Hello patrick,
You can. Do you use DHCP, it's easier to change the DHCP scope settings for
the clients to use only the new ones. And the servers i would change to the
staying DNS servers, so that AD01 is not longer used for resolving. I would
configure like this:
AD05 preferred itself, second AD06
AD06 preferred itself, second AD05
AD01 preferred itself, second AD05
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
> Hello Meinolf,
>
> May I have one more question about DNS?
>
> Right now, all machine's DNS setting are pointing to AD01. Any problem
> that if I change AD05's IP to AD01's IP after I demote AD01?
>
> Because I don't want to change any user pc and member server dns
> setting, do you think it is possible?
>
> Thanks a lot.
>
> Patrick
>
> "Meinolf Weber" wrote:
>
>> Hello patrick,
>>
>> Good luck and keep in mind to backup the machines and data BEFORE.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>>> Hello Meinolf,
>>>
>>> Thanks for your fast response and details explaination. I think the
>>> problem can be solved according to your info. You are very helpful
>>> really.
>>>
>>> I'll try the whole migrate process again and update the result soon.
>>>
>>> Thanks & best regards,
>>>
>>> Patrick
>>>
>>> "Meinolf Weber" wrote:
>>>
>>>> Hello patrick,
>>>>
>>>> see inline.
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers
>>>> no rights.
>>>>> Hi Meinolf,
>>>>>
>>>>> After demote AD01, I just delte the AD01 container IN "AD Sites
>>>>> and
>>>>> services"-> "Default-First-Sites-Name"->"Servers"--AD01"
>>>>> Then no more group policy errors found on any machine that i
>>>>> logon.
>>>> Fine.
>>>>
>>>>> AD01 is a first install DC, it is something bound to first
>>>>> insatall DC?
>>>>>
>>>> The only thing you have to look, is moving NOT seizing the 5 FSMO
>>>> roles to another DC. If you have an Exchange server youb have to
>>>> look that the Recipients update services are pointing to one of the
>>>> other DC's.
>>>>
>>>>> I'll try to remove DC completely according to your doc?
>>>>>
>>>> If you mean this one
>>>> (http://support.microsoft.com/?kbid=555846&SD=tech),
>>>> that's only for orphaned DC's. After the demotion the machine
>>>> should automatically
>>>>
>>>> move from DC OU to the computers container. If this is the case,
>>>> then the
>>>>
>>>> machine is only a member server, which can just be deleted like a
>>>> normal
>>>>
>>>> computer account. Before deleting this object give time for
>>>> replication between
>>>>
>>>> all DC's that they also update theire databases about the removed
>>>> DC. And
>>>>
>>>> you should also check with dcdiag and netdiag for errors.
>>>>
>>>> Also replmon to check replication between the DC's can be useful
>>>> now:
>>>>
>>>> http://technet2.microsoft.com/window...y/691910f2-a6a
>>>> 7- 4ced-984e-972aec2cbdd21033.mspx?mfr=true
>>>>
>>>> If all looks good, delete it.
>>>>
>>>>> Thanks again
>>>>>
>>>>> Patrick
>>>>>
>>>>> "Meinolf Weber" wrote:
>>>>>
>>>>>> Hello patrick,
>>>>>>
>>>>>> Seems that your removal with ntdsutil was not complete. Also
>>>>>> possible that they come back after rolling back AD01. Check with
>>>>>> that article again, if they will NEVER come back.
>>>>>> http://support.microsoft.com/?kbid=555846&SD=tech
>>>>>>
>>>>>> Also check again that the FSMO roles are on AD05 or AD06 and that
>>>>>> both machines are GC's. Just to be sure that AD01 is completely
>>>>>> ready for the removal.
>>>>>>
>>>>>> Best regards
>>>>>>
>>>>>> Meinolf Weber
>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>> and
>>>>>> confers
>>>>>> no rights.
>>>>>>> yes, that 2 DC object are in DC OU.
>>>>>>>
>>>>>>> Thanks
>>>>>>>
>>>>>>> Patrick
>>>>>>>
>>>>>>> "Meinolf Weber" wrote:
>>>>>>>
>>>>>>>> Hello patrick,
>>>>>>>>
>>>>>>>> Are the objects in computers container or DC OU?
>>>>>>>>
>>>>>>>> Best regards
>>>>>>>>
>>>>>>>> Meinolf Weber
>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>> warranties,
>>>>>>>> and
>>>>>>>> confers
>>>>>>>> no rights.
>>>>>>>>> Hi Meinolf,
>>>>>>>>>
>>>>>>>>> Because that 2 DC were out of order, I just use ntdsutil to
>>>>>>>>> remove it. DNS records are removed. Computer object still
>>>>>>>>> there.
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>>
>>>>>>>>> Patrick
>>>>>>>>>
>>>>>>>>> "Meinolf Weber" wrote:
>>>>>>>>>
>>>>>>>>>> Hello patrick,
>>>>>>>>>>
>>>>>>>>>> And they are not longer visible in DNS and AD? So now you are
>>>>>>>>>> more or less at the point before removing AD01?
