New server setup

[Anders Björk]

Hi!

How do I best demote a w2k server that has all roles and DNS, WINS installed
on it?

I'm setting up new server now. Should install a DNS before joining the
domain or after? Should the IP-number on the network settings on the
newserver be 127.0.0.1 or the external IP-number?

BR
Anders

 

[Cary Shultz [A.D. MVP]]

Anders,

I would first suggest that you join the new server to the domain as a Member
Server and then run DCPROMO on it so that it becomes a DC ( let's call it
'DC2' ). Make sure that you have given it a static IP Address ( not sure
what you mean by 'external' IP Address ) and that you include ONLY your
Internal DNS Server(s) IP Address(es) in the TCP/IP Configuration settings.
The only place for any external DNS Server ( such as your ISP ) information
is in the Forwarders tab.

Install DNS on it as well as WINS ( do you need WINS? Do you have
down-level clients - WIN9x/WINNT 4.0 - in your environment? ) as well as any
other 'services' ( possibly DHCP? ). Consider using Active Directory
Integrated DNS ( aka Dynamic DNS aka DDNS ). This might be a good choice
here.

I might suggest that you also create a Reverse Lookup Zone in DNS ( also
Active Directory Integrated ).

I would then make sure that DC2 is also a Global Catalog Server.

How To:
http://support.microsoft.com/?id=313994

If you have not already done so I might set up Active Directory Sites and
Services.

How To:
http://support.microsoft.com/?id=318480

Once you have all of this done and have made sure that everything has
replicated to the new DC I would manually transfer all five of the FSMO
Roles from DC1 to DC2. You can do this with the various MMCs or via
NTDSUtil. NOTE: you do not really need to do this as the dcpromo process
*should* transfer any of the FSMO Roles that the DC that you are dcpromoing
to the other DC in your environment. However, I like to manually do this so
that I can control this part of the process better.

Using NTDSUtil
http://support.microsoft.com/?id=255504

Using the MMCs
http://support.microsoft.com/?id=255690

I would then make sure that any user folders/files et al were somehow moved
over from DC1 to DC2 ( xcopy is a possible tool for this ) - if you plan on
removing this server from the Domain entirely.

Once I was sure that all of this happened I would simply dcpromo DC1 down to
Member Server status. Are you going to completely remove this server from
your environment or are you simply removing it from "DC-status"?


HTH,

Cary

 

[Anders Björk]

Thanks.
/Anders

Anders,

I would first suggest that you join the new server to the domain as a Member
Server and then run DCPROMO on it so that it becomes a DC ( let's call it
'DC2' ). Make sure that you have given it a static IP Address ( not sure
what you mean by 'external' IP Address ) and that you include ONLY your
Internal DNS Server(s) IP Address(es) in the TCP/IP Configuration settings.
The only place for any external DNS Server ( such as your ISP ) information
is in the Forwarders tab.

Install DNS on it as well as WINS ( do you need WINS? Do you have
down-level clients - WIN9x/WINNT 4.0 - in your environment? ) as well as any
other 'services' ( possibly DHCP? ). Consider using Active Directory
Integrated DNS ( aka Dynamic DNS aka DDNS ). This might be a good choice
here.

I might suggest that you also create a Reverse Lookup Zone in DNS ( also
Active Directory Integrated ).

I would then make sure that DC2 is also a Global Catalog Server.

How To:
http://support.microsoft.com/?id=313994

If you have not already done so I might set up Active Directory Sites and
Services.

How To:
http://support.microsoft.com/?id=318480

Once you have all of this done and have made sure that everything has
replicated to the new DC I would manually transfer all five of the FSMO
Roles from DC1 to DC2. You can do this with the various MMCs or via
NTDSUtil. NOTE: you do not really need to do this as the dcpromo process
*should* transfer any of the FSMO Roles that the DC that you are dcpromoing
to the other DC in your environment. However, I like to manually do this so
that I can control this part of the process better.

Using NTDSUtil
http://support.microsoft.com/?id=255504

Using the MMCs
http://support.microsoft.com/?id=255690

I would then make sure that any user folders/files et al were somehow moved
over from DC1 to DC2 ( xcopy is a possible tool for this ) - if you plan on
removing this server from the Domain entirely.

Once I was sure that all of this happened I would simply dcpromo DC1 down to
Member Server status. Are you going to completely remove this server from
your environment or are you simply removing it from "DC-status"?


