+ Post New Thread
Results 1 to 6 of 6
Windows Server 2008 Thread, Rebuild DC02 - Advice please! (Server 2008) in Technical; Hi all, Unfortunately, I have to rebuild our 2nd DC and wanted to know if anyone has done this in ...
  1. #1

    Join Date
    Jan 2011
    Location
    Manchester
    Posts
    104
    Thank Post
    21
    Thanked 4 Times in 4 Posts
    Rep Power
    8

    Rebuild DC02 - Advice please! (Server 2008)

    Hi all,

    Unfortunately, I have to rebuild our 2nd DC and wanted to know if anyone has done this in an existing forest? And what I should be aware of when I go ahead and do this. I've got the below to do in steps: -

    1. Run DCPromo, demote the DC
    2. Flatten the Windows server
    3. Ensure that the computer account is removed from the domain
    4. Ensure that DNS is update with all A records and SRV records for DC02
    5. Rebuild the server
    6. Run DCPromo again to install the domain onto new DC02.

    I've got 2 questions with the above - I intend to use the same network details and server name as before after I rebuild the server so when I remove the computer account from the domain, do I add a new computer in the Domain Controller OU and when I run DCPromo again, will it bind the computer object I created in the DC OU?

    Second question, on DC01 do I clear the existing DNS records in the database for DC02 for query and lookup (SRV) or leave as it is if I'm gonna give it the same server name and network details after I reinstall?

    Unfortunately, as DC02 is on another site (failover) it's a physical machine and the organisation at the moment won't pursue a hypervisor at the moment at the site! Maybe with this they will in future but for the time being I have to unfortunately rebuild the physical machine again.

    Any tips would be great.

    Thanks a lot.
    Mo

  2. #2

    Join Date
    Oct 2005
    Posts
    825
    Thank Post
    51
    Thanked 111 Times in 101 Posts
    Rep Power
    63
    Hi Mo,

    Yes - I've rebuilt DCs more times than I care to mention...

    You've got the basic steps there, but I'd do it this way:

    1. Run DCPromo, demote the DC
    1a. Remove DNS
    1b. Allow 24-48 hours if you're in a large forest to ensure that all the changes propogate. (check How to remove completely orphaned Domain Controller to ensure there are no orphaned records)
    2. Ensure that the computer account is removed from the domain
    3. Ensure that DNS is update with all A records and SRV records for DC02
    3a. Run DCDIAG on all remaining DCs to check for any issues.
    4. Flatten the windows server.
    5. Rebuild the server
    6. Run DCPromo again to install the domain onto new DC02.
    7. Set it as a GC - if required.
    8. Wait 24-48 hours for replication.
    9. Check AD is happy - run DCDIAG on all DCs.
    10. If running Exchange, check that it has automatically picked up the new DC (unless you're using static mappings...)

    Delete the old computer account - when you join the new rebuilt server to the domain it will automatically create its own account.

    Any SRV records in DNS should be removed when you demote the server... Let DCPromo do this.

    Cheers,

    A

  3. #3

    Join Date
    Jan 2011
    Location
    Manchester
    Posts
    104
    Thank Post
    21
    Thanked 4 Times in 4 Posts
    Rep Power
    8
    Hi,

    Thanks for your reply and your suggestions :-)

    It isn't a big forest and we're on a single forest and a single domain (60-70 users across 7 sites) both DC01 and DC02 are linked via a WAN link so enough bandwidth on regular intervals to replicate quickly I would've thought. With this setup, how long do you think replication will take after I rebuild the DC02? even though recommended time is waiting 24-48 hours from your experience.

    I will let the adding the DC computer account automatically create and locate it in the domain controllers OU - thanks for clearing that up for me.

    When you say SRV records will be removed by DCPromo, when i demote DC02, will it remove the records automatically? And when i run DCPromo again to promote the DC02, will it automatically apply the SRV records in the database?

    I will also perform DCDiag once everything seems up and can check if all operations are running as it should be.

    Not running exchange, got Exchange running on a separate server, and GC queries contact DC01 (located on same site), Exchange doesn't contact DC02 I believe unless DC01 is unavailable. I'll add DC02 as a GC on sites and services.

    Would I have to create a new site link on sites and services after I demoted the DC as well or leave the current site link?

    Thanks again, much appreciated.
    Mo

  4. #4

    Join Date
    Oct 2005
    Posts
    825
    Thank Post
    51
    Thanked 111 Times in 101 Posts
    Rep Power
    63
    Ah... ok! I assumed as you said Forest that there were multiple remote domains...

    You can check your replication interval in Active Directory Sites and Services - if you've not touched it, then the default is 15 seconds I think under 2008!

    The paranoid part of me would still want to leave it overnight if you've got the luxury of time, but if not, give it an hour and then check DNS and DCDIAG.

    Quote Originally Posted by mo_vigiante
    When you say SRV records will be removed by DCPromo, when i demote DC02, will it remove the records automatically? And when i run DCPromo again to promote the DC02, will it automatically apply the SRV records in the database?
    Yes... in my experience DCPromo will usually remove all the DNS records, but I have seen a few get left behind occasionally. Generally due to dodgy DNS though!

    Quote Originally Posted by mo_vigilante
    Would I have to create a new site link on sites and services after I demoted the DC as well or leave the current site link?
    You can just add the server to the other site.

    Cheers,

    Ant

  5. #5

    Join Date
    Jan 2011
    Location
    Manchester
    Posts
    104
    Thank Post
    21
    Thanked 4 Times in 4 Posts
    Rep Power
    8
    Great stuff! that helps a lot :-)

    My intention is to do this in a day so by late evening server has be re-installed and the DC's are finding it's replication partners.

    I'll let DCPromo handle removing the DNS records and hopefully this won't cause any records being left behind and will get updated once it's been promoted again.

    I'll delete the existing site link and create a new one and wait for replication to happen between the DC's. At the moment, replication is 15 minutes so if it is 15 seconds by default then I'll change this when I create the site link.

    Thanks.
    Mo

  6. #6

    Join Date
    Oct 2005
    Posts
    825
    Thank Post
    51
    Thanked 111 Times in 101 Posts
    Rep Power
    63
    It's a pleasure!

    Cheers,

    A

  7. Thanks to pantscat from:

    mo_vigilante (2nd April 2013)

SHARE:
+ Post New Thread

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •