| Author | Messages | |
r00tb00t
Posts:0
 | | 07/07/2010 10:56 AM |
| The scenario is a small network with only one DC os it is everything,
GC, PDC etc. This DC needs formatting as its partitions are all the
wrong sizes and need re-mapping. Is there anyway this DC can be
formatted, repartitioned and re-set up without ruining the whole
network?
There is another server in this network, an Exchange 2007 SP1 server.
My thoughts are that even though the DC is going to be set up exactly
how it was, same domain name, remake all the same users and GPs etc,
every single machine will need rebinding and every mailbox will need
recreating because the SIDs of the accounts of users and computers
will no longer be valid?
Is there a way of preserving the domain so that a format of the
physical server can be completed and then the domain restored?
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand
Vigesimal, and J others...?
| | | |
| sdelrio
Posts:14
| | 07/07/2010 11:14 AM |
| A system State Backup should help , however I think that the best approach
would be to put an additional Domain controller (Maybe in a VM), move all
the roles , point all the machines to that DC, and when all is working , you
can go ahead to demote the other server. Once it is finished , you can
promote the server again , and move all the roles to this server.
With this option , you would not have a deadtime  and it is the more
secure option.
On Wed, Jul 7, 2010 at 6:58 AM, James Bensley <jwbensley@gmail.com> wrote:
> Sorry, just to clarify its a Windows 2003 R2 Standard x64 DC.
>
> --
> Regards,
> James.
>
> http://www.jamesbensley.co.cc/
>
> There are 10 kinds of people in the world; Those who understand
> Vigesimal, and J others...?
>
>
| | | |
| r00tb00t
Posts:0
| | 07/07/2010 11:19 AM |
| I had contemplated this options but we are trying to source another
server to host the VM in the first place 
I think I would backup the system state, format the server and restore
the data (im reading through this at the minute
http://technet.microsoft.com/en-us/library/cc740010(WS.10).aspx) but
I'm wondering what effect this will have on Exchange and the bound
machines if I don't go down the second DC route?
Does anyone know?
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand
Vigesimal, and J others...?
| | | |
| bijubabuk
Posts:109
| | 07/07/2010 11:39 AM |
| MS recommendation to have minimum 2 DCs for a Domain, and considering
that you have exchange in your organization it won't be such a bad idea
afterall.
Also there are some partition resizing tool available over internet
which can extend partitions online. I think MS diskpart.exe also does
the same but it require the disk to be dynamic disk I think (I don't
remember if it can use to extend Primary partition)
And it's always good to take a backup before you do such an activity
Regards
Disclaimer: All postings are provided "AS IS" with no warranties, and
confer no rights
Biju Babu
IT Technical Analyst, Identity and Service Management
Phone : +91-124-4090264
Rnet : 791-345
Email : biju_babu@cargill.com <mailto:biju_babu@cargill.com>
My working hours are from 11:00 to 19:30 IST (00:30 to 09:00 CST)
P Please consider our environmental responsibility before printing this
e-mail
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of
sebastiandelrio@gmail.com
Sent: Wednesday, July 07, 2010 3:43 PM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] DC Formatting
A system State Backup should help , however I think that the best
approach would be to put an additional Domain controller (Maybe in a
VM), move all the roles , point all the machines to that DC, and when
all is working , you can go ahead to demote the other server. Once it is
finished , you can promote the server again , and move all the roles to
this server.
With this option , you would not have a deadtime and it is the more
secure option.
On Wed, Jul 7, 2010 at 6:58 AM, James Bensley <jwbensley@gmail.com>
wrote:
Sorry, just to clarify its a Windows 2003 R2 Standard x64 DC.
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand
Vigesimal, and J others...?
| | | |
| lovesouthafrica
Posts:75
| | 07/07/2010 1:16 PM |
| Hi James
I would strongly recommend that you not go this route. Too many potential pitfalls. I would propose this solution if a VM hosted solution is not available.
1.) Grab a reasonable powerful pc with 1-2GB of RAM on it. A laptop will suffice in a pinch but rather a workstation
2.) Install Server 2003 R2 onto it
3.) DCPromo this server.