HTH,

Cary

 

[Anders Björk]

My answer below

Anders,

I would first suggest that you join the new server to the domain as a Member
Server and then run DCPROMO on it so that it becomes a DC ( let's call it
'DC2' ). Make sure that you have given it a static IP Address ( not sure
what you mean by 'external' IP Address ) and that you include ONLY your
Internal DNS Server(s) IP Address(es) in the TCP/IP Configuration settings.
The only place for any external DNS Server ( such as your ISP ) information
is in the Forwarders tab.

Install DNS on it as well as WINS ( do you need WINS? Do you have
down-level clients - WIN9x/WINNT 4.0 - in your environment? ) as well as any
other 'services' ( possibly DHCP? ). Consider using Active Directory
Integrated DNS ( aka Dynamic DNS aka DDNS ). This might be a good choice
here.

I need WINS I have WIN9x/WINNT 4.0 clients, however they are less for each
year. But I have considered to install ADclient-pack on these.

I might suggest that you also create a Reverse Lookup Zone in DNS ( also
Active Directory Integrated ).

I would then make sure that DC2 is also a Global Catalog Server.

How To:
http://support.microsoft.com/?id=313994

If you have not already done so I might set up Active Directory Sites and
Services.

How To:
http://support.microsoft.com/?id=318480

Once you have all of this done and have made sure that everything has
replicated to the new DC I would manually transfer all five of the FSMO
Roles from DC1 to DC2. You can do this with the various MMCs or via
NTDSUtil. NOTE: you do not really need to do this as the dcpromo process
*should* transfer any of the FSMO Roles that the DC that you are dcpromoing
to the other DC in your environment. However, I like to manually do this so
that I can control this part of the process better.

Using NTDSUtil
http://support.microsoft.com/?id=255504

Using the MMCs
http://support.microsoft.com/?id=255690

I would then make sure that any user folders/files et al were somehow moved
over from DC1 to DC2 ( xcopy is a possible tool for this ) - if you plan on
removing this server from the Domain entirely.

Once I was sure that all of this happened I would simply dcpromo DC1 down to
Member Server status. Are you going to completely remove this server from
your environment or are you simply removing it from "DC-status"?

Probally remove it completely. It is PIII333 that is at bit tired..

 

[Cary Shultz [A.D. MVP]]

Anders,

If you still have down-level clients then you will want to keep WINS around,
even with the DSClient installed on them ( unless I am missing something! ).

About the server, did you mean PII-333? I *thought* that the PIII's started
at 450MHz? Either way, it might not be a bad idea to remove it completely.
It is a bit outdated. I hope that you are going to replace it, though.
Having two Domain Controllers is a very good thing. If you are not going to
replace it immediately then I might just consider keeping it around until
you do replace it. It can be completely removed from the domain and then
you can do a wipe and load, making it simply a DC/DNS Server....But it is
really old!

HTH,

Cary

 

[Anders Björk]

It was a typo PII333 is the now somewhat sleepy sever, well in the
university we tend keep the money .....

Well now I'am bit confused, will I still need WINS even if all down-level
clients have DSC-clients on them?

 

[Cary Shultz [A.D. MVP]]

Anders,

Sorry for the late reply.

I believe that you will still need WINS for your down-level clients - even
if they have the DSCLient extensions installed.

You would need WINS for their name resolution. Adding the DSClient
extensions gives those clients a few "AD-Aware" abilities- like determining
in which Site they are located....

HTH,

Cary

It was a typo PII333 is the now somewhat sleepy sever, well in the
university we tend keep the money .....

Well now I'am bit confused, will I still need WINS even if all down-level
clients have DSC-clients on them?

Anders,

If you still have down-level clients then you will want to keep WINS around,
even with the DSClient installed on them ( unless I am missing something! ).

About the server, did you mean PII-333? I *thought* that the PIII's started
at 450MHz? Either way, it might not be a bad idea to remove it completely.
It is a bit outdated. I hope that you are going to replace it, though.
Having two Domain Controllers is a very good thing. If you are not

going

to
replace it immediately then I might just consider keeping it around until
you do replace it. It can be completely removed from the domain and then
you can do a wipe and load, making it simply a DC/DNS Server....But it is
really old!

