Disabling a W2k DC and making a newer server the main DC

[mattwjohnson]

Here is the situation...Have an older W2k Domain controller, have a
newer server that is also a w2k domain controller. At one time the 2
domain controller's were talking to one another and so it seems as
though everything is ok on the newer DC regarding Active Directory and
such. The old server's SYSVOL is not being shared, my docs and group
policy doesn't seem to be working. I want to disable the old Domain
Controller and make the newer DC the Main controller that the users
login to. I have tried just shutting down DC1 and seeing if it would
just default to DC2 but I can't get logged in??? I also have the users
My Documents redirected and they sit on the old DC. The users are no
longer getting MY documents when they login so they have had to make
shortcuts by going through Network places. So How do I move that
userdata shared folder that has each users documents that they have
exclusive rights to. I have attempted to move but have not been
successful. It's all a mess...But the good news is that I have 3 new
servers with w2k3 almost ready to go and I want to then start from
scratch, but I am not sure ihow to do that either without going to 3
different offices and removing each pc from the domain and then adding
them back especially since we want the same domain name...so I need
some help can any one help me>???

 

[Guest]

It appears to me that you need to do some reading on the subject. You are
not following any standard procedures for maintaining or upgrading Windows
2000 server.

This has resulted in the following:

1. I suspect you did not bring the 2nd Windows 2000 server into the existing
2000 Forest but as its own Forest/Domain with the same name. This is why you
couldn't logon when you shut down the DC.
2. no mention of transferring the Global Catalog to the new 2000 DC
3. no mention of transferring the FSMO roles to the new 2000 DC
4. no mention of the new DC having DNS server or of it containing server
host/ptr entries
5. no mention that Microsoft recommends a minimum of two DC's with each
holding the Global Catalog and DNS server for failover.

At this point you have 3 new 2003 servers which you may want to use to build
your forest from scratch. But if you don't learn what you need to do you
will end up with the same results you have experienced with your 2000 forest.

If you want to consider bringing the 2003 servers into your existing Forest
you have a lot to do. You have to get your present forest and the domain it
contains fully operational in native mode. Then you need to run adprep from
the 2003 server cd to update AD to contain the new 2003 objects. Then you
can add the servers as DCs to your existing forest. If you only want to add
them as member servers then you don't have to do adprep [google or read the
tech docs on the adprep switches]

You have a lot of work to do. Good luck!

 

[Phreeze]

To answer some questions....

Yes the 2nd DC is in the Domain

2. Yesterday I figured out the Global Catalog and added it and tested
by shutting the other box down.

3 I did not switch the FSMO roles yet but now know how to do it now

4.Both DC have DNS setup on them

So I have a couple things figured out but lets see if you can answer
this. Group policy does not seem to be working properly. When I shut
the 1 DC down and logged in from a pc successfully to the the 2 DC I
then explored Group policy because when I logged in it started trying
to Sync offline files. So I remoted the #2 DC and got into Users and
Computers when I tried to bring up group policy on the Company's OU it
took forever then camback wiht a message/error giving me choices to use
any domain controller and 2 other choices I can't remember. Anyways I
picked use any available dc. So when I picked one of the Group Policies
I had set long ago it errored out and brought up a screen but I
couldn't see or edit any of the policies...So I made a new one that
should have stopped the OFFline files/Sync. I logged off, rebooted the
pc, logged back in and it tried to do the offline file sync again
because it could not find the redirected My Documents..What's going on?
Why are the policies not applying to the pc's

Is this something to do with FSMO roles?

Next I did a backup with nt backup of all the users MY documents and
restored to the dc 2. When I restored I chose not to keep the security
settings. iwas then able to get into the users Docs..So now I need to
make a shared folder then put all the users folders in there..I guess I
would need to give each user permissions to their folder and change the
redirect my documents group policy...but since grou policy is not
working this will not work..Can someone help??

After I get this done I want to either convert this 2000 AD to 2003 or
start from scratch on 2003...I will have 3 2003 DC's.

Also the AD is already in native Mode

It appears to me that you need to do some reading on the subject. You are
not following any standard procedures for maintaining or upgrading Windows
2000 server.

This has resulted in the following:

1. I suspect you did not bring the 2nd Windows 2000 server into the existing
2000 Forest but as its own Forest/Domain with the same name. This is why you
couldn't logon when you shut down the DC.
2. no mention of transferring the Global Catalog to the new 2000 DC
3. no mention of transferring the FSMO roles to the new 2000 DC
4. no mention of the new DC having DNS server or of it containing server
host/ptr entries
5. no mention that Microsoft recommends a minimum of two DC's with each
holding the Global Catalog and DNS server for failover.

At this point you have 3 new 2003 servers which you may want to use to build
your forest from scratch. But if you don't learn what you need to do you
will end up with the same results you have experienced with your 2000 forest.

If you want to consider bringing the 2003 servers into your existing Forest
you have a lot to do. You have to get your present forest and the domain it
contains fully operational in native mode. Then you need to run adprep from
the 2003 server cd to update AD to contain the new 2003 objects. Then you
can add the servers as DCs to your existing forest. If you only want to add
them as member servers then you don't have to do adprep [google or read the
tech docs on the adprep switches]

You have a lot of work to do. Good luck!