0

We are currently a single domain on a single network running Server 2003 Standard and Exchange 2007.

I have a new server up and running (added to the domain already) with Server 2008 R2 on it. I want this to become my Primary Domain Controller, thus replacing my old Server 2003 server.

I know I should just be able to run dcpromo on the new server, then decomission my old server, and raise my domain functional level to match the 2008 server. My only concern is the Exchange 2007 server. Is there anything I need to know relevant to it before I start? Thanks!

ItsPronounced
  • 634
  • 4
  • 18
  • 40
  • 2
    There's no such thing as a primary domain controller. That went away with NT4 domains. – MDMarra Feb 18 '11 at 22:43
  • Do you currently have only 1 domain controller? – Christopher Feb 18 '11 at 22:55
  • Yes 1 domain controller. – ItsPronounced Feb 18 '11 at 23:01
  • @MarkM, I'm not arguing with you, but when I was doing the fsmo transfers, one of the roles was PDC. Is this not Primary domain Controller? – ItsPronounced Feb 19 '11 at 15:29
  • 2
    no. It's Primary Domain Controller *Emulator* and it's a role that can be transferred. PDC is a term from the old NT4 days when a single server did all of the heavy AD lifting and there were BDCs in case the PDC went down. PDC is an old NT4 technology, PDC Emulator is a FSMO role in modern Active Directories. Nowadays all Domain Controllers are peers, some just happen to hold roles for specialized operations. – MDMarra Feb 22 '11 at 03:35

2 Answers2

3

You need to run adprep first to update the Active Directory schema to recognize a 2008 R2 DC. Look for adprep.exe on your 2008 R2 DVD and run the following commands on your 2003 DC:

adprep /forestprep

adprep /domainprep /gpprep

adprep /rodcprep

If your 2003 server is a 32bit server, run adprep32.exe instead. Also make sure you change your DNS settings on all of your server network adapters to point to the new DC before you demote the old one.

EDIT: Remember to move all the FSMO roles to the new DC. Thanks tegbains!

zippy
  • 1,718
  • 3
  • 21
  • 36
  • 3
    Don't forget to transfer the FMSO, PDC, RID Master, etc roles on the win2k3 server (transfer the FSMO roles, DON'T seize) ⁃ ntdsutil ⁃ roles ⁃ connections ⁃ connect to server servername ⁃ transfer PDC, RID master, schema master, FSMO, etc. (all 5 roles) – tegbains Feb 19 '11 at 04:40
  • Done this. No Errors. What about any other system connected via LDAP? I have printers, firewalls that connect via ldap. – ItsPronounced Feb 19 '11 at 05:13
  • 1
    You'll need to have them point to the new DC. That means going to each one and reconfiguring it. – zippy Feb 23 '11 at 00:28
2

I am pretty sure this wont be a complete answer. But once you transfer the FSMO roles to the new DC(s) your concern should be DNS. Make sure Exchange is using the proper DNS AD server(s). Make sure you do all your FSMO role checks and ensure they have transferred to the new DC(s) and without errors. I moved from two 2003 DCs to two new 2008 R2 DCs without much issue, however we do not use Exchange. I even did it during normal business hours. My main concern was DNS and to ensure DHCP was giving out the latest servers. I decommissioned the old servers just a day or two after I moved all FSMO roles and ensured users were authenticating with the new servers. Just like Zippys answer you need to run adprep on the 2003 domain controller.

MDMarra
  • 100,734
  • 32
  • 197
  • 329
xeon
  • 3,806
  • 18
  • 18