Considerations for rebuilding a DC?
So, the time has come to rebuild Controller1, one of two DCs, it had a software failure months ago so we have been using our second DC to get us by until this summer.
The situation is that Controller1 has random software glitches meaning it fails to log people on, fails to authenticate in general, fails to assign and check permissions correctly, fails to resolve DNS sometimes all mostly random. It sits in a failover/load balancing cluster with Controller2 so there is no primary or secondary, they both operate at the same level and sync data between them (when working...) so my basic plan is thus:
Check Controller1 for any data we need to keep (local files for whatever reason)
Make sure Controller2 has all the FSMO's (Thanks google!)
Shutdown Controller1 for the last time then delete meta data from the AD on Controller2 that points to the now dead Controller1 (Again, google)
Then start the software rebuild starting with server 2008 R2 and whacking all our services on there (Clustering, DNS, DHCP, AD-DC, Backup etc...) obviously keeping it isolated once I start on DNS/DHCP/AD-DC until I sync it with Controller2
Anything I'm missing? We built the system last year so I have experience in setting up a windows network from scratch but this time I have to worry about not corrupting the existing AD data! We had Novell before this so I wasn't as worried about accidentally deleting/corrupting the data.
Once it's rebuilt I will then force a replication from Controller2 to Controller1, do I need to worry about a reverse replication where C2 sees the empty AD database of C1 and says "Ah well I best delete all my data too then!"? I understand (I believe) that I can force a one way replication from a server to the current one (IE if I log on to the empty C1 and force it to replicate FROM C2) but what I don't want is some sort of automatic replication, that would be.... awkward....
I can't use the backup of the server since from what I understand it would likely be older than the default tombstone value of the AD. The backups we have a full system state backups designed to be plastered on top of a new install of the OS in the event of catastrophic failure but I have a feeling using those backups would be just as much of a headache, plus they have a good chance of carrying whatever software glitch caused the problem in the first place.
Last question, am I better to use the same name as before or wipe references to that name and call it something else like Controller3? Looks like more work to rename it but knowing windows I think it may be the better option?