Demoting

A

Amir M.

Hi,

When using DCPromo to demote and then promote a DC, is
there anything in Active Directory that might be lost?

According to Symantec, we should demote a DC when trying
to clone and then promote it after having restored the
image, when using V2i Protector Server Edition. Has
anyone used this product to clone DC?

Thanks
 
P

ptwilliams

When you demote it all info. regarding that DC is deleted.

You should demote before cloning. You should then repromote once imaged.

You wouldn't want to be in a scenario whereby you have a clone of a live
DC!!!!


--

Paul Williams
_________________________________________
http://www.msresource.net


Join us in our new forums!
http://forums.msresource.net
_________________________________________


Hi,

When using DCPromo to demote and then promote a DC, is
there anything in Active Directory that might be lost?

According to Symantec, we should demote a DC when trying
to clone and then promote it after having restored the
image, when using V2i Protector Server Edition. Has
anyone used this product to clone DC?

Thanks
 
S

Steve

I am not sure on the product in question but I do know that the machine
will also need to be sysprep'd so as to run the mini setup wizard to
generate a new computer name, and Sid for the server, the deployment tools
has info on this.

http://www.microsoft.com/windows2000/techinfo/planning/incremental/sysprep11.asp

don't forget to get rid of the pagefile before you clone it to reduced the
image size


The dc promo process can also be scripted if required also


The MS Branch Office Guide has a lot of info on pre-staging domain
controllers for deployment
rgds
Steve
 
A

Amir M.

Steve,

If only one of the identical DCs is going to be online,
then I shouldn't be worrying about the SID. Should I?

Thanks
 
G

Guest

Paul,

So, when I demote a DC, do I loose all the computer and
user accounts in Active Directory? That seems to defeat
the purpose of cloning a DC for disaster recovery. So,
why should I even bother to clone a DC? Please, correct
me if I am wrong.

Thanks
 
P

ptwilliams

Not if there are other DCs. If you only have one DC then yes. I meant that
if you demote a DC, all info. regarding *that* DC is removed from the AD
(which is stored on each of the other DCs).

If you are looking to get an exact replica of your DC to put on an isolated
network to test things then cloning it is fine. If you simply wish to mimic
the configuration so that you may deploy multiple DCs you will need to
demote, clone, and then repromote each box.

Does this better explain things? So, in summary...Demoting removes *that*
DC from the domain not user accounts, etc. You should not clone a live DC
and deploy that clone elsewhere in the tree without demoting it first. If
you wish to clone for testing in an isolated LAN or offline, then cloning is
fine.

--

Paul Williams
_________________________________________
http://www.msresource.net


Join us in our new forums!
http://forums.msresource.net
_________________________________________


Paul,

So, when I demote a DC, do I loose all the computer and
user accounts in Active Directory? That seems to defeat
the purpose of cloning a DC for disaster recovery. So,
why should I even bother to clone a DC? Please, correct
me if I am wrong.

Thanks
 
S

Steve

Hi Amir
if your a small forest and your in control of when it is installed on the
production network no.

If your big with lots of dc's then it's worth using sysprep.

you'll also want the latest system state data perform an AD DR restore

Paul's later comments are worthy of note as well

rgds
Steve
 
P

ptwilliams

No it will not. Just ensure there are other DCs in place first, as well as
GCs. And that you've got DNS elsewhere...


--

Paul Williams
_________________________________________
http://www.msresource.net


Join us in our new forums!
http://forums.msresource.net
_________________________________________


message I would like to demote a an old PDC (We brought in a new Server) without
disturbing a SQL accounting app. It would then be a member server on the new
domain.
Will Demoting the old server wipe my apps?
 
G

Guest

Thanks for the quick response!

When the new server came in we moved to a totally new domain. The only tie we have to the old server is this accounting application.
 
H

Hank Arnold

I'd also take the original DC off line and make sure the network works
without it for a few days. If all is OK, then bring it back on line and
demote it. Another alternative I've seen is to stop NETLOGON service while
keeping it on line....

Of course, this assumes that the server is currently doing nothing other
than serving as a DC....
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DCPROMO Virtual Server 4
Question re AD Mode 9
Problem Demoting Domain Controller (2003) 4
Domain controller demotion 1
Swapping Out Domain Controllers - Part 2 4
Crashed DC not demoted; brought back online not as DC 2
Procedure to come back from failed AD 2
Replacing an AD DC with new AD DC 3

Top