4.) Make it a global catalog server
5.)Install DNS, WINS etc on the Server. Probably DHCP as well
6.) Move all master roles, or FSMO roles, to the new server.
7.) Make the new server the primary DNS and WINS server for the network
8.) Make sure that all works
9.) DCPromo original server down to a member server
10.) Remove original server from the domain.
11.) Format and re-install server with correct partitions etc. Install DNS and Wins etc
12.) dcpromo server to a dc and GC
13.) Move FSMO roles back to the server.
If you can I would strongly recommend leaving the workstation in place as a DC. As Biju stated MS Best practices always require at least 2 dc's for each domain. Also Exchange requires a GC for correct operation. That's why I recommend that the second DC also be a GC.
Regards
Peter Johnson
I.T Architect
United Kingdom:+44 1285 658542
South Africa: +27 11 252 1100
Swaziland: +268 442 7000
Fax:+27 11 974 7130
Mobile: +2783 306 0019
Peter.Johnson@peterstow.com
This email message (including attachments) contains information which may be confidential and/or legally privileged. Unless you are the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message or from any attachments that were sent with this email, and If you have received this email message in error, please advise the sender by email, and delete the message. Unauthorised disclosure and/or use of information contained in this email may result in civil and criminal liability. Everything in this e-mail and attachments relating to the official business of Peterstow Aquapower is proprietary to the company.
Caution should be observed in placing any reliance upon any information contained in this e-mail, which is not intended to be a representation or inducement to make any decision in relation to Peterstow Aquapower. Any decision taken based on the information provided in this e-mail, should only be made after consultation with appropriate legal, regulatory, tax, technical, business, investment, financial, and accounting advisors. Neither the sender of the e-mail, nor Peterstow Aquapower shall be liable to any party for any direct, indirect or consequential damages, including, without limitation, loss of profit, interruption of business or loss of information, data or software or otherwise.
The e-mail address of the sender may not be used, copied, sold, disclosed or incorporated into any database or mailing list for spamming and/or other marketing purposes without the prior consent of Peterstow Aquapower.
No warranties are created or implied that an employee of Peterstow Aquapower and/or a contractor of Peterstow Aquapower is authorized to create and send this e-mail.
-----Original Message-----
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of James Bensley
Sent: 07 July 2010 12:18
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] DC Formatting
I had contemplated this options but we are trying to source another server to host the VM in the first place
I think I would backup the system state, format the server and restore the data (im reading through this at the minute
http://technet.microsoft.com/en-us/library/cc740010(WS.10).aspx) but I'm wondering what effect this will have on Exchange and the bound machines if I don't go down the second DC route?
Does anyone know?
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...?
| | | |
| r00tb00t
Posts:0
| | 07/07/2010 1:30 PM |
| Hi peter,
Yes the more I read the more I am think about either finding a VM host
or fishing out a workstation for temporary use; I will see what I can
do.
Assuming I get something, can you have two GCs in one domain? I.e. If
I get a second box and DCPromo it up to a member server for the
existing domain, then make it a GC, there will be no temporary
conflict of having two active GC servers or can you transfer the role
of GC its self so there is only ever one GC?
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand
Vigesimal, and J others...?
| | | |
| bdesmond
Posts:977
| | 07/07/2010 1:51 PM |
| The global catalog isn't a role per se and you can definitely have more than one. It's actually a good idea generally.
All that said what's so screwed up with the partitions on the box that all this is necessary?
Brian Desmond from my phone
On Jul 7, 2010, at 8:30 AM, "James Bensley" <jwbensley@gmail.com> wrote:
> Hi peter,
>
> Yes the more I read the more I am think about either finding a VM host
> or fishing out a workstation for temporary use; I will see what I can
> do.
>
> Assuming I get something, can you have two GCs in one domain? I.e. If
> I get a second box and DCPromo it up to a member server for the
> existing domain, then make it a GC, there will be no temporary
> conflict of having two active GC servers or can you transfer the role
> of GC its self so there is only ever one GC?
>
>
> --
> Regards,
> James.
