none
Updating old domain controller RRS feed

  • Question

  • Hello, I took over for an admin who hasn’t been doing updates on his server 2008r2 domain controller since dropping it in 3 years ago. Its just a small branch office running a domain controller that’s also doing dns and a few file shares. I am replacing with new server running 2012, and was wondering can I just scrap the old domain controller, removed the pcs from the domain, setup the new server running 2012 as domain controller/dns, and join all the pc’s to this new domain? They don’t really enough file sharing to cause a big headache, I could just back those files up and move them to new domain controller no problem. I believe the normal way is to join the new server 2012 to domain, transfer roles to it, and then removed the 2008 r2 domain controller from the network. Im just worried that because this old server hasn’t taken one single windows update for over 3 years. Side note, they also have 2 more stores that run about 35-40 users connected with ipsec vpn. Would I be ok adding these users to domain and running dns over vpn to these users? Or is that just too many users to run over vpn? Thanks in advance for the advice…

    Monday, February 16, 2015 3:51 PM

Answers

  • Hello,

    If you are not planning on changing domain/dns name etc, It will be more safe and less headache on your part if you just promote the new server as an additional DC and then transfer the FSMO roles and decommission the old server. Why W2K12? why not just go for the greatest and latest W2K12 R2?

    Hope this helps,


    Isaac Oben MCITP:EA, MCSE,MCC <a href="https://www.mcpvirtualbusinesscard.com/VBCServer/4a046848-4b33-4a28-b254-e5b01e29693e/interactivecard"> View my MCP Certifications</a>

    Monday, February 16, 2015 10:59 PM
  • For the updates, it should not be a problem for the moment. Simply promote a new DC and make it a DNS/GC server then transfer FSMO roles to it and demote it. Of course, it remains recommended to keep your OS up-to-date so you can do it with the new server.

    It is possible to connect your users through VPN but you need to take in consideration the Group Policy processing for slow links: https://technet.microsoft.com/en-us/library/cc781031%28v=ws.10%29.aspx


    This posting is provided AS IS with no warranties or guarantees , and confers no rights.

    Ahmed MALEK

    My Website Link

    My Linkedin Profile

    My MVP Profile

    Monday, February 16, 2015 10:19 PM

All replies

  • For the updates, it should not be a problem for the moment. Simply promote a new DC and make it a DNS/GC server then transfer FSMO roles to it and demote it. Of course, it remains recommended to keep your OS up-to-date so you can do it with the new server.

    It is possible to connect your users through VPN but you need to take in consideration the Group Policy processing for slow links: https://technet.microsoft.com/en-us/library/cc781031%28v=ws.10%29.aspx


    This posting is provided AS IS with no warranties or guarantees , and confers no rights.

    Ahmed MALEK

    My Website Link

    My Linkedin Profile

    My MVP Profile

    Monday, February 16, 2015 10:19 PM
  • Hello,

    If you are not planning on changing domain/dns name etc, It will be more safe and less headache on your part if you just promote the new server as an additional DC and then transfer the FSMO roles and decommission the old server. Why W2K12? why not just go for the greatest and latest W2K12 R2?

    Hope this helps,


    Isaac Oben MCITP:EA, MCSE,MCC <a href="https://www.mcpvirtualbusinesscard.com/VBCServer/4a046848-4b33-4a28-b254-e5b01e29693e/interactivecard"> View my MCP Certifications</a>

    Monday, February 16, 2015 10:59 PM