none
Moving Primary Domain Controller

    Question

  • I have One Domain Controller in my network. It is also the only DNS and DHCP server. I am wanting to demote this server as a backup domain controller and make another server the primary domain controller with the DNS and DHCP roles. How would i go about doing this? I want to move the global catalog to the new server and possibly have the old server a backup DNS and DHCP server as well. Thanks for your help in advanced!

    -Chris 
    Friday, October 10, 2008 2:01 PM

Answers

  • Since you're talking Global Catalog I'll assume you're running Windows 2000 Server or later. (Please provide the Windows version and Service Pack level)

    Chris Collier said:

    I have One Domain Controller in my network. It is also the only DNS and DHCP server. I am wanting to demote this server as a backup domain controller and make another server the primary domain controller with the DNS and DHCP roles. How would i go about doing this? I want to move the global catalog to the new server and possibly have the old server a backup DNS and DHCP server as well. Thanks for your help in advanced!

    -Chris 

    Here's a high level step-by-step:
      

    1. Install a new server box with Windows Server. Apply the latest Service Pack and Windows Updates.
           
    2. Install this server with the same Windows Server version as your current server or a newer version. 
           
      Note:
      When you install the box with a newer version of Windows prepare your Active Directory before you promote the new server to a Domain Controller. (More information)
         
    3. Install DNS and promote the new server to a Domain Controller. Make it an additional Domain Controller for the same Active Directory domain in the same Active Directory forest as your current Domain Controller. (More information) Be sure to check the Event Viewer logs on both Domain Controllers and the dcpromo.log and dcpromoui.log on the new Domain Controller to ensure promotion and replication. Congratulations! You now have two Domain Controllers.
        
    4. Make the new Server a Global Catalog and restart it afterwards. (More information)
         
    5. Transfer the five Flexible Single Master Operation (FSMO) Roles from the current Domain Controller to the new Domain Controller. (More information) One of the FSMO roles is the PDC emulator role. After transfering this role to your new server it is the equivalent of the Primary Domain Controller. (PDC)
    6. Install the DHCP Server on the new Domain Controller and migrate the DHCP database from the old Domain Controller to the new Domain Controller. (More information) Make sure the DHCP Scope is deactivated on the old server.
         
    7. Change the DHCP Scopes on both servers. In the DHCP Scope on the new server assign the IP address of the new Domain Controller as the primary DNS Server. This last step will ensure your client will begin using the new Domain Controller as their Primary DNS server after their DHCP lease expires. (More information)

      
    I've chosen to disable the old DHCP server and migrate it to the new server. Alternatively you can also create a 80% scope and a 20% scope on the new and old server respectively. (More information) I've chosen to keep the old server a Global Catalog as well, because of the Infrastructure Master rule of thumb.

    Friday, October 10, 2008 6:50 PM

All replies

  • Since you're talking Global Catalog I'll assume you're running Windows 2000 Server or later. (Please provide the Windows version and Service Pack level)

    Chris Collier said:

    I have One Domain Controller in my network. It is also the only DNS and DHCP server. I am wanting to demote this server as a backup domain controller and make another server the primary domain controller with the DNS and DHCP roles. How would i go about doing this? I want to move the global catalog to the new server and possibly have the old server a backup DNS and DHCP server as well. Thanks for your help in advanced!

    -Chris 

    Here's a high level step-by-step:
      

    1. Install a new server box with Windows Server. Apply the latest Service Pack and Windows Updates.
           
    2. Install this server with the same Windows Server version as your current server or a newer version. 
           
      Note:
      When you install the box with a newer version of Windows prepare your Active Directory before you promote the new server to a Domain Controller. (More information)
         
    3. Install DNS and promote the new server to a Domain Controller. Make it an additional Domain Controller for the same Active Directory domain in the same Active Directory forest as your current Domain Controller. (More information) Be sure to check the Event Viewer logs on both Domain Controllers and the dcpromo.log and dcpromoui.log on the new Domain Controller to ensure promotion and replication. Congratulations! You now have two Domain Controllers.
        
