How to add an Additional Domain controller in an existing environment and promote it as Domain Controller

5 pts.
Tags:
Acitve Directory
Domain Controller
Microsoft Windows Server 2003
VLAN
Our environment contains two domain controllers with windows 2003 as O/S with the ip 10.0.2.12/8 and 10.0.2.13/8. Due to old hardware we want to install our domain controllers on new hardware with different IP as 192.168.15.1/24 and 192.168.15.2/24. Please provide me the steps to install the domain controller and decommission the old domain controllers. We are using VLAN such as 192.168.1.0/24,192.168.2.0/24,192.168.3.0/24 etc how do I configure DNS for it.

Answer Wiki

Thanks. We'll let you know when a new response is added.

There is not enough information here to give you a complete answer.

1. How is the routing setup between the 10.x.x.x network and the 192.x.x.x network? If there is none you will have a problem. The servers need to talk to each other.

2. What services will remain in the locations they are at now? AD requires DNS and I do not see any information about DNS in your question. Where is it? Will it be moving?

If I make the assumption that DNS is on the existing DCs as is DHCP and those servers will not remain, but every device will be moved from 10.x.x.x to 192.x.x.x AND the two networks CAN communicate with no traffic denied or blocked between the two then this is what I would do:

1. Add the 2 servers on the 192.x.x.x segment to the domain,
2. run DCPROMO to promote them to domain controllers,
3. add the GC role,
4. move the FSMO roles to those servers (balance the roles),
5. add DNS to the servers,
6. add DHCP to the servers (80/20 rule for failover),
7. change the existing DHCP server to reflect the new DNS servers,
8. DCPROMO on the old servers and remove the DC role from each.
9. Change all static devices to use the new DNS servers.
10. Remove the DNS role from the old servers.
11. Move all devices to the new segment.
12. Power off the old servers.

Test in between each step. Check event logs carefully. Test some more before making changes. Run replmon and dcdiag often to test replication and domain health.

At this point you should be done.

If my listed assumptions are incorrect STOP and do not proceed. You will need to make adjustments.

This “plan” is theoretical in nature and should not be executed without proper validation. I am not to be held responsible if your domain dies or becomes inaccessible.

Remember – BACKUP, BACKUP, BACKUP – I would recommend two (2) backups of each DC before starting.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following