>
> http://www.jamesbensley.co.cc/
>
> There are 10 kinds of people in the world; Those who understand
> Vigesimal, and J others...?
>
>
| | | |
| lovesouthafrica
Posts:75
| | 07/07/2010 2:28 PM |
| There is no issue with multiple GC's at all. In fact it is recommended. I have nine myself in my environment.
Regards
Peter Johnson
I.T Architect
United Kingdom:+44 1285 658542
South Africa: +27 11 252 1100
Swaziland: +268 442 7000
Fax:+27 11 974 7130
Mobile: +2783 306 0019
Peter.Johnson@peterstow.com
This email message (including attachments) contains information which may be confidential and/or legally privileged. Unless you are the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message or from any attachments that were sent with this email, and If you have received this email message in error, please advise the sender by email, and delete the message. Unauthorised disclosure and/or use of information contained in this email may result in civil and criminal liability. Everything in this e-mail and attachments relating to the official business of Peterstow Aquapower is proprietary to the company.
Caution should be observed in placing any reliance upon any information contained in this e-mail, which is not intended to be a representation or inducement to make any decision in relation to Peterstow Aquapower. Any decision taken based on the information provided in this e-mail, should only be made after consultation with appropriate legal, regulatory, tax, technical, business, investment, financial, and accounting advisors. Neither the sender of the e-mail, nor Peterstow Aquapower shall be liable to any party for any direct, indirect or consequential damages, including, without limitation, loss of profit, interruption of business or loss of information, data or software or otherwise.
The e-mail address of the sender may not be used, copied, sold, disclosed or incorporated into any database or mailing list for spamming and/or other marketing purposes without the prior consent of Peterstow Aquapower.
No warranties are created or implied that an employee of Peterstow Aquapower and/or a contractor of Peterstow Aquapower is authorized to create and send this e-mail.
-----Original Message-----
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of James Bensley
Sent: 07 July 2010 14:29
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] DC Formatting
Hi peter,
Yes the more I read the more I am think about either finding a VM host or fishing out a workstation for temporary use; I will see what I can do.
Assuming I get something, can you have two GCs in one domain? I.e. If I get a second box and DCPromo it up to a member server for the existing domain, then make it a GC, there will be no temporary conflict of having two active GC servers or can you transfer the role of GC its self so there is only ever one GC?
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...?
| | | |
| pbbergs
Posts:281
| | 07/07/2010 2:44 PM |
| " All that said what's so screwed up with the partitions on the box that all this is necessary? "
Yeah, I wondered that as well.
James,
What exactly is going on within your environment. If you detailed it there might things to do that can make it easier for you.
Thanks
Paul
-----Original Message-----
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Wednesday, July 07, 2010 7:50 AM
To: <activedir@mail.activedir.org>
Subject: Re: [ActiveDir] DC Formatting
The global catalog isn't a role per se and you can definitely have more than one. It's actually a good idea generally.
All that said what's so screwed up with the partitions on the box that all this is necessary?
Brian Desmond from my phone
On Jul 7, 2010, at 8:30 AM, "James Bensley" <jwbensley@gmail.com> wrote:
> Hi peter,
>
> Yes the more I read the more I am think about either finding a VM host
> or fishing out a workstation for temporary use; I will see what I can
> do.
>
> Assuming I get something, can you have two GCs in one domain? I.e. If
> I get a second box and DCPromo it up to a member server for the
> existing domain, then make it a GC, there will be no temporary
> conflict of having two active GC servers or can you transfer the role
> of GC its self so there is only ever one GC?
>
>
> --
> Regards,
> James.
>
> http://www.jamesbensley.co.cc/
>
> There are 10 kinds of people in the world; Those who understand
> Vigesimal, and J others...?
>
>
| | | |
| Bitzie
Posts:251
| | 07/07/2010 2:46 PM |
| Alternative view from the SBS world where you don't reformat the DC,
just repartition it.
1. back it up, try gparted or other disk partitioning tools to expand
the partitions.
2. back it up and use Storagecraft to restore it and expand the
partitions in the process.
Sebastian del Rio wrote:
> A system State Backup should help , however I think that the best
> approach would be to put an additional Domain controller (Maybe in a
> VM), move all the roles , point all the machines to that DC, and when
> all is working , you can go ahead to demote the other server. Once it
> is finished , you can promote the server again , and move all the
> roles to this server.
>
> With this option , you would not have a deadtime and it is the more
> secure option.
>
>
> On Wed, Jul 7, 2010 at 6:58 AM, James Bensley <jwbensley@gmail.com
> <mailto:jwbensley@gmail.com>> wrote:
>
> Sorry, just to clarify its a Windows 2003 R2 Standard x64 DC.
>
> --
> Regards,
> James.
>
> http://www.jamesbensley.co.cc/
>
> There are 10 kinds of people in the world; Those who understand
> Vigesimal, and J others...?
>
>
| | | |
| r00tb00t
Posts:0
| | 07/07/2010 3:04 PM |
| Well thanks to all for clearing that stuff up about CGs; I assume they
will store the same information but provide redundancy so if I set up
a second DC, the first one can go down without affecting the users and
I can repartition it freely?
Brian; the C: drive is out of space as in an other partition, but
others have loads left, poor planning at initial deployment of the
server is to blame but this was about 3 years ago and since then
unexpected growth has occurred over %100 so I partly take
responsibility for the poor planning, and partly don't
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand
Vigesimal, and J others...?
| | | |
| TG
Posts:298
| | 07/07/2010 3:39 PM |
| Granted, you need the second Domain Controller regardless.
But if you need to buy some time, there are a few things you can do (maybe
you have already done them, but just in case). You can move the page file
to a partition with more space. I believe you can move the dit file as
well.
Thank you, Tony.
Tony Gordon
Windows 2003 & 2000 MCSE, Windows 2003 MCSA, PMP
ITS Infrastructure Engineering
Tel 847.295.5000 x37892 | Fax 847.883.7892
tony dot gordon at hewitt dot tld | www.hewitt.com
P Please consider the environment before printing this e-mail.
From:
"James Bensley" <jwbensley@gmail.com>
To:
activedir@mail.activedir.org
Date:
07/07/2010 09:03 AM
Subject:
Re: [ActiveDir] DC Formatting
Sent by:
activedir-owner@mail.activedir.org
Well thanks to all for clearing that stuff up about CGs; I assume they
will store the same information but provide redundancy so if I set up
a second DC, the first one can go down without affecting the users and
I can repartition it freely?
Brian; the C: drive is out of space as in an other partition, but
others have loads left, poor planning at initial deployment of the
server is to blame but this was about 3 years ago and since then
unexpected growth has occurred over %100 so I partly take
responsibility for the poor planning, and partly don't
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand
Vigesimal, and J others...?
The information contained in this e-mail and any accompanying documents may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message, including any attachments. Any dissemination, distribution or other use of the contents of this message by anyone other than the intended recipient is strictly prohibited. All messages sent to and from this e-mail address may be monitored as permitted by applicable law and regulations to ensure compliance with our internal policies and to protect our business. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, lost or destroyed, or contain viruses. You are deemed to have accepted these risks if you communicate with us by e-mail.
| | | |
| r00tb00t
Posts:0
| | 07/08/2010 11:18 AM |
| Thanks for the suggestions Tony; yeah I have moved the page file and some
other bits and bobs. Didn't know you could move the AD DB file though?
Can anyone clarify I have this procedure correct and in the correct order;
(I've got a second server)
1- Set up the second server
2- Join to domain
3- DCPromo up to a DC
4- Somehow set up GC as well (This bit confuses be, after using DCPromo, how
can I set up GC on here as well and set it to replicate from the existing GC
on the first DC, is there a Technet article on this to save you all some
typing?)
5-Migrate DNS across (DHCP is else where) - (Again, is there a Technet
article on this to save you all some typing)
6-Migrate across FSMO roles (as there is currently a single DC in a single
domain in a single forest I would be correct in assuming all five FSMO roles
are on the existing DC and need migrating? Also again, can anyone point me
to a Technet article?)
7-Now I am free to decommission the first DC yes? As in I can shut it down
and everything should continue to run smoothly?
