List Archives

This forum is an archive of all posts to our mailing list over the past few years. The forum is set read only therefore to contribute you will need to join our list community. See more info about this here.

When subscribed to the list you should use your standard email client to send your posts to ActiveDir@mail.activedir.org.

List Archives

Unanswered Active Topics

Forums Search

Forums >ActiveDir Mail List Archive >List Archives

Subject: thnaks Re: [ActiveDir] moving my win2003 ADS to another machine

Prev Next

You are not authorized to post a reply.

Author

Messages

sbdcunha

Posts:52

05/20/2010 7:02 AM
Dear Rich, million thanks for the quick and wonderful reply. I really do apprecite you help I will try and do as per your email once and thank you so much and god bless you Regards simon > Have you configured your DNS zones to be AD-integrated, or file-based > primary and secondaries? (If you're not sure, right-click the forward > lookup zone, choose properties and look at the general tab. Or run > dnscmd /enumzones > from a command prompt on the "primary" DC. > > If you have done that, then you can install the new server, dcpromo it > to be another DC, install DNS, and switch IPs with the old primary DC. > Move the FSMO roles over Ώ], make sure you configure a time source > ΐ], make sure your DNS records reflect the new DC with correct IP in > all the various places including in the _msdcs zone, and you should be > good Α]. It's not that tough, I've moved both DCs in a two-DC domain > in 2 hours doing it this way. The DC name(s) will be different, but > the IP is all the DNS clients are looking for. > > Just an aside - you should strongly consider running WSUS on a > different server, and not on your DC. Perhaps you can demote your > primary DC after replacing it, and use WSUS off it. Best practices > indicate purpose-built dedicated DCs that don't have other services or > apps stacked on them. > > Rich > > Ώ] an easy way to transfer FSMO roles all at once is to use admod > from joeware.net. You need to get the domain SID to move the PDC > emulator role: > admod -sc xferschema > admod -sc xferrid > admod -sc xferim > admod -sc xferdm > admod -sc xferpdc:<domainsid> > > Or you can follow this guide: > http://www.petri.co.il/transferring_fsmo_roles.htm > > ΐ] Here's a good way to ensure the PDCe is always configured, using GPO: > http://blogs.technet.com/askds/archive/2008/11/13/configuring-an-authoritative-time-server-with-group-policy-using-wmi-filtering.aspx > > Or you can use > w32tm /config /manualpeerlist:peers /syncfromflags:manual /reliable:yes > /update > to do it manually on the PDCe role holder. > Make sure you run: > w32tm /config /syncfromflags:domhier /update > on the old server after you move the PDCe role off it to cause it to > get time from the new PDCe. And of course, restart the time service > (net stop w32time && net start w32time) > > Α] The server will re-register the new IPs in DNS if it reboots, or > by running ipconfig /registerdns > > 2010/5/19 Benedict simon <simon@kmun.gov.kw>: >> >> Dear All, >> >> I have already 2 win2003 AD server in my organistion details are as >> below >> and so far working perfect >> >> the first DC which i have installed is >> >> win2003 AD acting as my primary DNS server >> WSUS server >> >> I have another server which is my second replica DC in my existing >> domain >> which has >> >> win2003 AD and a secondary DNS server >> >> >> Now I am getting a new powerful server which I would want to be the >> first >> DC and have the same IP address as my first DC so i dont need to change >> the DNS setting in all my clients >> >> Also move my WSUS server and data to the new machine and probably retire >> the current first dc machine >> >> Apprecite if you can help me with your advice and suggestions >> >> really would like some examples or links as to how I could achieve this >> >> dont have exchange running here >> >> >> Thanks and Regards >> >> >> Simon >> >> >> >> >> >> -- >> Network ADMIN >> ------------- >> KUWAIT MUNICIPALITY: >> >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> >> >> > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > -- Network ADMIN ------------- KUWAIT MUNICIPALITY: -- Network ADMIN ------------- KUWAIT MUNICIPALITY: -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.

You are not authorized to post a reply.

Forums >ActiveDir Mail List Archive >List Archives > thnaks Re: [ActiveDir] moving my win2003 ADS to another machine

ActiveForums 3.7

Syndicate

Friends

List Archives

List Archives

Friends

Members

Articles

Related Links

Ads