Migration steps from one PDC/exchange to separate server for each

Hello,



In the company I'm working for we have one server installed with windows
2003 performing the PDC services, and on the top of it the Exchange 2003
std.

For security reasons, I think that we should separate Exchange and PDC on
different machines.

The server warranty is about to expire in one month and it will be ideal
moment to do the transfer.



What will be the steps to perform the domain controller roles transfer and
on what should I pay attention for the exchange transition to finally shut
down the old machine.

Old server is installed with w2k3 sp2 + exchange 2003 sp2

New servers will be w2k3 2003 R2.



I really appreciate your time taking to answer my question.



Kind regards

Hello Robert,

Good idea to remove exchange from the DC. Security and also performance is
the reason, you are correct. Also you should still keep the old server as
a DC only for redundancy, so that you have 2 DC/DNS/GC servers in the domain.

For the steps "New DC":
- On the old server open DNS management console and check that you are running
Active directory integrated zone (easier for replication, if you have more
then one DNS server and both are full writable)

- run replmon from the run line or repadmin /showrepl (only if more then
one DC exist), dcdiag and netdiag from the command prompt on the old machine
to check for errors, if you have some post the complete output from the command
here or solve them first. For this tools you have to install the support\tools\suptools.msi
from the 2000 or 2003 installation disk.

- upgrade the schema with adprep command's from the second R2 disk to schema
version 31(2003 R2), 2003 is version 30, check with "schupgr" in a command
prompt

- Install the new machine as a member server in your existing domain and
configure a fixed ip and set the preferred DNS server to the old DNS server
only

- run dcpromo and follow the wizard to add the 2003 server to an existing
domain

- if you are prompted for DNS configuration choose Yes (also possible that
no DNS preparation occur), then install DNS after the reboot

- for DNS give the server time for replication, at least 15 minutes. Because
you use Active directory integrated zones it will automatically replicate
the zones to the new server. Open DNS management console to check that they
appear

- if the new machine is domain controller and DNS server run again replmon,
dcdiag and netdiag on both domain controllers

- if you have no errors, make the new server Global catalog server, open
Active directory Sites and Services and then double-click sitename, double-click
Servers, click your domain controller, right-click NTDS Settings, and then
click Properties, on the General tab, click to select the Global catalog
check box (http://support.microsoft.com/?id=313994)

- Transfer, NOT seize the 5 FSMO roles to the new Domain controller (http://support.microsoft.com/kb/324801)

- you can see in the event viewer (Directory service) that the roles are
transferred, also give it some time

- reconfigure the DNS configuration on your NIC of the 2003 server, preferred
DNS itself, secondary the old one

- if you use DHCP do not forget to reconfigure the scope settings to point
to the new installed DNS server, do ont forget machines with fixed ip's

- export and import of DHCP database (if needed) (http://support.microsoft.com/kb/325473)

- run replmon, dcdiag and netdiag on both domain controllers to make sure
everything is fine


For the steps "New Exchange":
- Install the new machine as a member server in your existing domain and
configure a fixed ip and set the preferred DNS server to the new DC/DNS and
the secondary to the old one(if you keep it)

- install Exchange as additional server in the existing Exchange site

- follow this to move and prepare for removing of the first exchange server:
http://support.microsoft.com/kb/822931/

- when the old exchange is removed you can demote the old DC, NOT before,
but as said before think about keeping the DC for redundancy and failover
reason.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello,
>
> In the company I'm working for we have one server installed with
> windows 2003 performing the PDC services, and on the top of it the
> Exchange 2003 std.
>
> For security reasons, I think that we should separate Exchange and PDC
> on different machines.
>
> The server warranty is about to expire in one month and it will be
> ideal moment to do the transfer.
>
> What will be the steps to perform the domain controller roles transfer
> and on what should I pay attention for the exchange transition to
> finally shut down the old machine.
>
> Old server is installed with w2k3 sp2 + exchange 2003 sp2
>
> New servers will be w2k3 2003 R2.
>
> I really appreciate your time taking to answer my question.
>
> Kind regards
>

Hello Robert,

Demoting the old DC (if needed)

- reconfigure your clients/servers that they not longer point to the old
DC/DNS server on the NIC

- to be sure that everything runs fine, disconnect the old DC from the network
and check with clients and servers the connectivity, logon and also with
one client a restart to see that everything is ok

- then run dcpromo to demote the old DC, if it works fine the machine will
move from the DC's OU to the computers container, where you can delete it
by hand. Can be that you got an error during demoting at the beginning, then
uncheck the Global catalog on that DC and try again

- check the DNS management console, that all entries from the machine are
disappeared or delete them by hand if the machine is off the network for ever

- also you have to start AD sites and services and delete the old servername
under the site, this will not be done during demotion

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello,
>
> In the company I'm working for we have one server installed with
> windows 2003 performing the PDC services, and on the top of it the
> Exchange 2003 std.
>
> For security reasons, I think that we should separate Exchange and PDC
> on different machines.
>
> The server warranty is about to expire in one month and it will be
> ideal moment to do the transfer.
>
> What will be the steps to perform the domain controller roles transfer
> and on what should I pay attention for the exchange transition to
> finally shut down the old machine.
>
> Old server is installed with w2k3 sp2 + exchange 2003 sp2
>
> New servers will be w2k3 2003 R2.
>
> I really appreciate your time taking to answer my question.
>
> Kind regards
>

Ok, many thanks for this mini step by step guide Meinolf!