8-Then repeat the process with the first DC, set up it, bind to the domain,
DCPromo, reinstate the GC role, migrate DNS back across, migrate FSMO roles
etc?
Also, seeing as I am being gifted with two servers I might as well get what
I can in terms of redundancy. What would be a good course of action here;
i.e. leave DNS running on the second DC as a backup but reinstate the
original DC as the primary DNS server, and with the GC, reinstate the
original server as the GC but keep the second one as a replica for
redundancy; can any FSMO roles be replicated to the second DC so that should
the first one go off line everything can run temporarily?
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand Vigesimal,
and J others...?
| | | |
| lovesouthafrica
Posts:75
| | 07/08/2010 11:41 AM |
| Hi James
Looks good
1.) Make a DC a GC by selecting the setting under NTDS settings in Sites and Services
2.) FSMO roles moving: http://support.microsoft.com/kb/324801
3.) Install DNS on new server. If the zone is set to replicate to all DC's it should do this automatically
4.) Make sure new server is the primary DNS server in you IP address settings in DHCP
Regards
[cid:image001.jpg@01CB1E99.D9880230]
Peter Johnson
I.T Architect
United Kingdom: +44 1285 658542
South Africa: +27 11 252 1100
Swaziland: +268 442 7000
Fax:+27 11 974 7130
Mobile: +2783 306 0019
Peter.Johnson@peterstow.com
This email message (including attachments) contains information which may be confidential and/or legally privileged. Unless you are the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message or from any attachments that were sent with this email, and If you have received this email message in error, please advise the sender by email, and delete the message. Unauthorised disclosure and/or use of information contained in this email may result in civil and criminal liability. Everything in this e-mail and attachments relating to the official business of Peterstow Aquapower is proprietary to the company.
Caution should be observed in placing any reliance upon any information contained in this e-mail, which is not intended to be a representation or inducement to make any decision in relation to Peterstow Aquapower. Any decision taken based on the information provided in this e-mail, should only be made after consultation with appropriate legal, regulatory, tax, technical, business, investment, financial, and accounting advisors. Neither the sender of the e-mail, nor Peterstow Aquapower shall be liable to any party for any direct, indirect or consequential damages, including, without limitation, loss of profit, interruption of business or loss of information, data or software or otherwise.
The e-mail address of the sender may not be used, copied, sold, disclosed or incorporated into any database or mailing list for spamming and/or other marketing purposes without the prior consent of Peterstow Aquapower.
No warranties are created or implied that an employee of Peterstow Aquapower and/or a contractor of Peterstow Aquapower is authorized to create and send this e-mail.
[cid:image002.jpg@01CB1E99.D9880230]
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of James Bensley
Sent: 08 July 2010 12:16
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] DC Formatting
Thanks for the suggestions Tony; yeah I have moved the page file and some other bits and bobs. Didn't know you could move the AD DB file though?
Can anyone clarify I have this procedure correct and in the correct order; (I've got a second server)
1- Set up the second server
2- Join to domain
3- DCPromo up to a DC
4- Somehow set up GC as well (This bit confuses be, after using DCPromo, how can I set up GC on here as well and set it to replicate from the existing GC on the first DC, is there a Technet article on this to save you all some typing?)
5-Migrate DNS across (DHCP is else where) - (Again, is there a Technet article on this to save you all some typing)
6-Migrate across FSMO roles (as there is currently a single DC in a single domain in a single forest I would be correct in assuming all five FSMO roles are on the existing DC and need migrating? Also again, can anyone point me to a Technet article?)
7-Now I am free to decommission the first DC yes? As in I can shut it down and everything should continue to run smoothly?
8-Then repeat the process with the first DC, set up it, bind to the domain, DCPromo, reinstate the GC role, migrate DNS back across, migrate FSMO roles etc?
Also, seeing as I am being gifted with two servers I might as well get what I can in terms of redundancy. What would be a good course of action here; i.e. leave DNS running on the second DC as a backup but reinstate the original DC as the primary DNS server, and with the GC, reinstate the original server as the GC but keep the second one as a replica for redundancy; can any FSMO roles be replicated to the second DC so that should the first one go off line everything can run temporarily?
