none
Old Dhcp Server 2003 Domain Controller to New 2008 R2 Dchp Domain Controller

    Question

  • I have a client that is going to update his network with a new 2008R2 domain Controller transferring the FSMO roles from his old Windows 2003 domain controller to the new Windows 2008R2.

    His current window 2003 DC is running DHCP and DNS. This domain controller used to be part of a much larger class C network of about 200 computers, and when I was looking at the event logs, I noticed he was getting an error talking about 80% of the scope is being used.

    The current computer network is 3 servers and 14 client PC's. I went to DHCP and noticed that in his scope General options he has them set to unlimited instead of the default setting of 8 Days, and I think that is the reason why is scope is 80% used. The default option would have cleared out old IP address as computers were taken off the network.

    Before I transfer the DHCP database to the new server this is what I plan to do:

    1. Create reservations on the 2003 Server for the printers and other servers that require static IP's

    2. Set the default option back to 8 days. The setting should take effect an 1 hour after set. The result of this should clear out all the old IP address and re-assign new address to computers that are currently connected to the network.

    3. Go the DNS Tab and set the radio button to always dynamically update DNS A and PTR records and that should delete all the old DNS records as well.

    After doing these three steps, I should end up with 14 active leases 17 current DNS records counting the three servers in my totals. When I transfer the DHCP database to the new windows 2008R2, it should be pretty clean.

    Am missing anything in my assessment? I invite comment.

    Thanks very much for the help

    Rick Arnold


    Rick Arnold Arnoldconsult, MCP

    • Moved by Tiger Li Monday, April 09, 2012 2:28 AM (From:Setup Deployment)
    Friday, April 06, 2012 4:25 PM

Answers

All replies

  • Hi Rick,

    Thanks for posting here.

    >1. Create reservations on the 2003 Server for the printers and other servers that require static IP's

    >2. Set the default option back to 8 days. The setting should take effect an 1 hour after set. The result of this should clear out all the old IP address and re-assign new address to computers that are currently connected to the network.

    >3. Go the DNS Tab and set the radio button to always dynamically update DNS A and PTR records and that should delete all the old DNS records as well.

    All these steps are good to go.

    Meanwhile, have we consider to just migrate the configurations but DHCP database and make all clients to release and reobtain lease form new configured DHCP server ? otherwise I think they will never get the new lease cos we were set to use unlimited lease duration .

    Migration of DHCP Server from Windows Server 2003 to Windows Server 2008

    http://blogs.technet.com/b/teamdhcp/archive/2009/02/18/migration-of-dhcp-server-from-windows-server-2003-to-windows-server-2008.aspx

    Some suggestions in the articles below will also help to keep the information in DHCP and DNS up to date :

    DHCP Best Practices

    http://technet.microsoft.com/en-us/library/cc780311(WS.10).aspx

    Optimizing your network to keep your DNS squeaky clean

    http://blogs.technet.com/b/networking/archive/2009/02/09/optimizing-your-network-to-keep-your-dns-squeaky-clean.aspx

    Regards,

    Tiger Li

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact  tnmff@microsoft.com.


    Tiger Li

    TechNet Community Support

    Monday, April 09, 2012 4:59 AM
  • Hello,

    sounds ok so far for the steps you mentioned.

    For DHCP cleanup see also http://technet.microsoft.com/en-us/library/cc783573(WS.10).aspx

    The upgrade you can do according to http://msmvps.com/blogs/mweber/archive/2010/02/10/upgrading-an-active-directory-domain-from-windows-server-2003-to-windows-server-2008-or-windows-server-2008-r2.aspx


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Monday, April 09, 2012 9:44 AM
  • Thanks all for the comments I have a question about the old leases.

    When I set DCHP back to the default of 8 days, currently DHCP is set to unlimited, and put the check to,  "Always dynamically update DNS and PTR records.  When do thoes old Ip address start to get deleted?  Or do I have to do that by hand.  I would not think I would have to do that. Or, do the unlimited leases convert to 8 day leases, and at the end of eight days the old leases get deleted.

    I want to clear out these old leases soon becuase I want to transfer the DHCP data base to the new Windows 2008R2 domain controller

    Thanks,

    Rick Arnold


    Rick Arnold Arnoldconsult, MCP

    Monday, April 09, 2012 8:19 PM
  • Hello,

    if the clients start they'll check again with the DHCP server for the lease times. But you can also remove them from the leases overview and run ipconfig /release and ipconfig /renew, even with a startup script, during next boot.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    • Proposed as answer by Tiger Li Wednesday, April 11, 2012 6:45 AM
    • Marked as answer by Tiger Li Monday, April 16, 2012 12:55 AM
    Tuesday, April 10, 2012 6:54 AM
  • Hi Rick,

    Please feel free to let us know if the information was helpful to you.

    Regards,

    Tiger Li

    TechNet Subscriber Support in forum
    If you have any feedback on our support, please contact  tnmff@microsoft.com.


    Tiger Li

    TechNet Community Support

    Wednesday, April 11, 2012 6:46 AM
  • I restarted DHCP leasing, and I set it for two days. I asked the people in the office to reboot over lunch leases are starting to flow again.  However, I have a lot of DHCP objects that still have infinite durations.  If I do a ping and get no response, I would think it is safe to delete these.  Even if it belonged to a laptop or a computer that is not on the network,  it should not be a problem becase when they log back in they will ge a new IPaddress?

    I also have a lot a computer objects that are in AD, this used to be a much larger company at one time. Is it just as simple to match the names of the computers that have leases to the objects in AD and delete the ones that don't have a ping or a corresponding ipaddresses lease.

    Thanks,

    Rick

     

    Rick Arnold Arnoldconsult, MCP

    Wednesday, April 11, 2012 6:58 PM
  • Hi Rick,

    Thanks for posting here.

    >it should not be a problem becase when they log back in they will ge a new IPaddress?

    Yes you are right , they will get lease form new DHCP server once reconnect into our network .

    >Is it just as simple to match the names of the computers that have leases to the objects in AD and delete the ones that don't have a ping or a corresponding ipaddresses lease.

    Not a good idea, but we can check the “lastlogontimestamp” attribute of computer objects in order to determine if these objects are no longer exist if are trying to keep AD database clean:

    “The LastLogonTimeStamp Attribute” – “What it was designed for and how it works”

    http://blogs.technet.com/b/askds/archive/2009/04/15/the-lastlogontimestamp-attribute-what-it-was-designed-for-and-how-it-works.aspx

    Find old computer objects

    http://gallery.technet.microsoft.com/scriptcenter/7bc5bc1c-e934-4ce1-8a77-3b0105807402

    http://social.technet.microsoft.com/Forums/en/winservergen/thread/842a7325-ae23-412e-af9d-e459369b7dbd

    Regards,

    Tiger Li

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact  tnmff@microsoft.com.


    Tiger Li

    TechNet Community Support

    • Marked as answer by Tiger Li Monday, April 16, 2012 12:55 AM
    Thursday, April 12, 2012 3:30 AM
  • Thanks very much for the reply. I will look at these articles today.  I got the old DNS and DHCP Records out of the database today.

    This company has their firewalls turned on internally, so ping request is not going to work anyways, just learned that today.  It always baffles me why companies do this.  If you have a Cisco Router firewall appliance in place, why do you need the Windows firewall it hampers network traffic on the inside.

    Thanks again,

    Rick Arnold


    Rick Arnold Arnoldconsult, MCP

    Friday, April 13, 2012 4:55 PM