I will first try to build test environment from live backup. If i have some
problems I will come back to this group.

Thank you very much!

Rob

"Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
news: .com...
> Hello Robert,
>
> Demoting the old DC (if needed)
>
> - reconfigure your clients/servers that they not longer point to the old
> DC/DNS server on the NIC
>
> - to be sure that everything runs fine, disconnect the old DC from the
> network and check with clients and servers the connectivity, logon and
> also with one client a restart to see that everything is ok
>
> - then run dcpromo to demote the old DC, if it works fine the machine will
> move from the DC's OU to the computers container, where you can delete it
> by hand. Can be that you got an error during demoting at the beginning,
> then uncheck the Global catalog on that DC and try again
>
> - check the DNS management console, that all entries from the machine are
> disappeared or delete them by hand if the machine is off the network for
> ever
>
> - also you have to start AD sites and services and delete the old
> servername under the site, this will not be done during demotion
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> Hello,
>>
>> In the company I'm working for we have one server installed with
>> windows 2003 performing the PDC services, and on the top of it the
>> Exchange 2003 std.
>>
>> For security reasons, I think that we should separate Exchange and PDC
>> on different machines.
>>
>> The server warranty is about to expire in one month and it will be
>> ideal moment to do the transfer.
>>
>> What will be the steps to perform the domain controller roles transfer
>> and on what should I pay attention for the exchange transition to
>> finally shut down the old machine.
>>
>> Old server is installed with w2k3 sp2 + exchange 2003 sp2
>>
>> New servers will be w2k3 2003 R2.
>>
>> I really appreciate your time taking to answer my question.
>>
>> Kind regards
>>
>
>

Hello Robert,

Always a good idea to test before. You're welcome, also with additional questions.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Ok, many thanks for this mini step by step guide Meinolf!
>
> I will first try to build test environment from live backup. If i have
> some problems I will come back to this group.
>
> Thank you very much!
>
> Rob
>
> "Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
> news: .com...
>
>> Hello Robert,
>>
>> Demoting the old DC (if needed)
>>
>> - reconfigure your clients/servers that they not longer point to the
>> old DC/DNS server on the NIC
>>
>> - to be sure that everything runs fine, disconnect the old DC from
>> the network and check with clients and servers the connectivity,
>> logon and also with one client a restart to see that everything is ok
>>
>> - then run dcpromo to demote the old DC, if it works fine the machine
>> will move from the DC's OU to the computers container, where you can
>> delete it by hand. Can be that you got an error during demoting at
>> the beginning, then uncheck the Global catalog on that DC and try
>> again
>>
>> - check the DNS management console, that all entries from the machine
>> are disappeared or delete them by hand if the machine is off the
>> network for ever
>>
>> - also you have to start AD sites and services and delete the old
>> servername under the site, this will not be done during demotion
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hello,
>>>
>>> In the company I'm working for we have one server installed with
>>> windows 2003 performing the PDC services, and on the top of it the
>>> Exchange 2003 std.
>>>
>>> For security reasons, I think that we should separate Exchange and
>>> PDC on different machines.
>>>
>>> The server warranty is about to expire in one month and it will be
>>> ideal moment to do the transfer.
>>>
>>> What will be the steps to perform the domain controller roles
>>> transfer and on what should I pay attention for the exchange
>>> transition to finally shut down the old machine.
>>>
>>> Old server is installed with w2k3 sp2 + exchange 2003 sp2
>>>
>>> New servers will be w2k3 2003 R2.
>>>
>>> I really appreciate your time taking to answer my question.
>>>
>>> Kind regards
>>>

Hello,

>
> - upgrade the schema with adprep command's from the second R2 disk to
> schema version 31(2003 R2), 2003 is version 30, check with "schupgr" in a
> command prompt

Could I do this:

Install the new server with R2 components
Once installation finished, run dcpromo on the new server and at this point
the wizard will upgrade the schema with the new version?

or

should I take the R2 cd and execute it on the old PDC?

What will be best practice?

Hello Robert,

The schema has to be prepared on the existing schema master so on your 2003
DC.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello,
>
>> - upgrade the schema with adprep command's from the second R2 disk to
>> schema version 31(2003 R2), 2003 is version 30, check with "schupgr"
>> in a command prompt
>>
> Could I do this:
>
> Install the new server with R2 components
> Once installation finished, run dcpromo on the new server and at this
> point
> the wizard will upgrade the schema with the new version?
> or
>
> should I take the R2 cd and execute it on the old PDC?
>
> What will be best practice?
>