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...?
| | | |
| pbbergs
Posts:281
| | 07/08/2010 1:29 PM |
| How to decommission a dc
http://www.pbbergs.com/windows/articles/DecommissionDC.html
Thanks
Paul
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of James Bensley
Sent: Thursday, July 08, 2010 5:16 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] DC Formatting
Thanks for the suggestions Tony; yeah I have moved the page file and some other bits and bobs. Didn't know you could move the AD DB file though?
Can anyone clarify I have this procedure correct and in the correct order; (I've got a second server)
1- Set up the second server
2- Join to domain
3- DCPromo up to a DC
4- Somehow set up GC as well (This bit confuses be, after using DCPromo, how can I set up GC on here as well and set it to replicate from the existing GC on the first DC, is there a Technet article on this to save you all some typing?)
5-Migrate DNS across (DHCP is else where) - (Again, is there a Technet article on this to save you all some typing)
6-Migrate across FSMO roles (as there is currently a single DC in a single domain in a single forest I would be correct in assuming all five FSMO roles are on the existing DC and need migrating? Also again, can anyone point me to a Technet article?)
7-Now I am free to decommission the first DC yes? As in I can shut it down and everything should continue to run smoothly?
8-Then repeat the process with the first DC, set up it, bind to the domain, DCPromo, reinstate the GC role, migrate DNS back across, migrate FSMO roles etc?
Also, seeing as I am being gifted with two servers I might as well get what I can in terms of redundancy. What would be a good course of action here; i.e. leave DNS running on the second DC as a backup but reinstate the original DC as the primary DNS server, and with the GC, reinstate the original server as the GC but keep the second one as a replica for redundancy; can any FSMO roles be replicated to the second DC so that should the first one go off line everything can run temporarily?
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...?
| | | |
| kevinrjames
Posts:35
| | 07/08/2010 5:40 PM |
| Should already know if the DC has Certificate Services on it, but better
to check for it in advance.
/kj
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Paul Bergson
(ALLETE)
Sent: Thursday, July 08, 2010 5:27 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] DC Formatting
How to decommission a dc
http://www.pbbergs.com/windows/articles/DecommissionDC.html
Thanks
Paul
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of James Bensley
Sent: Thursday, July 08, 2010 5:16 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] DC Formatting
Thanks for the suggestions Tony; yeah I have moved the page file and
some other bits and bobs. Didn't know you could move the AD DB file
though?
Can anyone clarify I have this procedure correct and in the correct
order; (I've got a second server)
1- Set up the second server
2- Join to domain
3- DCPromo up to a DC
4- Somehow set up GC as well (This bit confuses be, after using DCPromo,
how can I set up GC on here as well and set it to replicate from the
existing GC on the first DC, is there a Technet article on this to save
you all some typing?)
5-Migrate DNS across (DHCP is else where) - (Again, is there a Technet
article on this to save you all some typing)
6-Migrate across FSMO roles (as there is currently a single DC in a
single domain in a single forest I would be correct in assuming all five
FSMO roles are on the existing DC and need migrating? Also again, can
anyone point me to a Technet article?)
7-Now I am free to decommission the first DC yes? As in I can shut it
down and everything should continue to run smoothly?
8-Then repeat the process with the first DC, set up it, bind to the
domain, DCPromo, reinstate the GC role, migrate DNS back across, migrate
FSMO roles etc?
Also, seeing as I am being gifted with two servers I might as well get
what I can in terms of redundancy. What would be a good course of action
here; i.e. leave DNS running on the second DC as a backup but reinstate
the original DC as the primary DNS server, and with the GC, reinstate
the original server as the GC but keep the second one as a replica for
redundancy; can any FSMO roles be replicated to the second DC so that
should the first one go off line everything can run temporarily?
--
Regards,
James.
http://www.jamesbensley.co.cc/
There are 10 kinds of people in the world; Those who understand
Vigesimal, and J others...?
Sent to activedir@mail.activedir.org from Kevin R. James
Virus scanned by GFI MailSecurity 8/7/2010
| | | |
|
|