| Author | Messages | |
cvaz
Posts:7
 | | 12/02/2008 8:07 AM |
| Hi, sorry for the off-topic message but I need some help here.
Is there any steps that should be taken to replace a failing network card on
a domain controller?
--
Thanks,
Carlos Vaz
(\__/)
(='.'=) This is Bunny. Copy and paste bunny into your
(")_(") signature to help him gain world domination.
| | | |
| kennedyjim
Posts:65
| | 12/02/2008 9:46 AM |
| I would transfer any FSMO roles it might have off temporarily, in case it blue screens on restart because of a hardware glitch with the new nic. Going to assume you have AD system state backups already. Leave the network cable unplugged when you fire it back up just to make sure you get the same IP address assigned.....
I don't see this as a big deal, just being careful.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Carlos Vaz
Sent: Tuesday, December 02, 2008 8:04 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
Hi, sorry for the off-topic message but I need some help here.
Is there any steps that should be taken to replace a failing network card on a domain controller?
--
Thanks,
Carlos Vaz
(\__/)
(='.'=) This is Bunny. Copy and paste bunny into your
(")_(") signature to help him gain world domination.
| | | |
| sbradcpa
Posts:496
| | 12/02/2008 10:39 AM |
| http://msmvps.com/blogs/bradley/archive/2006/08/02/106591.aspx
In the pre 2k3 era we've done a "loopback" trick to hold the IP
bindings. In the larger spaces do the FSMO moving, but 2k3 era it's not
been the issue like it was in the past.
Kennedy, Jim wrote:
>
> I would transfer any FSMO roles it might have off temporarily, in case
> it blue screens on restart because of a hardware glitch with the new
> nic. Going to assume you have AD system state backups already. Leave
> the network cable unplugged when you fire it back up just to make sure
> you get the same IP address assigned…..
>
> I don’t see this as a big deal, just being careful.
>
> *From:* ActiveDir-owner@mail.activedir.org
> [mailto:ActiveDir-owner@mail.activedir.org] *On Behalf Of *Carlos Vaz
> *Sent:* Tuesday, December 02, 2008 8:04 AM
> *To:* ActiveDir@mail.activedir.org
> *Subject:* [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Hi, sorry for the off-topic message but I need some help here.
> Is there any steps that should be taken to replace a failing network
> card on a domain controller?
>
>
>
>
>
> --
> Thanks,
>
>
>
> Carlos Vaz
>
> (\__/)
> (='.'=) This is Bunny. Copy and paste bunny into your
> (")_(") signature to help him gain world domination.
>
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| deji
Posts:259
| | 12/02/2008 11:45 AM |
| I seriously hope that "transfer FSMO off" is not going to be the new "XYZ needs WINS".
DCs are not THAT important unless you only have one of it (or one of it for a particular site where it is required by something, or you are in large, distributed org, etc).
FSMO roles are even less delicate than a temporarily absent DC. Your infra will SURVIVE the temporary absence of any and all of the roles unless you are really in the middle of something as big as infrastructural changes.
I am not saying don't take care of your FSMO-holding DCs, but I'd hate to see the cautious "Tranfer FSMO" get into the "don't touch that DC unless you move its FSMO roles off" extreme, and I consider this scenario to be one of those.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name<http://www.akomolafe.name/> - we know IT
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
________________________________
From: ActiveDir-owner@mail.activedir.org [ActiveDir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim [kennedyjim@elyriaschools.org]
Sent: Tuesday, December 02, 2008 6:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
I would transfer any FSMO roles it might have off temporarily, in case it blue screens on restart because of a hardware glitch with the new nic. Going to assume you have AD system state backups already. Leave the network cable unplugged when you fire it back up just to make sure you get the same IP address assigned…..
I don’t see this as a big deal, just being careful.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Carlos Vaz
Sent: Tuesday, December 02, 2008 8:04 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
Hi, sorry for the off-topic message but I need some help here.
Is there any steps that should be taken to replace a failing network card on a domain controller?
--
Thanks,
Carlos Vaz
(\__/)
(='.'=) This is Bunny. Copy and paste bunny into your
(")_(") signature to help him gain world domination.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| listmail
Posts:763
| | 12/02/2008 11:53 AM |
| Why not? What is the pain in moving the roles?
