Replace 2k DC with same name

[Garet Jax]

I have two DC's in my network. The second DC is really just an old
mule so I have ALL the FSMO roles on the first DC.

I would like to move my second DC to a better computer. To do this, I
will need to reinstall the OS on the new computer then DCPromo it to
the domain.

I would like to keep the same name. What is the best way to do this?

 

[Cary Shultz [A.D. MVP]]

Just a thought:

dcpromo the 'old mule'. But first make sure that any and all FSMO roles are
on the new one. Sounds like you have done this already. I would also make
sure that any important services - like DNS, especially if DDNS - are
removed from the 'old mule'. Do this before running dcpromo.

After that has run successfully give it a little bit of time and then check
to make sure that everything has been removed from Active Directory. There
should be no more references to 'old mule' as a DC anymore. Check in DNS,
check in AD Sites and Services, etc.

Now, you have 'old mule' as a member server in the domain. You should be
able to rename the machine account. Give this time to propagate.

Then, add the new system to the domain and run dcpromo...


I am sure that there are other ways to do this. Just thinking off of the
top of my head.

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com

 

[Garet Jax]

Thanks!

Although I'm in a position to do this the right way, what do you do
when your server dies and you don't get the opportunity to demote the
DC?

 

[chriske911]

Garet Jax laid this down on his screen :

I have two DC's in my network. The second DC is really just an old
mule so I have ALL the FSMO roles on the first DC.

I would like to move my second DC to a better computer. To do this, I
will need to reinstall the OS on the new computer then DCPromo it to
the domain.

I would like to keep the same name. What is the best way to do this?

you could use 'newsid' to do this
copy the sid from the old server
dcpromo the old server
remove the server from the network
set up a new server with the same name (being disconnected from your
network)
apply the SID from the old server
put the new server in the network
dcpromo the new server

grtz

 

[Ryan Hanisco]

Garet,

In that case, the earth parts and tries to swallow you up whole.

Frankly, you want to avoid this if at all possible. While this is rarely
catastrophic to the whole environment, it introduces errors and
instabilities that can persist until you manually do an ntds cleanup.

By far, the pros outweigh the cons here, so take the appropriate cautions
and do this the right way.

 

[Ryan Hanisco]

While this may work, I would STRONGLY suggest doing this along the great
advice Cary laid out in his post. That is the "right" way to do this and
you'll not end up with quirky remnants of abandoned SIDs in your directory.

 

[chriske911]

Ryan Hanisco was thinking very hard :

While this may work, I would STRONGLY suggest doing this along the great
advice Cary laid out in his post. That is the "right" way to do this and
you'll not end up with quirky remnants of abandoned SIDs in your directory.

--
Ryan Hanisco
MCSE, MCDBA
FlagShip Integration Services
Chicago, IL

but that's just te beauty of it
the SID of the new server is exactly the same as the old server
so all references in AD should be pointing to the new server
no remnants at all

grtz

 

[Ryan Hanisco]

You would have to make sure that all references to the old server's SID were
completely out of AD before doing this. It is most likely that on promotion
any pre-existing matching SID references would just be discarded, but I
can't guarantee that. There is my concern. I know for a fact that the
other method works.

Maybe I'll lab this over the weekend.