>>>>>>>>>>
>>>>>>>>>> Best regards
>>>>>>>>>>
>>>>>>>>>> Meinolf Weber
>>>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>>>> warranties,
>>>>>>>>>> and
>>>>>>>>>> confers
>>>>>>>>>> no rights.
>>>>>>>>>>> ad02 and adtest had been removed by ntdsutil (not by
>>>>>>>>>>> dcpromo)
>>>>>>>>>>>
>>>>>>>>>>> Thanks
>>>>>>>>>>>
>>>>>>>>>>> Patrick
>>>>>>>>>>>
>>>>>>>>>>> "Meinolf Weber" wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hello patrick,
>>>>>>>>>>>>
>>>>>>>>>>>> You have to machines ad02 and adtest. Are they still active
>>>>>>>>>>>> or removed?
>>>>>>>>>>>>
>>>>>>>>>>>> Best regards
>>>>>>>>>>>>
>>>>>>>>>>>> Meinolf Weber
>>>>>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>>>>>> warranties,
>>>>>>>>>>>> and
>>>>>>>>>>>> confers
>>>>>>>>>>>> no rights.
>>>>>>>>>>>>> Thanks for your help.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Below are the reuslt again that I ran netdiag and dcdiag
>>>>>>>>>>>>> on AD05
>>>>>>>>>>>>>
>>>>>>>>>>>>> --------------------
>>>>>>>>>>>>>
>>>>>>>>>>>>> DCDIAG RESULT
>>>>>>>>>>>>>
>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>dcdiag
>>>>>>>>>>>>> /s:ad01
>>>>>>>>>>>>>
>>>>>>>>>>>>> Domain Controller Diagnosis
>>>>>>>>>>>>>
>>>>>>>>>>>>> Performing initial setup:
>>>>>>>>>>>>> Done gathering initial info.
>>>>>>>>>>>>> Doing initial required tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD01
>>>>>>>>>>>>> Starting test: Connectivity
>>>>>>>>>>>>> ......................... AD01 passed test Connectivity
>>>>>>>>>>>>> Doing primary tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD01
>>>>>>>>>>>>> Starting test: Replications
>>>>>>>>>>>>> ......................... AD01 passed test Replications
>>>>>>>>>>>>> Starting test: NCSecDesc
>>>>>>>>>>>>> ......................... AD01 passed test NCSecDesc
>>>>>>>>>>>>> Starting test: NetLogons
>>>>>>>>>>>>> ......................... AD01 passed test NetLogons
>>>>>>>>>>>>> Starting test: Advertising
>>>>>>>>>>>>> ......................... AD01 passed test Advertising
>>>>>>>>>>>>> Starting test: KnowsOfRoleHolders
>>>>>>>>>>>>> ......................... AD01 passed test
>>>>>>>>>>>>> KnowsOfRoleHolders
>>>>>>>>>>>>> Starting test: RidManager
>>>>>>>>>>>>> ......................... AD01 passed test RidManager
>>>>>>>>>>>>> Starting test: MachineAccount
>>>>>>>>>>>>> ......................... AD01 passed test MachineAccount
>>>>>>>>>>>>> Starting test: Services
>>>>>>>>>>>>> ......................... AD01 passed test Services
>>>>>>>>>>>>> Starting test: ObjectsReplicated
>>>>>>>>>>>>> ......................... AD01 passed test
>>>>>>>>>>>>> ObjectsReplicated
>>>>>>>>>>>>> Starting test: frssysvol
>>>>>>>>>>>>> ......................... AD01 passed test frssysvol
>>>>>>>>>>>>> Starting test: kccevent
>>>>>>>>>>>>> ......................... AD01 passed test kccevent
>>>>>>>>>>>>> Starting test: systemlog
>>>>>>>>>>>>> ......................... AD01 passed test systemlog
>>>>>>>>>>>>> Running enterprise tests on : hkcec.nws
>>>>>>>>>>>>> Starting test: Intersite
>>>>>>>>>>>>> ......................... hkcec.nws passed test Intersite
>>>>>>>>>>>>> Starting test: FsmoCheck
>>>>>>>>>>>>> ......................... hkcec.nws passed test FsmoCheck
>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>dcdiag
>>>>>>>>>>>>> /s:ad05
>>>>>>>>>>>>> Domain Controller Diagnosis
>>>>>>>>>>>>> Performing initial setup:
>>>>>>>>>>>>> Done gathering initial info.
