardware. First, back up the Servers. Then initiate a "repair" install.
After the first reboot, put the drive into the new computer and boot. It
should re-detect all of the hardware and come up functional. If this is a
single drive or a mirror, I'd ghost to a new drive and then, if it goes
to h3ll, you can just bring the old one back on line. Since you have 2,
you don't have as much to worry about.
Click to expand...


This ("repair install") is a good method and the method preferred
in Win2000.

For Win2003 you may substitute the ASR (Automated System
Recovery) method which essentially automates a system state
restore with a repair install and provides disk info through the
ASR floppy.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

Kurt said:
Look at Microsofts instructions on how to move an install to new
hardware. First, back up the Servers. Then initiate a "repair" install.
After the first reboot, put the drive into the new computer and boot. It
should re-detect all of the hardware and come up functional. If this is a
single drive or a mirror, I'd ghost to a new drive and then, if it goes
to h3ll, you can just bring the old one back on line. Since you have 2,
you don't have as much to worry about.

As a second option, just make sure all of the FSMO roles are on one
server, then kill off the other one (the right way - dcpromo it out and
unjoin it form the domain). Then bring up the new one, promote it and if
everything replicates properly, transfer the roles to it. (then take the
other one off line for a couple of weeks to be sure everything works).
After that, do the same with the other.

...kurt
Click to expand...
Click to expand...
 
So if you ghost your mirror drive, you'll have a third drive + the complete
original mirror set. Then boot to the new drive, start an over-the-top
install and stop the thing after the first reboot. Throw the drive into the
new server and there's nothing to re-install, nothing to restore, and
absolutely no risk, since the original server is still 100% intact,
including both drives of it's mirror. If all goes well , your old install
will be up and running on your prim new hardware in an hour or so. I see no
waste of time or risk here. Pegasus way is equally as good, but probably
would take a little longer, even if the DC is strictly used as a DC. If it's
used for other things (web server, file server, app server), you'll
definitely be in it a lot longer restoring to full functionality. If this
were my own server I'd probably go the route as prescribed by Pegasus - I
prefer a clean install. But the Microsoft method does work.

....kurt

Manny Borges said:
wow.... what a stupendous and risky waste of time.

read Pegasus's post for the clean, logical, and easy way to do this.

The only thing I would add is that having SAN storage, backup images, or
even just removing a mirror drive from a raid will give you a quick
restore if a server goes south.


--
Manny Borges
MCSE NT4-2003 (+ Security)
MCT, Certified Cheese Master

There are 10 kinds of people who understand binary. Those who do and those
who don't.
Herb Martin said:
Kurt said:
Look at Microsofts instructions on how to move an install to new
hardware. First, back up the Servers. Then initiate a "repair" install.
After the first reboot, put the drive into the new computer and boot. It
should re-detect all of the hardware and come up functional. If this is
a single drive or a mirror, I'd ghost to a new drive and then, if it
goes to h3ll, you can just bring the old one back on line. Since you
have 2, you don't have as much to worry about.
Click to expand...


This ("repair install") is a good method and the method preferred
in Win2000.

For Win2003 you may substitute the ASR (Automated System
Recovery) method which essentially automates a system state
restore with a repair install and provides disk info through the
ASR floppy.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

Kurt said:
Look at Microsofts instructions on how to move an install to new
hardware. First, back up the Servers. Then initiate a "repair" install.
After the first reboot, put the drive into the new computer and boot. It
should re-detect all of the hardware and come up functional. If this is
a single drive or a mirror, I'd ghost to a new drive and then, if it
goes to h3ll, you can just bring the old one back on line. Since you
have 2, you don't have as much to worry about.

As a second option, just make sure all of the FSMO roles are on one
server, then kill off the other one (the right way - dcpromo it out and
unjoin it form the domain). Then bring up the new one, promote it and if
everything replicates properly, transfer the roles to it. (then take the
other one off line for a couple of weeks to be sure everything works).
After that, do the same with the other.

...kurt

Hi everyone,

We are running two Windows 2003 domain controllers on our network (DC01
and DC02). The hardware is getting old and we would like to replace
both DCs (both DCs are GCs). However, when we are done the NEW DCs
have to have the same name and IP addresses of the OLD DCs! Anyone
have any comments on the best way to go about this? Here is what I was
thinking:


1. Get both new servers ready "offline" with the names DC01 and DC02.
2. Put them on another subnet and do all my updates
3. Run dcprom on the OLD DC02 and shut it down
4. Bring the NEW DC02 online
5. Join it to the domain and run dcpromo
6. Make it a GC server
7. Do the same thing with the OLD DC01 and the NEW DC01

Anyone have anyother input?

Thanks for any and all help



Clayton
Click to expand...
Click to expand...
Click to expand...
 
Back
Top