The mitigation is nearly non-existent next to the risk. What is the risk?
Lack of transparency. If you reboot and say the PDC doesn't come back right
away, there is the possibility of things that normally function in some
certain fashion will not function in that certain fashion and cause support
tickets to pop let alone monitoring going, hey the PDC is gone!!!
This is such an incredibly simple thing to avoid and it isn't anything like
XYZ needs WINS.
Those of use who live in Ops and have lived in Ops for years and years and
have moved a role holder only to see it not come back from the bounce and
then say, damn, I should have moved the FSMO first and I didn't so now I
have to deal with it prefer to not have to deal with it.
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad3e.htm
-----Original Message-----
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, December 02, 2008 11:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
I seriously hope that "transfer FSMO off" is not going to be the new "XYZ
needs WINS".
DCs are not THAT important unless you only have one of it (or one of it for
a particular site where it is required by something, or you are in large,
distributed org, etc).
FSMO roles are even less delicate than a temporarily absent DC. Your infra
will SURVIVE the temporary absence of any and all of the roles unless you
are really in the middle of something as big as infrastructural changes.
I am not saying don't take care of your FSMO-holding DCs, but I'd hate to
see the cautious "Tranfer FSMO" get into the "don't touch that DC unless you
move its FSMO roles off" extreme, and I consider this scenario to be one of
those.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23 Do
you now realize that Today is the Tomorrow you were worried about Yesterday?
-anon ________________________________
From: ActiveDir-owner@mail.activedir.org
[ActiveDir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
[kennedyjim@elyriaschools.org]
Sent: Tuesday, December 02, 2008 6:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
I would transfer any FSMO roles it might have off temporarily, in case it
blue screens on restart because of a hardware glitch with the new nic. Going
to assume you have AD system state backups already. Leave the network cable
unplugged when you fire it back up just to make sure you get the same IP
address assigned...
I don't see this as a big deal, just being careful.
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Carlos Vaz
Sent: Tuesday, December 02, 2008 8:04 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
Hi, sorry for the off-topic message but I need some help here.
Is there any steps that should be taken to replace a failing network card on
a domain controller?
--
Thanks,
Carlos Vaz
(\__/)
(='.'=) This is Bunny. Copy and paste bunny into your
(")_(") signature to help him gain world domination.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| deji
Posts:259
| | 12/02/2008 12:19 PM |
| Honestly, joe, even in your large org, which of these roles is so critical that the org cannot survive its temporary loss in the NORMAL course of operations?
Again, bear in mind that I am not advocating against role transfer, but against preaching role transfer everytime someone sneezes near the DC just gives the impression that FSMO roles are so delicate that the continued existence or well-being of an infrastructure depend on their constant availability. I am saying that this is not true.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name - we know IT
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
________________________________________
From: ActiveDir-owner@mail.activedir.org [ActiveDir-owner@mail.activedir.org] On Behalf Of joe [listmail@joeware.net]
Sent: Tuesday, December 02, 2008 8:48 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
Why not? What is the pain in moving the roles?
The mitigation is nearly non-existent next to the risk. What is the risk?
Lack of transparency. If you reboot and say the PDC doesn't come back right
away, there is the possibility of things that normally function in some
certain fashion will not function in that certain fashion and cause support
tickets to pop let alone monitoring going, hey the PDC is gone!!!
This is such an incredibly simple thing to avoid and it isn't anything like
XYZ needs WINS.
Those of use who live in Ops and have lived in Ops for years and years and
have moved a role holder only to see it not come back from the bounce and
then say, damn, I should have moved the FSMO first and I didn't so now I
have to deal with it prefer to not have to deal with it.
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad3e.htm
-----Original Message-----
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, December 02, 2008 11:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
I seriously hope that "transfer FSMO off" is not going to be the new "XYZ
needs WINS".
DCs are not THAT important unless you only have one of it (or one of it for
a particular site where it is required by something, or you are in large,
distributed org, etc).
FSMO roles are even less delicate than a temporarily absent DC. Your infra
will SURVIVE the temporary absence of any and all of the roles unless you
are really in the middle of something as big as infrastructural changes.
