How to replace my Windows 2000 Server Domain Controllers?

[Scott70]

I am preparing to replace my organization's 2 Windows 2000 domain controllers (both are Exchange servers as well), and I have a couple of questions that I could not find answers to on the Microsoft support site.

Basically we have 2 new servers that will be the new DCs. My plan was to add them into the domain as member servers, and then to use DCPROMO to promote one of them to domain controller. I would then demote our existing DCs. I'm a little sketchy on the details of ensuring that the global catalog and all of Active Directory gets moved to the new server. I would then install Exchange and migrate mailboxes to one of the new servers.

However, my question is this...I would like for the NEW domain controller to have the same computer name (eventually) as the server it is replacing (currently our existing servers are called SERVERA and SERVERM). However, if what I'm reading in MS KB Article 195242 still applies, one cannot change the name of a Domain Controller. If this is true, is there no way I can replace the existing DCs and keep the names the same?

Thanks!

 

[jthiessen]

Well, there is a tool called ADMT ( Active Directory Migration Tool) thant you can use to migrate your accounts, both AD and Exchange, to a new server. That way you migrate everything, then take down the old server and plug in the new one.

Josh

 

[Scott70]

Any idea if you can keep the name of the new server the same as the old one? Wondering if you have to promote the new server to a DC using DCPROMO prior to using the migration tool.

Thanks

 

[jthiessen]

yes, you do have to upgrade to AD first, what you can do is alternate the startup of these servers, much easier than ADMT anyway. Take down serverA and put one of your new servers up as ServerA. Allow 24 hours or so for full replication, then follow the same procedure on the other server. Then if you want the old servers as member servers, dcpromo down to it after you take them offline. Is this a possible solution for your organization?

Josh

 

[Scott70]

Ok just to make sure I understand...

1. Install Windows 2000 Server on one of the new servers, with it connected to the production network. During the installation process, name it something other than the production server name (SERVERX or something).

2. Do a DCPROMO on the server to make it a domain controller, and then replicate all of the Active Directory information to this new server. Assign the new server the role of Global Catalog, etc.

3. Demote the old server (SERVERA) and remove it from the network.

4. Change the name of the new server to SERVERA. (Again our reason for doing this is to maintain consistency with client applications, etc.)

The problem is step 4 - I do not thing you can change the name of a domain controller, per MS KB 195242.

Any other thoughts on how to keep the same name?

 

[mwiner]

No, I believe he means and josh correct me if I am wrong:

1. Install W2k Server on the new server (off the production network ) and name it SERVERA

2. Remove origional SERVERA from the network (do NOT run DCPROMO on it yet)

3. Connect new SERVERA and DCPROMO it to a domain controller. (it SHOULD be able to look at the other DC for all the information, and just think you are rebuilding SERVERA)

4. Let EVERYTHING replicate overnight or longer then rinse and repeat with the other server

 

[mwiner]

I have just found this. I think this should help you!!!

***CREDIT***

http://www.jsifaq.com/SUBH/TIP3500/rh3544.htm

3544 » How can I rename a Windows 2000 Domain Controller?
************

When a Windows 2000 Server is in service as a domain controller, it can NOT be renamed. If you demote the domain controller to a member server, you can rename it, and re-promote it to a DC, but this will loose Active Directory information.


Renaming a domain controller when it is the only DC
In order to rename the only DC in your domain, and preserve the Active Directory information that you configured, you must install another Windows 2000 Server and promote it to a domain controller, using Dcpromo.exe or the Configure Your Server Wizard. Then:
1. Use the Active Directory Sites and Services Microsoft Management Console (MMC) to force replication.