>>>>>>>>>>>>> Doing initial required tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD05
>>>>>>>>>>>>> Starting test: Connectivity
>>>>>>>>>>>>> ......................... AD05 passed test Connectivity
>>>>>>>>>>>>> Doing primary tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD05
>>>>>>>>>>>>> Starting test: Replications
>>>>>>>>>>>>> ......................... AD05 passed test Replications
>>>>>>>>>>>>> Starting test: NCSecDesc
>>>>>>>>>>>>> ......................... AD05 passed test NCSecDesc
>>>>>>>>>>>>> Starting test: NetLogons
>>>>>>>>>>>>> ......................... AD05 passed test NetLogons
>>>>>>>>>>>>> Starting test: Advertising
>>>>>>>>>>>>> ......................... AD05 passed test Advertising
>>>>>>>>>>>>> Starting test: KnowsOfRoleHolders
>>>>>>>>>>>>> ......................... AD05 passed test
>>>>>>>>>>>>> KnowsOfRoleHolders
>>>>>>>>>>>>> Starting test: RidManager
>>>>>>>>>>>>> ......................... AD05 passed test RidManager
>>>>>>>>>>>>> Starting test: MachineAccount
>>>>>>>>>>>>> ......................... AD05 passed test MachineAccount
>>>>>>>>>>>>> Starting test: Services
>>>>>>>>>>>>> ......................... AD05 passed test Services
>>>>>>>>>>>>> Starting test: ObjectsReplicated
>>>>>>>>>>>>> ......................... AD05 passed test
>>>>>>>>>>>>> ObjectsReplicated
>>>>>>>>>>>>> Starting test: frssysvol
>>>>>>>>>>>>> ......................... AD05 passed test frssysvol
>>>>>>>>>>>>> Starting test: kccevent
>>>>>>>>>>>>> ......................... AD05 passed test kccevent
>>>>>>>>>>>>> Starting test: systemlog
>>>>>>>>>>>>> ......................... AD05 passed test systemlog
>>>>>>>>>>>>> Running enterprise tests on : hkcec.nws
>>>>>>>>>>>>> Starting test: Intersite
>>>>>>>>>>>>> ......................... hkcec.nws passed test Intersite
>>>>>>>>>>>>> Starting test: FsmoCheck
>>>>>>>>>>>>> ......................... hkcec.nws passed test FsmoCheck
>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>dcdiag
>>>>>>>>>>>>> /s:ad06
>>>>>>>>>>>>> Domain Controller Diagnosis
>>>>>>>>>>>>> Performing initial setup:
>>>>>>>>>>>>> Done gathering initial info.
>>>>>>>>>>>>> Doing initial required tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD06
>>>>>>>>>>>>> Starting test: Connectivity
>>>>>>>>>>>>> ......................... AD06 passed test Connectivity
>>>>>>>>>>>>> Doing primary tests
>>>>>>>>>>>>> Testing server: Default-First-Site-Name\AD06
>>>>>>>>>>>>> Starting test: Replications
>>>>>>>>>>>>> ......................... AD06 passed test Replications
>>>>>>>>>>>>> Starting test: NCSecDesc
>>>>>>>>>>>>> ......................... AD06 passed test NCSecDesc
>>>>>>>>>>>>> Starting test: NetLogons
>>>>>>>>>>>>> ......................... AD06 passed test NetLogons
>>>>>>>>>>>>> Starting test: Advertising
>>>>>>>>>>>>> ......................... AD06 passed test Advertising
>>>>>>>>>>>>> Starting test: KnowsOfRoleHolders
>>>>>>>>>>>>> ......................... AD06 passed test
>>>>>>>>>>>>> KnowsOfRoleHolders
>>>>>>>>>>>>> Starting test: RidManager
>>>>>>>>>>>>> ......................... AD06 passed test RidManager
>>>>>>>>>>>>> Starting test: MachineAccount
>>>>>>>>>>>>> ......................... AD06 passed test MachineAccount
>>>>>>>>>>>>> Starting test: Services
>>>>>>>>>>>>> ......................... AD06 passed test Services
>>>>>>>>>>>>> Starting test: ObjectsReplicated
>>>>>>>>>>>>> ......................... AD06 passed test
>>>>>>>>>>>>> ObjectsReplicated
>>>>>>>>>>>>> Starting test: frssysvol
>>>>>>>>>>>>> ......................... AD06 passed test frssysvol
>>>>>>>>>>>>> Starting test: kccevent
>>>>>>>>>>>>> ......................... AD06 passed test kccevent
>>>>>>>>>>>>> Starting test: systemlog
>>>>>>>>>>>>> ......................... AD06 passed test systemlog
>>>>>>>>>>>>> Running enterprise tests on : hkcec.nws
>>>>>>>>>>>>> Starting test: Intersite
>>>>>>>>>>>>> ......................... hkcec.nws passed test Intersite
>>>>>>>>>>>>> Starting test: FsmoCheck
>>>>>>>>>>>>> ......................... hkcec.nws passed test FsmoCheck
>>>>>>>>>>>>> Netdiag result
>>>>>>>>>>>>> C:\Documents and Settings\Administrator.HKCEC>netdiag
>>>>>>>>>>>>> /d:hkcec.nws
Similar Threads