I am not saying don't take care of your FSMO-holding DCs, but I'd hate to
see the cautious "Tranfer FSMO" get into the "don't touch that DC unless you
move its FSMO roles off" extreme, and I consider this scenario to be one of
those.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23 Do
you now realize that Today is the Tomorrow you were worried about Yesterday?
-anon ________________________________
From: ActiveDir-owner@mail.activedir.org
[ActiveDir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
[kennedyjim@elyriaschools.org]
Sent: Tuesday, December 02, 2008 6:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
I would transfer any FSMO roles it might have off temporarily, in case it
blue screens on restart because of a hardware glitch with the new nic. Going
to assume you have AD system state backups already. Leave the network cable
unplugged when you fire it back up just to make sure you get the same IP
address assigned...
I don't see this as a big deal, just being careful.
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Carlos Vaz
Sent: Tuesday, December 02, 2008 8:04 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
Hi, sorry for the off-topic message but I need some help here.
Is there any steps that should be taken to replace a failing network card on
a domain controller?
--
Thanks,
Carlos Vaz
(\__/)
(='.'=) This is Bunny. Copy and paste bunny into your
(")_(") signature to help him gain world domination.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspxList info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| kennedyjim
Posts:65
| | 12/02/2008 12:48 PM |
| I never said a thing about FSMO's being delicate and I gave no such impression. I did however imply that NIC drivers do sometimes blue screen a server. I would rather not seize a role if it can be avoided by simple easy process.
> -----Original Message-----
> From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-
> owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
> Sent: Tuesday, December 02, 2008 12:11 PM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Honestly, joe, even in your large org, which of these roles is so
> critical that the org cannot survive its temporary loss in the NORMAL
> course of operations?
>
> Again, bear in mind that I am not advocating against role transfer, but
> against preaching role transfer everytime someone sneezes near the DC
> just gives the impression that FSMO roles are so delicate that the
> continued existence or well-being of an infrastructure depend on their
> constant availability. I am saying that this is not true.
>
>
> Sincerely,
> _____
> (, / | /) /) /)
> /---| (/_ ______ ___// _ // _
> ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
> (_/ /)
> (/
> Microsoft MVP - Directory Services
> www.akomolafe.name - we know IT
> -5.75, -3.23
> Do you now realize that Today is the Tomorrow you were worried about
> Yesterday? -anon
> ________________________________________
> From: ActiveDir-owner@mail.activedir.org [ActiveDir-
> owner@mail.activedir.org] On Behalf Of joe [listmail@joeware.net]
> Sent: Tuesday, December 02, 2008 8:48 AM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Why not? What is the pain in moving the roles?
>
> The mitigation is nearly non-existent next to the risk. What is the
> risk?
> Lack of transparency. If you reboot and say the PDC doesn't come back
> right
> away, there is the possibility of things that normally function in some
> certain fashion will not function in that certain fashion and cause
> support
> tickets to pop let alone monitoring going, hey the PDC is gone!!!
>
> This is such an incredibly simple thing to avoid and it isn't anything
> like
> XYZ needs WINS.
>
> Those of use who live in Ops and have lived in Ops for years and years
> and
> have moved a role holder only to see it not come back from the bounce
> and
> then say, damn, I should have moved the FSMO first and I didn't so now
> I
> have to deal with it prefer to not have to deal with it.
>
> joe
>
>
>
> --
> O'Reilly Active Directory Fourth Edition -
> http://www.joeware.net/win/ad3e.htm
>
>
> -----Original Message-----
> From: ActiveDir-owner@mail.activedir.org
> [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Akomolafe,
> Deji
> Sent: Tuesday, December 02, 2008 11:40 AM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> I seriously hope that "transfer FSMO off" is not going to be the new
> "XYZ
> needs WINS".
>
> DCs are not THAT important unless you only have one of it (or one of it
> for
> a particular site where it is required by something, or you are in
> large,
> distributed org, etc).
>
> FSMO roles are even less delicate than a temporarily absent DC. Your
> infra
> will SURVIVE the temporary absence of any and all of the roles unless
> you
> are really in the middle of something as big as infrastructural
> changes.
>
> I am not saying don't take care of your FSMO-holding DCs, but I'd hate
> to
> see the cautious "Tranfer FSMO" get into the "don't touch that DC
> unless you
> move its FSMO roles off" extreme, and I consider this scenario to be
> one of
> those.
