Replace 2k DC with same name

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I have two DC's in my network. The second DC is really just an old
mule so I have ALL the FSMO roles on the first DC.

I would like to move my second DC to a better computer. To do this, I
will need to reinstall the OS on the new computer then DCPromo it to
the domain.

I would like to keep the same name. What is the best way to do this?

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Thanks!

Although I'm in a position to do this the right way, what do you do
when your server dies and you don't get the opportunity to demote the
DC?

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Just a thought:

dcpromo the 'old mule'. But first make sure that any and all FSMO roles are
on the new one. Sounds like you have done this already. I would also make
sure that any important services - like DNS, especially if DDNS - are
removed from the 'old mule'. Do this before running dcpromo.

After that has run successfully give it a little bit of time and then check
to make sure that everything has been removed from Active Directory. There
should be no more references to 'old mule' as a DC anymore. Check in DNS,
check in AD Sites and Services, etc.

Now, you have 'old mule' as a member server in the domain. You should be
able to rename the machine account. Give this time to propagate.

Then, add the new system to the domain and run dcpromo...


I am sure that there are other ways to do this. Just thinking off of the
top of my head.

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com



"Garet Jax" <kzatuu@gmail.com> wrote in message
news:1114792580.485484.105860@z14g2000cwz.googlegroups.com...
>I have two DC's in my network. The second DC is really just an old
> mule so I have ALL the FSMO roles on the first DC.
>
> I would like to move my second DC to a better computer. To do this, I
> will need to reinstall the OS on the new computer then DCPromo it to
> the domain.
>
> I would like to keep the same name. What is the best way to do this?
>

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Garet,

In that case, the earth parts and tries to swallow you up whole.

Frankly, you want to avoid this if at all possible. While this is rarely
catastrophic to the whole environment, it introduces errors and
instabilities that can persist until you manually do an ntds cleanup.

By far, the pros outweigh the cons here, so take the appropriate cautions
and do this the right way.

--
Ryan Hanisco
MCSE, MCDBA
FlagShip Integration Services
Chicago, IL

"Garet Jax" <kzatuu@gmail.com> wrote in message
news:1114799977.420819.268670@o13g2000cwo.googlegroups.com...
> Thanks!
>
> Although I'm in a position to do this the right way, what do you do
> when your server dies and you don't get the opportunity to demote the
> DC?
>

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Garet Jax laid this down on his screen :
> I have two DC's in my network. The second DC is really just an old
> mule so I have ALL the FSMO roles on the first DC.
>
> I would like to move my second DC to a better computer. To do this, I
> will need to reinstall the OS on the new computer then DCPromo it to
> the domain.
>
> I would like to keep the same name. What is the best way to do this?

you could use 'newsid' to do this
copy the sid from the old server
dcpromo the old server
remove the server from the network
set up a new server with the same name (being disconnected from your
network)
apply the SID from the old server
put the new server in the network
dcpromo the new server

grtz

--
This is an automatic signature of MesNews.
Site : http://www.mesnews.net

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

While this may work, I would STRONGLY suggest doing this along the great
advice Cary laid out in his post. That is the "right" way to do this and
you'll not end up with quirky remnants of abandoned SIDs in your directory.

--
Ryan Hanisco
MCSE, MCDBA
FlagShip Integration Services
Chicago, IL

"chriske911" <chriske911@yaghoo.com> wrote in message
news:mn.ecdb7d5442387d66.32006@yaghoo.com...
> Garet Jax laid this down on his screen :
>> I have two DC's in my network. The second DC is really just an old
>> mule so I have ALL the FSMO roles on the first DC.
>>
>> I would like to move my second DC to a better computer. To do this, I
>> will need to reinstall the OS on the new computer then DCPromo it to
>> the domain.
>>
>> I would like to keep the same name. What is the best way to do this?
>
> you could use 'newsid' to do this
> copy the sid from the old server
> dcpromo the old server
> remove the server from the network
> set up a new server with the same name (being disconnected from your
> network)
> apply the SID from the old server
> put the new server in the network
> dcpromo the new server
>
> grtz
>
> --
> This is an automatic signature of MesNews.
> Site : http://www.mesnews.net
>

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Ryan Hanisco was thinking very hard :
> While this may work, I would STRONGLY suggest doing this along the great
> advice Cary laid out in his post. That is the "right" way to do this and
> you'll not end up with quirky remnants of abandoned SIDs in your directory.
>
> --
> Ryan Hanisco
> MCSE, MCDBA
> FlagShip Integration Services
> Chicago, IL
>
> "chriske911" <chriske911@yaghoo.com> wrote in message
> news:mn.ecdb7d5442387d66.32006@yaghoo.com...
>> Garet Jax laid this down on his screen :
>>>
>>
>> you could use 'newsid' to do this
>> copy the sid from the old server
>> dcpromo the old server
>> remove the server from the network
>> set up a new server with the same name (being disconnected from your
>> network)
>> apply the SID from the old server
>> put the new server in the network
>> dcpromo the new server
>>
>> grtz
>>
>> -- This is an automatic signature of MesNews.
>> Site : http://www.mesnews.net
>>

but that's just te beauty of it
the SID of the new server is exactly the same as the old server
so all references in AD should be pointing to the new server
no remnants at all

grtz

--
This is an automatic signature of MesNews.
Site : http://www.mesnews.net

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

You would have to make sure that all references to the old server's SID were
completely out of AD before doing this. It is most likely that on promotion
any pre-existing matching SID references would just be discarded, but I
can't guarantee that. There is my concern. I know for a fact that the
other method works.

Maybe I'll lab this over the weekend.

--
Ryan Hanisco
MCSE, MCDBA
FlagShip Integration Services
Chicago, IL

"chriske911" <chriske911@yaghoo.com> wrote in message
news:mn.ed5d7d541b439c9a.32006@yaghoo.com...
> Ryan Hanisco was thinking very hard :
>> While this may work, I would STRONGLY suggest doing this along the great
>> advice Cary laid out in his post. That is the "right" way to do this and
>> you'll not end up with quirky remnants of abandoned SIDs in your
>> directory.
>>
>> --
>> Ryan Hanisco
>> MCSE, MCDBA
>> FlagShip Integration Services
>> Chicago, IL
>>
>> "chriske911" <chriske911@yaghoo.com> wrote in message
>> news:mn.ecdb7d5442387d66.32006@yaghoo.com...
>>> Garet Jax laid this down on his screen :
>>>>
>>>
>>> you could use 'newsid' to do this
>>> copy the sid from the old server
>>> dcpromo the old server
>>> remove the server from the network
>>> set up a new server with the same name (being disconnected from your
>>> network)
>>> apply the SID from the old server
>>> put the new server in the network
>>> dcpromo the new server
>>>
>>> grtz
>>>
>>> -- This is an automatic signature of MesNews.
>>> Site : http://www.mesnews.net
>>>
>
> but that's just te beauty of it
> the SID of the new server is exactly the same as the old server
> so all references in AD should be pointing to the new server
> no remnants at all
>
> grtz
>
> --
> This is an automatic signature of MesNews.
> Site : http://www.mesnews.net
>