2. Make this new domain controller a Global Catalog server.

3. Transfer, NOT seize, all the FSMO roles, that the original domain controller holds, to the new DC.

4. Use Dcpromo.exe, or the Configure Your Server Wizard, to demote the domain controller that you wish to rename.

5. Rename the demoted server using Control Panel / System / Network Identification / Properties.

6. Use the Configure Your Server Wizard, or Dcpromo.exe, to promote the member server back to a domain controller.

7. Reconfigure all the FSMO roles and Global Catalog.


Renaming a domain controller when there a multiple domain controllers in the domain
The process for renaming a domain controller when at least one other DC exists in the domain is nearly identical to the above procedure.
The big difference is that you can:

1. Force replication.

2. Transfer FSMO roles.

3. Make another domain controller the Global Catalog.

4. Demote the domain controller that you wish to rename.

Without having to first promote a domain controller. You would then:

5. Rename the demoted server using Control Panel / System / Network Identification / Properties.

6. Use the Configure Your Server Wizard, or Dcpromo.exe, to promote the member server back to a domain controller.

7. Reconfigure all the FSMO roles and Global Catalog.

 

[jthiessen]

Scott, what mwiner said is what I was getting at. But it looks like there is another solution, although not necessarily an easier one.

The procedure I was suggesting is outlined a little more clearly by mwiner, but that is the way I would suggest.

Good luck.

Josh

MCSE, CCNA, MCT, MCP

 

[jthiessen]

BTW, avoid playing with FSMO if you can.

Josh

MCSE, CCNA, MCT, MCP

 

[wfullerton]

hi Scott70

now i have exactly the same situation
did the advice given here all work ok?
i do not have the luxury of a test system and have to go live with this...
any comments would be appreciated
regards
willie

 

[larsjuhl]

does the ADMTool migrate all AD ? GroupPolicy and all ? I need to add my current Root DC to a new existing AD Domain
Lars

 

[jthiessen]

Buy bringing up a server in the domain and allowing replication, the policies that have been created will migrate.

After that you can use ADMT to migrate the accounts and maintain their groups and permissions. Because the policy information has already migrated, you should be ok with those policies staying in effect.


Hope this helps.

Josh

MCSE, CCNA, MCT, MCP

 

[karash]

What would the process be if you just need to replace the server with the same name? We are switching out some old hardware but wish to keep the exisiting names of our DCs.

Should we just take the old server offline, plug in the new server with the same name, and do a DCPROMO? Will the GUID transfer over correctly this way?

This thread is about the only place on the net for this sort of information...trust me I googled it to death.

 

[jthiessen]

Mwiner specified this procedure in this thread.

Josh

MCSE, CCNA, MCT, MCP

 

[dholbrook]

Everyone overlooked one very important fact that was stated in the original question, i.e., there are Exchange servers on both of the systems involved here.

You will need to remove the Exchange server from the first server you want to change (perhaps you can migrate it all to the other Exchange server temporarily?), because the Exchange server is tied to the Win 2000 Server by name, and you want to move the name to a new server.

Once you have removed the Exchange Server, you can demote the DC and rename it, then build a new server with the old name, promote it to DC(works great when you have more than one DC to work with!). Once it is up and running, re-install Exchange and import all the mailboxes, etc., so you can do the same for the second original DC.

If you do not remove the Exchange from the old DC server first, how do you intend to migrate the mail boxes from a server named xxxx to a new server with the exact same name? The Post office takes its name from the server it resides on, and you can not have two systems with the same name in the domain at the same time.

Now comes the real question, WHY? Are you just a glutton for punishment and enjoy being pounded around the head and shoulders? Is there something wrong with these two servers, or are you just replacing them with more powerful systems? If so, why not just back up the old system, take it off line, build a new server with the same name and then restore the data, etc., on to the new machine (having given it the same name as the one it is replacing). In other words, back it up and assume it died, and do the same process you would use to recover it, but onto a new system.

Remember, it does not hurt you to have multiple DC's in the domain (actually it is highly recommended), AND Exchange servers want to reside on a DC to speed up AD access, etc.

So in passing, Server names have a lot of implication beyond the server itself, so be sure you address the whole process, not just the changing of the DC's, unless you can just throw away the Exchange servers and start over from scratch.

HTH

David