>
>
> Sincerely,
> _____
> (, / | /) /) /)
> /---| (/_ ______ ___// _ // _
> ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
> (_/ /)
> (/
> Microsoft MVP - Directory Services
> www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -
> 3.23 Do
> you now realize that Today is the Tomorrow you were worried about
> Yesterday?
> -anon ________________________________
> From: ActiveDir-owner@mail.activedir.org
> [ActiveDir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
> [kennedyjim@elyriaschools.org]
> Sent: Tuesday, December 02, 2008 6:40 AM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> I would transfer any FSMO roles it might have off temporarily, in case
> it
> blue screens on restart because of a hardware glitch with the new nic.
> Going
> to assume you have AD system state backups already. Leave the network
> cable
> unplugged when you fire it back up just to make sure you get the same
> IP
> address assigned...
>
> I don't see this as a big deal, just being careful.
>
>
> From: ActiveDir-owner@mail.activedir.org
> [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Carlos Vaz
> Sent: Tuesday, December 02, 2008 8:04 AM
> To: ActiveDir@mail.activedir.org
> Subject: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Hi, sorry for the off-topic message but I need some help here.
> Is there any steps that should be taken to replace a failing network
> card on
> a domain controller?
>
>
>
>
>
> --
> Thanks,
>
>
>
> Carlos Vaz
>
> (\__/)
> (='.'=) This is Bunny. Copy and paste bunny into your
> (")_(") signature to help him gain world domination.
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ma/default.aspx
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ma/default.aspxList info :
> http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| listmail
Posts:763
| | 12/02/2008 1:51 PM |
| Actually that would be large orgS with an S. I deal with several large orgs
professionally and then unofficially help lots of other folks.
Exactly, it isn't about being delicate, but it is about transparency and
possible risk. It is generally safe to jaywalk but the more well thought out
folks will likely go to the cross walk where the risk is even less. I am not
saying that you Deji, if you do any real support of any DCs has to move the
roles prior to bouncing a box. But it is something I recommend to folks out
there looking for recommendation because there is a distinct possibility of
a machine not coming back up and if that happens, it will make something
that should seem transparent, not so transparent. Its just like why people
will create a backup or restore point when performing updates, it likely
isn't going to cause an issue but it is painless work that can really help
you if there is a problem.
I would lump it right in with the time required to put in a scheduled
downtime report. It is work that doesn't hurt you and could help you
considerably in the event of an issue.
If you have proper monitoring set up when the PDC is detected as being gone,
at least one alert and if tied into the ticketing system at least one ticket
will be popped. Some monitoring systems will generate an alert and
corresponding ticket for every FSMO role for every DC missing so if you have
25 DCs and 5 roles on that DC you could be looking at well over 100
alerts... That is when everything is just fine... Scale that to companies I
work with and we call that a ticket storm and that is just the automated
stuff in the event of everything being perfectly fine.... Now assume that
machine doesn't come back up and all sorts of RED pops up in the monitoring
and ticketing system and everyone who has a problem anywhere wants to ride
your tail because they believe it is due to that downed server and so more
tickets flood in that because Bob's Sharepoint access isn't working. And you
have to fight that off with everyone and likely even try to work out their
problems for them to prove it wasn't your server. You get people using GPO
editors and bam they start seeing messages. They submit tickets because that
isn't how it normally works. You get other apps/services that focus on the
PDC for the updates or lookups and bam they start having issues and
submitting tickets. And these aren't all non-MSFT apps and services, you go
check out how many different things use the Ops Masters for their ops like
DFS... Anyone changing their passwords while the PDC is down aren't getting
the advantage of password forwarding or chaining which can cause more
tickets. This isn't me guessing, these are all actual real life events...
And all of it could have been avoided but wasn't because someone was too
lazy or didn't feel it was necessary to run a 30 second script to move the
roles ahead of time.
And as Jim indicated and what I mentioned before "I would rather not seize a
role if it can be avoided by simple easy process.".
I would move the roles 99 or 999 times with no problem incidence on my DCs
just to avoid the one time something does happen. It is one less thing to
worry about.
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
-----Original Message-----
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
Sent: Tuesday, December 02, 2008 12:43 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
I never said a thing about FSMO's being delicate and I gave no such
impression. I did however imply that NIC drivers do sometimes blue screen a
server. I would rather not seize a role if it can be avoided by simple easy
process.
