|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Adding a new DC - win2k3 R2Very easy question.
I have a domain working just fine but I want to add a new DC. I just run dcpromo from the start menu on my new server and that should do it? It won't serve as anything but an 2nd authentication server at our corporate office which has 75 users. The old server will be demoted using the same process? Neither are a dns provider however one of them is used for GPO editing using group policy editor. Kyle - refer to http://technet.microsoft.com/en-us/library/cc738032.aspx
regarding installing an additional domain controller in an existing domain. As far as demoting an existing domain controller is concerned, follow info in http://technet.microsoft.com/en-us/library/cc740017.aspx hth Marcin Show quoteHide quote "Kyle BLake" <KyleBL***@discussions.microsoft.com> wrote in message news:9F65B6FE-4643-4089-9491-21C5B71C4240@microsoft.com... > Very easy question. > I have a domain working just fine but I want to add a new DC. > I just run dcpromo from the start menu on my new server and that should do > it? > > It won't serve as anything but an 2nd authentication server at our > corporate > office which has 75 users. The old server will be demoted using the same > process? > > Neither are a dns provider however one of them is used for GPO editing > using > group policy editor. > > Hello Kyle,
Make sure you assigned new server with static IP and pointing to correct dns server, install all necessary service packs, then run dcpromo. Before you demote old server, Make sure new server is functioning properly as Domain controller by checking using dcdiag and repadmin for any errors. Tranfer all FSMO roles to new Domain controller. On a side note, I will shutdown old domain controller for about a couple of days just to make sure the new is working properly, then bring old server back online and demote if confirmed that all is well with new server. -- Show quoteHide quoteIsaac Oben [MCTIP:EA, MCSE] "Kyle BLake" <KyleBL***@discussions.microsoft.com> wrote in message news:9F65B6FE-4643-4089-9491-21C5B71C4240@microsoft.com... > Very easy question. > I have a domain working just fine but I want to add a new DC. > I just run dcpromo from the start menu on my new server and that should do > it? > > It won't serve as anything but an 2nd authentication server at our > corporate > office which has 75 users. The old server will be demoted using the same > process? > > Neither are a dns provider however one of them is used for GPO editing > using > group policy editor. > > In news:9F65B6FE-4643-4089-9491-21C5B71C4240@microsoft.com, Kyle BLake <KyleBL***@discussions.microsoft.com>, posted the following:> Very easy question. Kyle,> I have a domain working just fine but I want to add a new DC. > I just run dcpromo from the start menu on my new server and that > should do it? > > It won't serve as anything but an 2nd authentication server at our > corporate office which has 75 users. The old server will be demoted > using the same process? > > Neither are a dns provider however one of them is used for GPO > editing using group policy editor. In addition to the other responses, with excellent links that were provided, see if the following steps help guide you. Install Windows 2003 on the new server. Don;t bother joiing it to the domain. Provide a static IP config to the new server Make sure the DNS settings on the new server are only using the current DC. Make sure on the current DC that it is only using itself for DNS. (no ISP DNS, please, just itself) Make sure the current DC is not mutihomed. Make sure the current AD domain name is not a single lable name (domain vs the required format of domain.net, domain.com, etc). Install DNS on the new server. DO NOT add any zones. Leave it empty Run dcpromo from a Run line. Tell it this will be a replica DC to a current domain Choose the current domain name Go with the defaults for the rest of the options. Choose a restore password, you can use the current admin password Once complete, restart Make this DC a GC (in AD Sites and Services) Go into IP properties, remove the 127.0.0.1 address Make sure the current DC is still set as the first entry Make the new server's IP as the second entry Check DNS on the original sever. Make sure the new server gets registered into the SRV records, A record and (same as parent) record. Check ADUC, Domain Controllers OU to make sure an account exists for the new DC. If you are currently using WINS, install WINS Run Windows update to get it caught up. restart, Run again to get whatever is left over Once restarted and all is ok, transfer all FSMO roles to the new DC (how to transfer roles, please see instructions at http://support.microsoft.com/kb/324801) Check ALL event logs making sure no errors on both servers. Go into Sites and Services, and force a replication. Make sure no errors popup or in the event log. On the new DC, change the DNS order so the new one is the first in the list now. Remove the old DC's IP On the old DC, point to the new DC in DNS. Run ipconfig /registerdns, then restart the netlogon service. Check to make sure no errors in the event logs. Once satisfied, run dcromo on the old server. DO NOT choose "This is the Last DC in the Domain" Restart when complete After the restart, go into Sites and Services on the new DC and delete the old server name if you see it. Check ADUC, Domain Controllers OU to make sure it was removed. Check Computers Container, and you should find the now demoted old server in there. If you Exchange was on the DC, NOW is your chance to uninstall it. Make sure of course, you go through the steps of moving Exchange to a another server (a member server). Once you've moved Exchange, Go into Add/Remove to uninstall it. You will more than likely prompt you for the original installation CD to completely remove it. -- Ace This posting is provided "AS-IS" with no warranties or guarantees and confers no rights. Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT Microsoft Certified Trainer ace***@mvps.RemoveThisPart.org For urgent issues, you may want to contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers. 
Other interesting topics
Not Pulling an IP
VB Script returns all group memberships for a user EXCEPT Exchange Dist groups AD Container User authenticates, skips logon script Add User to group through comparison to other user's memberships Errors from dcdiag disabling 3g modems that connect to PCs via usb and pcmcia Recovery GPOs redirected start menu not working Set password length for windows system programmaticaly |
|||||||||||||||||||||||