    4. Make the new Server a Global Catalog and restart it afterwards. (More information)
         
    5. Transfer the five Flexible Single Master Operation (FSMO) Roles from the current Domain Controller to the new Domain Controller. (More information) One of the FSMO roles is the PDC emulator role. After transfering this role to your new server it is the equivalent of the Primary Domain Controller. (PDC)
    6. Install the DHCP Server on the new Domain Controller and migrate the DHCP database from the old Domain Controller to the new Domain Controller. (More information) Make sure the DHCP Scope is deactivated on the old server.
         
    7. Change the DHCP Scopes on both servers. In the DHCP Scope on the new server assign the IP address of the new Domain Controller as the primary DNS Server. This last step will ensure your client will begin using the new Domain Controller as their Primary DNS server after their DHCP lease expires. (More information)

      
    I've chosen to disable the old DHCP server and migrate it to the new server. Alternatively you can also create a 80% scope and a 20% scope on the new and old server respectively. (More information) I've chosen to keep the old server a Global Catalog as well, because of the Infrastructure Master rule of thumb.

    Friday, October 10, 2008 6:50 PM
  • " I've chosen to keep the old server a Global Catalog as well, because of the Infrastructure Master rule of thumb"

    How do you mean??

    Wednesday, December 12, 2012 5:32 PM
  • Hello,

    I'm getting ready to introduce a new server into our domain to take over the roles of DC, AD and DNS. Our current environment has 2 Windows 2008 R2 servers and we're adding a 3rd mentioned above. The main server currently holding the above roles is also our Exchange and many other roles so we'd like to offload these roles from the existing server to the new server. So we were looking for some good, step-by-step instructions for performing this move. It seems like there are built-in wizards to help with this, but we would like to know what prep work we should be doing??? How can we inspect our current AD for any errors and to ensure it is as clean as possible to move over? What other prep tasks should we be considering. Should we initialize the new OEM server in the existing environment? Or can we initialize it offsite and then bring it onsite once it's close to being ready? How do you copy the GC over or does this happen when you add it to the domain? Any help is appreciated and the instructions above are a great start.

    Tuesday, December 18, 2012 6:05 AM
  • Hello,

    I'm getting ready to introduce a new server into our domain to take over the roles of DC, AD and DNS. Our current environment has 2 Windows 2008 R2 servers and we're adding a 3rd mentioned above. The main server currently holding the above roles is also our Exchange and many other roles so we'd like to offload these roles from the existing server to the new server. So we were looking for some good, step-by-step instructions for performing this move. It seems like there are built-in wizards to help with this, but we would like to know what prep work we should be doing??? How can we inspect our current AD for any errors and to ensure it is as clean as possible to move over? What other prep tasks should we be considering. Should we initialize the new OEM server in the existing environment? Or can we initialize it offsite and then bring it onsite once it's close to being ready? How do you copy the GC over or does this happen when you add it to the domain? Any help is appreciated and the instructions above are a great start.

    Jim,

    Please create a new thread in Directory Services forum.

    Thanks


    Regards, Santosh

    I do not represent the organisation I work for, all the opinions expressed here are my own.

    This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

    Whenever you see a helpful reply, click on Alternate Text Vote As Helpful & click on Alternate Text Mark As Answer if a post answers your question.

    Tuesday, December 18, 2012 8:15 AM
    Moderator
  • Hi

    From my point of view best way is to install new fresh copy of Windows Server. Apply all SP-a and patches. Then promote this as additional DC in your domain and configure it as a Global Catalog. Transfer FSMO roles to new server, and then you can demote your old server.


    Best regards
    Dubravko Marak
    MCP, MVP
    Blog: Windows Server Administration
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. Please VOTE as HELPFUL if the post helps you. This can be beneficial to other community members reading the thread.

    Tuesday, December 18, 2012 10:39 AM