> -----Original Message-----
> From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-
> owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
> Sent: Tuesday, December 02, 2008 12:11 PM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Honestly, joe, even in your large org, which of these roles is so
> critical that the org cannot survive its temporary loss in the NORMAL
> course of operations?
>
> Again, bear in mind that I am not advocating against role transfer,
> but against preaching role transfer everytime someone sneezes near the
> DC just gives the impression that FSMO roles are so delicate that the
> continued existence or well-being of an infrastructure depend on their
> constant availability. I am saying that this is not true.
>
>
> Sincerely,
> _____
> (, / | /) /) /)
> /---| (/_ ______ ___// _ // _
> ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
> (_/ /)
> (/
> Microsoft MVP - Directory Services
> www.akomolafe.name - we know IT
> -5.75, -3.23
> Do you now realize that Today is the Tomorrow you were worried about
> Yesterday? -anon ________________________________________
> From: ActiveDir-owner@mail.activedir.org [ActiveDir-
> owner@mail.activedir.org] On Behalf Of joe [listmail@joeware.net]
> Sent: Tuesday, December 02, 2008 8:48 AM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Why not? What is the pain in moving the roles?
>
> The mitigation is nearly non-existent next to the risk. What is the
> risk?
> Lack of transparency. If you reboot and say the PDC doesn't come back
> right away, there is the possibility of things that normally function
> in some certain fashion will not function in that certain fashion and
> cause support tickets to pop let alone monitoring going, hey the PDC
> is gone!!!
>
> This is such an incredibly simple thing to avoid and it isn't anything
> like XYZ needs WINS.
>
> Those of use who live in Ops and have lived in Ops for years and years
> and have moved a role holder only to see it not come back from the
> bounce and then say, damn, I should have moved the FSMO first and I
> didn't so now I have to deal with it prefer to not have to deal with
> it.
>
> joe
>
>
>
> --
> O'Reilly Active Directory Fourth Edition -
> http://www.joeware.net/win/ad3e.htm
>
>
> -----Original Message-----
> From: ActiveDir-owner@mail.activedir.org
> [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Akomolafe,
> Deji
> Sent: Tuesday, December 02, 2008 11:40 AM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> I seriously hope that "transfer FSMO off" is not going to be the new
> "XYZ needs WINS".
>
> DCs are not THAT important unless you only have one of it (or one of
> it for a particular site where it is required by something, or you are
> in large, distributed org, etc).
>
> FSMO roles are even less delicate than a temporarily absent DC. Your
> infra will SURVIVE the temporary absence of any and all of the roles
> unless you are really in the middle of something as big as
> infrastructural changes.
>
> I am not saying don't take care of your FSMO-holding DCs, but I'd hate
> to see the cautious "Tranfer FSMO" get into the "don't touch that DC
> unless you move its FSMO roles off" extreme, and I consider this
> scenario to be one of those.
>
>
> Sincerely,
> _____
> (, / | /) /) /)
> /---| (/_ ______ ___// _ // _
> ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
> (_/ /)
> (/
> Microsoft MVP - Directory Services
> www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -
> 3.23 Do
> you now realize that Today is the Tomorrow you were worried about
> Yesterday?
> -anon ________________________________
> From: ActiveDir-owner@mail.activedir.org
> [ActiveDir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
> [kennedyjim@elyriaschools.org]
> Sent: Tuesday, December 02, 2008 6:40 AM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> I would transfer any FSMO roles it might have off temporarily, in case
> it blue screens on restart because of a hardware glitch with the new
> nic.
> Going
> to assume you have AD system state backups already. Leave the network
> cable unplugged when you fire it back up just to make sure you get the
> same IP address assigned...
>
> I don't see this as a big deal, just being careful.
>
>
> From: ActiveDir-owner@mail.activedir.org
> [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Carlos Vaz
> Sent: Tuesday, December 02, 2008 8:04 AM
> To: ActiveDir@mail.activedir.org
> Subject: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Hi, sorry for the off-topic message but I need some help here.
> Is there any steps that should be taken to replace a failing network
> card on a domain controller?
