Domain Controller Migration

**Blind** · 9th May 2008, 05:16 PM

To put it mildly, our w2k3 domain controller was built by a lobotomized monkey.

I wish to reuse the server hardware, but I want to reinstall and reconfigure Windows. I've created new DCs before, but I've never had to migrate users or settings from an old one.

I've yet to do any research on what this will entail. (I thought I would ask for tips first)

Any suggestions would be appreciated.

Things like recommendations for third party tools... Should I upgrade to 2008... how this will effect client computers if I want ot keep the same domain name... should I just bring in a consultant group and be done with it...

Thanks.

**Diello** · 9th May 2008, 05:47 PM

Personally stay with W2k3 now - W2k8 can be dealt with later!

Presuming you've only got one DC then? Add your new server to the network as a DC (dcpromo) - you can then move the FSMO roles over to your new DC, then demote your current DC to be a normal server. No migration needed really, no client impact.

...or am I missing the point? It is Friday afternoon after all ;-)

**GlennT** · 9th May 2008, 05:55 PM

Originally Posted by Diello

Personally stay with W2k3 now - W2k8 can be dealt with later!

Presuming you've only got one DC then? Add your new server to the network as a DC (dcpromo) - you can then move the FSMO roles over to your new DC, then demote your current DC to be a normal server. No migration needed really, no client impact.

...or am I missing the point? It is Friday afternoon after all ;-)

I agree, this is the most straight forward way.

**FN-GM** · 9th May 2008, 06:13 PM

Do you want to rebuild the network or replace your domain controllers?

If replace then these will be handy:

http://www.edugeek.net/wiki/index.ph..._DC_to_another
http://www.edugeek.net/wiki/index.ph...tive_Directory

You will need to add the new server as a domain controller and move the roles over to the new server. Once you done that demote the old server. You can do that by going "Start > run > dcpromo"

**Blind** · 14th May 2008, 03:57 PM

Thanks for the info.

I am an idiot and may be missing obvious things, but the only issue that I see with this approach is that I can't add the new server to the domain because I was hoping to use the same hardware except for a new raid install.

**FN-GM** · 14th May 2008, 04:54 PM

You could use a temporary server (standard base unit) or just make a backup and restore it on the modified server. How many domain controllers do you have?

**Blind** · 14th May 2008, 05:06 PM

We have 1 DC(sk3) and 1 file/print server(2k3 r2) and ~200 xp workstations.

I suppose I could make the file server a temporary DC when we only have a handful of people in the building this summer....

Like I said in the OP. DC migration for me is theoretical and I was waiting to do any formal research until getting pointed in the right direction. I truly appreciate all of the assistance.

**GrumbleDook** · 14th May 2008, 07:45 PM

To be honest any reasonable workstation can be made into a temp DC ... I would build 2 to be on the safe side, giving one FSMO roles.

As mentioned above it is not completely clear whether you want to do a complete rebuild on the whole domain or it is just the the install of server 2003 is botched. Partitions too small, etc?

If you want to to a complete domain rebuild then I would do the following.

Get 2 workstations and build them as server 2003 R2 boxes. Add one to the existing domain and make it a DC to ensure you have all areas covered.

The second is used to create a new domain, set up the GPOs etc. Rather than use csvde of ldifde to export teh existing domain accounts and schema I would use the information to build scripts to create accounts etc.

Take the old server offline and rebuild it (don't just demote), adding it as a second DC. Next are things like your file servers ... to deal with orphaned permissions some would first remove the server from the domain, then remove all shares, followed by reseting ACLs back to the local admin account only.

Add the file server into the new domain and then user rmtshare and xcacls to set shares, share permissions and NTFS permissions.

If you just want to rebuild the server itself, then ignore me ... and crack on.

**ranj** · 17th May 2008, 09:29 PM

slight separate question

I have 2 domain controllers in my school, both run 2003 standard edition with SP1, I have not upgraded them as we have no issues (why upgrade if its not broken hey), I just recently added a sharepoint 2007 server and that is running windows 2003 enterprise r2,

Would it be possible for me to add this as a domain controller for redundancy purposes. Would I get any issues because this server is r2, i.e. replication issues.

thanks

**FN-GM** · 17th May 2008, 10:25 PM

No you will have no problems what so ever. You will need to update the domain and forest to R2 though. I can't remember the exact name for this process.

**kmount** · 18th May 2008, 08:55 AM

adprep?

**FN-GM** · 18th May 2008, 12:36 PM

Thats the one!

LinkBack

Thread Tools

Search Thread

Domain Controller Migration

Similar Threads

Terminal Server + Domain Controller ... i know

Domain Controller W2K rebuild

How can i verify if a server is a domain controller

Domain controller not registering as a DC

decommisioning a domain controller

Thread Information

Users Browsing this Thread

Posting Permissions