HTH,

Cary

My answer below

"Cary Shultz [A.D. MVP]" <[email protected]> skrev i meddelandet
Anders,

I would first suggest that you join the new server to the domain as a
Member
Server and then run DCPROMO on it so that it becomes a DC ( let's

call
it

'DC2' ). Make sure that you have given it a static IP Address ( not sure
what you mean by 'external' IP Address ) and that you include ONLY your
Internal DNS Server(s) IP Address(es) in the TCP/IP Configuration
settings.
The only place for any external DNS Server ( such as your ISP )
information
is in the Forwarders tab.

Install DNS on it as well as WINS ( do you need WINS? Do you have
down-level clients - WIN9x/WINNT 4.0 - in your environment? ) as

well

as Sites
and server
from

 

[Anders Björk]

Thanks!

Anders,

Sorry for the late reply.

I believe that you will still need WINS for your down-level clients - even
if they have the DSCLient extensions installed.

You would need WINS for their name resolution. Adding the DSClient
extensions gives those clients a few "AD-Aware" abilities- like determining
in which Site they are located....

HTH,

Cary

It was a typo PII333 is the now somewhat sleepy sever, well in the
university we tend keep the money .....

Well now I'am bit confused, will I still need WINS even if all down-level
clients have DSC-clients on them?

Anders,

If you still have down-level clients then you will want to keep WINS around,
even with the DSClient installed on them ( unless I am missing something! ).

About the server, did you mean PII-333? I *thought* that the PIII's started
at 450MHz? Either way, it might not be a bad idea to remove it completely.
It is a bit outdated. I hope that you are going to replace it, though.
Having two Domain Controllers is a very good thing. If you are not

going

to
replace it immediately then I might just consider keeping it around until
you do replace it. It can be completely removed from the domain and then
you can do a wipe and load, making it simply a DC/DNS Server....But it is
really old!

HTH,

Cary

My answer below

"Cary Shultz [A.D. MVP]" <[email protected]> skrev i meddelandet
Anders,

I would first suggest that you join the new server to the domain

as

a well for
each (
also you
plan

 

[Cary Shultz [A.D. MVP]]

You are very welcome!

Cary

Thanks!

Anders,

Sorry for the late reply.

I believe that you will still need WINS for your down-level clients - even
if they have the DSCLient extensions installed.

You would need WINS for their name resolution. Adding the DSClient
extensions gives those clients a few "AD-Aware" abilities- like determining
in which Site they are located....

HTH,

Cary

It was a typo PII333 is the now somewhat sleepy sever, well in the
university we tend keep the money .....

Well now I'am bit confused, will I still need WINS even if all down-level
clients have DSC-clients on them?


"Cary Shultz [A.D. MVP]" <[email protected]> skrev i meddelandet
Anders,

If you still have down-level clients then you will want to keep WINS
around,
even with the DSClient installed on them ( unless I am missing
something! ).

About the server, did you mean PII-333? I *thought* that the PIII's
started
at 450MHz? Either way, it might not be a bad idea to remove it
completely.
It is a bit outdated. I hope that you are going to replace it, though.
Having two Domain Controllers is a very good thing. If you are not going
to
replace it immediately then I might just consider keeping it around until
you do replace it. It can be completely removed from the domain and then
you can do a wipe and load, making it simply a DC/DNS Server....But

it
is

really old!

HTH,

Cary

My answer below

"Cary Shultz [A.D. MVP]" <[email protected]> skrev i meddelandet
Anders,

I would first suggest that you join the new server to the domain

as

a
Member
Server and then run DCPROMO on it so that it becomes a DC (

let's
call

it
'DC2' ). Make sure that you have given it a static IP Address ( not
sure
what you mean by 'external' IP Address ) and that you include ONLY
your
Internal DNS Server(s) IP Address(es) in the TCP/IP Configuration
settings.
The only place for any external DNS Server ( such as your ISP )
information
is in the Forwarders tab.

Install DNS on it as well as WINS ( do you need WINS? Do you have
down-level clients - WIN9x/WINNT 4.0 - in your environment? ) as well
as
any
other 'services' ( possibly DHCP? ). Consider using Active Directory
Integrated DNS ( aka Dynamic DNS aka DDNS ). This might be a good
choice
here.
I need WINS I have WIN9x/WINNT 4.0 clients, however they are less for
each
year. But I have considered to install ADclient-pack on these.

I might suggest that you also create a Reverse Lookup Zone in

DNS

( everything
has

manually

do