>
>
>
>
>
> --
> Thanks,
>
>
>
> Carlos Vaz
>
> (\__/)
> (='.'=) This is Bunny. Copy and paste bunny into your
> (")_(") signature to help him gain world domination.
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ma/default.aspx
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ma/default.aspxList info :
> http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| bdesmond
Posts:843
| | 12/02/2008 2:07 PM |
| Bad drivers in general will. I have had good luck at least using the packaged bundled updates tools with the Dell and HP mgmt consoles.
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
-----Original Message-----
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
Sent: Tuesday, December 02, 2008 11:43 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
I never said a thing about FSMO's being delicate and I gave no such impression. I did however imply that NIC drivers do sometimes blue screen a server. I would rather not seize a role if it can be avoided by simple easy process.
> -----Original Message-----
> From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-
> owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
> Sent: Tuesday, December 02, 2008 12:11 PM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Honestly, joe, even in your large org, which of these roles is so
> critical that the org cannot survive its temporary loss in the NORMAL
> course of operations?
>
> Again, bear in mind that I am not advocating against role transfer, but
> against preaching role transfer everytime someone sneezes near the DC
> just gives the impression that FSMO roles are so delicate that the
> continued existence or well-being of an infrastructure depend on their
> constant availability. I am saying that this is not true.
>
>
> Sincerely,
> _____
> (, / | /) /) /)
> /---| (/_ ______ ___// _ // _
> ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
> (_/ /)
> (/
> Microsoft MVP - Directory Services
> www.akomolafe.name - we know IT
> -5.75, -3.23
> Do you now realize that Today is the Tomorrow you were worried about
> Yesterday? -anon
> ________________________________________
> From: ActiveDir-owner@mail.activedir.org [ActiveDir-
> owner@mail.activedir.org] On Behalf Of joe [listmail@joeware.net]
> Sent: Tuesday, December 02, 2008 8:48 AM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Why not? What is the pain in moving the roles?
>
> The mitigation is nearly non-existent next to the risk. What is the
> risk?
> Lack of transparency. If you reboot and say the PDC doesn't come back
> right
> away, there is the possibility of things that normally function in some
> certain fashion will not function in that certain fashion and cause
> support
> tickets to pop let alone monitoring going, hey the PDC is gone!!!
>
> This is such an incredibly simple thing to avoid and it isn't anything
> like
> XYZ needs WINS.
>
> Those of use who live in Ops and have lived in Ops for years and years
> and
> have moved a role holder only to see it not come back from the bounce
> and
> then say, damn, I should have moved the FSMO first and I didn't so now
> I
> have to deal with it prefer to not have to deal with it.
>
> joe
>
>
>
> --
> O'Reilly Active Directory Fourth Edition -
> http://www.joeware.net/win/ad3e.htm
>
>
> -----Original Message-----
> From: ActiveDir-owner@mail.activedir.org
> [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Akomolafe,
> Deji
> Sent: Tuesday, December 02, 2008 11:40 AM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> I seriously hope that "transfer FSMO off" is not going to be the new
> "XYZ
> needs WINS".
>
> DCs are not THAT important unless you only have one of it (or one of it
> for
> a particular site where it is required by something, or you are in
> large,
> distributed org, etc).
>
> FSMO roles are even less delicate than a temporarily absent DC. Your
> infra
> will SURVIVE the temporary absence of any and all of the roles unless
> you
> are really in the middle of something as big as infrastructural
> changes.
>
> I am not saying don't take care of your FSMO-holding DCs, but I'd hate
> to
> see the cautious "Tranfer FSMO" get into the "don't touch that DC
> unless you
> move its FSMO roles off" extreme, and I consider this scenario to be
> one of
> those.
>
>
> Sincerely,
> _____
> (, / | /) /) /)
> /---| (/_ ______ ___// _ // _
> ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
> (_/ /)
> (/
> Microsoft MVP - Directory Services
> www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -
> 3.23 Do
> you now realize that Today is the Tomorrow you were worried about
> Yesterday?
> -anon ________________________________
> From: ActiveDir-owner@mail.activedir.org
> [ActiveDir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
> [kennedyjim@elyriaschools.org]
> Sent: Tuesday, December 02, 2008 6:40 AM
> To: ActiveDir@mail.activedir.org
> Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> I would transfer any FSMO roles it might have off temporarily, in case
> it
> blue screens on restart because of a hardware glitch with the new nic.
