This is almost correct. You need to update your existing 2003 PDC Schema first, before adding any 2008 server to your domain. Server 2003 is Schema 30 and Server 2003 R2 is Schema 31. 2008 Server is Schema 44, so quite a big difference.Quote:
1.install server 2008
2.run the following commands on my 2 2003 dc's
adprep /domainprep /gprep
3.run through dcpromo on my 2008 dc
4.get a cup or coffee and enjoy my success
If you don't do it this way round, you'll get lots of errors as the Schemas will be different versions.
- Take a full backup (including System State) of your existing 2003 PDC
- Update existing 2003 PDC Schema to 44. You aren't required to do this on any other domain controller
- Join the 2008 Server to the domain
- Promote 2008 Server as a domain controller, including DNS
- Either migrate DHCP or create a secondary DHCP Server for redundancy
- Force Replication through Sites and Services manually
- Migrate all FSMO roles
- Force Replication again through Sites and Services manually
- Either leave the 2003 Server as a BDC, or demote it to a member server
- Get a cup of coffee and enjoy your success
Will you have any downtime? Not much if done properly, however you will require reboots to join the 2008 Server to the domain and promote it to a DC; you'll also need to reboot your 2003 Server, if you decide to demote it to a member server.
oh dear this is confusing but i'm getting there :)
how do i Force Replication through Sites and Services manually? just a dos command i'm guessing or a button.
other than that step i think i'm ready to give this whole process a go :)
right well i have offically finished and managed update the schema and add the new 2008 server and make it pdc :) all working :)
Having a bit of trouble with moving dhcp but well i can figure that out :)
Thanks for all the help
Did the schema updates take seconds as anticipated?
the forestprep took quite a long time (well 30 minutes) but the others only took a few minutes. In the end the whole process was very easy and actually quite quick.
Thanks for this, I will be doing this at some point.
Just wondering whether to go with 2008 or 2008 R2 now.
I'm guessing we need those DC's to be able to run windows 7 properly as clients.
If you want my opinion, hold off from 2008 R2 until at least early next year. There are lots of reports of 'quirks' with it, but I'm sure in time these will be ironed out.
A good example of this is WSUS 3.0 SP2 (which has or is going to be released) to make it compatible with 2008 R2.
There's bound to be problems with third party software when using software that has just gone RTM I think it's good advice to wait for a while and let MS iron out these issues, I think i'll stick with 2008 for now having seen the number of issues reported here.
We have just introduced two 2008 R2 DC's to our previous 2k domain. Our schema went from a level of 13 to 47! Rather substantial upgrade.
Have had no problems so far and are nearly at the point where we can demote our 4 2k DC's.
The only server we won't be running R2 on is our support server, exchange and ISA. Our support server will be running SCCM, ePo4, helpdesk etc... so want to avoid incompatibilities that will inevitably be there, especially with WSUS.
But not had any problems with R2 as of yet. Fingers crossed.
Just out of interest, has anyone had any problems with CMIS on R2? Or indeed SQL 2008? We had some feedback saying to avoid sql 2008 as there are still some quirks that should be avoided...
I have asked the question of Serco about 2008 R2 Support, they support 2008 but I said they should look into R2 especially the SSO stuff as that seems to be a common thing that is failing with other items that use the DCs. So I am awaiting hearing back from Serco. I am not rushing to 2008 R2 for my Serco box, it can stay on 2003 for now. So long as its 2008 R2 supported by summer next year when I replace the box (unless I bring that forth to help some of our issues....)
Could you not just move that box to 2008 john? What's the need for R2 on the Serco box?
Generally (as a recommendation) you should join a new server to the domain and then promote it to a domain controller. At this point you should make sure DNS is correct. The server should point to itself first, then a secondary DNS server, then external DNS servers.
You also need to add it to DHCP Server so machines know where to look when you migrate FSMO roles. In doing this you should receive no DNS errors whatsoever.
Any reason why you wouldn't run login scripts from within NETLOGON? If you stored scripts within a share, what were you using NETLOGON for (if anything)? :)