Second Domain Controller

  • Thread starter Thread starter Amos Aesoph
  • Start date Start date
A

Amos Aesoph

Sort of a hefty task at hand, I am hoping that there may be a step-by-step
guide or tutorial on this somewhere.

Currently have 1 Windows 2000 Domain controller. Runs AD, DNS, DHCP. Also
does some file serving. We would like to upgrade the hardware, including HDD
space, CPU, RAM, etc., basically a whole new machine. But, how hard is it
going to be to get this new machine to replace the old, without the rest of
the network noticing?

I figured I would bring the new machine up as a second domain controller,
allowing the AD stuff to replicate, as well as the DNS. DHCP I would just
have to configure once it is in place. After the replication, I would take
the current machine off-line, and hopefully everything will work...is this
the case? Is it possible to some how have this second machine have the same
host-name and IP address as the current machine (provided they are never
online together with this configuration)? Any thoughts on how best to
accomplish this goal? Also, any articles or how-to's you can point me to
will be greatly appreciated...
 
Currently have 1 Windows 2000 Domain controller. Runs AD, DNS, DHCP. Also
does some file serving. We would like to upgrade the hardware, including HDD
space, CPU, RAM, etc., basically a whole new machine. But, how hard is it
going to be to get this new machine to replace the old, without the rest of
the network noticing?

Install the new machine as a server, DCPromo it to DC, and DCPromo the
other to non-DC is the easier. While both are DCs move the 3-5 single
master
roles over to the new server, as well as the GC job (Sites and Services.)

You can also use a System State backup/restore to switch machines --
destroying
the OS on the former; booting the second in "Safe Mode" and straightening
out
hardware differences.

The question always arises, WHY?
 
I've done this and it's a big job but not impossible.

First -

Install the new server, promote it to DC and give it time
to replicate. Transfer DHCP add the new servers addresses
(DNS etc... ) to the scope settings and let your
workstations grab all the new settings. Be sure that your
DNS zone is AD integrated. THat way it's replicated with
AD and you do not have to backup/restore.

You can back up and restore your DHCP scope. See KB
article 130642. You will also need to transfer all the
FSMO roles to the new DC. KB article 255504 describes
this process pretty well using ntdsutil. You can do some
of the transfer via sites and services but I prefer using
the command line for all 5 roles.

After I transfered all the roles and the workstations had
the new DNS info - I didn't demote the old server for a
few days to be sure all was well. If you want to do a
test run first - shut down the old server and see how it
goes.

Good luck!!

Matthew Kaess, MCSA
 
Back
Top