> Going
> to assume you have AD system state backups already. Leave the network
> cable
> unplugged when you fire it back up just to make sure you get the same
> IP
> address assigned...
>
> I don't see this as a big deal, just being careful.
>
>
> From: ActiveDir-owner@mail.activedir.org
> [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Carlos Vaz
> Sent: Tuesday, December 02, 2008 8:04 AM
> To: ActiveDir@mail.activedir.org
> Subject: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
>
> Hi, sorry for the off-topic message but I need some help here.
> Is there any steps that should be taken to replace a failing network
> card on
> a domain controller?
>
>
>
>
>
> --
> Thanks,
>
>
>
> Carlos Vaz
>
> (\__/)
> (='.'=) This is Bunny. Copy and paste bunny into your
> (")_(") signature to help him gain world domination.
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ma/default.aspx
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ma/default.aspxList info :
> http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| bdesmond
Posts:843
| | 12/02/2008 2:13 PM |
| In the large orgs that Joe and I support we often don't know what might be depending on a role, especially things like apps written with legacy net APIs.
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
-----Original Message-----
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, December 02, 2008 11:11 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
Honestly, joe, even in your large org, which of these roles is so critical that the org cannot survive its temporary loss in the NORMAL course of operations?
Again, bear in mind that I am not advocating against role transfer, but against preaching role transfer everytime someone sneezes near the DC just gives the impression that FSMO roles are so delicate that the continued existence or well-being of an infrastructure depend on their constant availability. I am saying that this is not true.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name - we know IT
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
________________________________________
From: ActiveDir-owner@mail.activedir.org [ActiveDir-owner@mail.activedir.org] On Behalf Of joe [listmail@joeware.net]
Sent: Tuesday, December 02, 2008 8:48 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
Why not? What is the pain in moving the roles?
The mitigation is nearly non-existent next to the risk. What is the risk?
Lack of transparency. If you reboot and say the PDC doesn't come back right
away, there is the possibility of things that normally function in some
certain fashion will not function in that certain fashion and cause support
tickets to pop let alone monitoring going, hey the PDC is gone!!!
This is such an incredibly simple thing to avoid and it isn't anything like
XYZ needs WINS.
Those of use who live in Ops and have lived in Ops for years and years and
have moved a role holder only to see it not come back from the bounce and
then say, damn, I should have moved the FSMO first and I didn't so now I
have to deal with it prefer to not have to deal with it.
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad3e.htm
-----Original Message-----
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, December 02, 2008 11:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
I seriously hope that "transfer FSMO off" is not going to be the new "XYZ
needs WINS".
DCs are not THAT important unless you only have one of it (or one of it for
a particular site where it is required by something, or you are in large,
distributed org, etc).
FSMO roles are even less delicate than a temporarily absent DC. Your infra
will SURVIVE the temporary absence of any and all of the roles unless you
are really in the middle of something as big as infrastructural changes.
I am not saying don't take care of your FSMO-holding DCs, but I'd hate to
see the cautious "Tranfer FSMO" get into the "don't touch that DC unless you
move its FSMO roles off" extreme, and I consider this scenario to be one of
those.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23 Do
you now realize that Today is the Tomorrow you were worried about Yesterday?
-anon ________________________________
From: ActiveDir-owner@mail.activedir.org
[ActiveDir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
[kennedyjim@elyriaschools.org]
Sent: Tuesday, December 02, 2008 6:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
I would transfer any FSMO roles it might have off temporarily, in case it
blue screens on restart because of a hardware glitch with the new nic. Going
to assume you have AD system state backups already. Leave the network cable
unplugged when you fire it back up just to make sure you get the same IP
address assigned...
I don't see this as a big deal, just being careful.
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Carlos Vaz
Sent: Tuesday, December 02, 2008 8:04 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] [OFF-TOPIC] - Replace NIC on a DC.
Hi, sorry for the off-topic message but I need some help here.
Is there any steps that should be taken to replace a failing network card on
a domain controller?
--
Thanks,
Carlos Vaz
(\__/)
(='.'=) This is Bunny. Copy and paste bunny into your
(")_(") signature to help him gain world domination.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspxList info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
|
|