Replacing old server running Win2k with new server running Win2k3

Discussion in 'Active Directory' started by Dan DeCoursey, Sep 2, 2008.

  1. Hello,
    Our old Win2kserver is getting disposed we have a newer server running
    Win2k3 that is a member server in our domain we are planning to have this
    newer server assume the role of Domain controller.

    Our existing server has all roles and since it was our only server we have
    no replcation at all and this old boy has all roles so nothing has been
    assigned to any other server.......

    Do I really need to run AD migration? Most supportive info I see states I
    need to :
    Run ADPrep/DomainPrep and Forestprep ( on which server?)
    then run DCPROMO on this newer Win2k3 box

    In stall DNS snap-in on this newer server
    transfer FMSO roles to thie new Win2k3 DC

    Is this all there is to it ....... is there more that has to be done with

    I guess I just need the process validated I appreciate any help
    Dan DeCoursey, Sep 2, 2008
    1. Advertisements

  2. Dan DeCoursey

    Zoddy Guest

    Make sure you have the latest service pack on your server
    Then you do run Run ADPrep/DomainPrep and Forestprep on your Windows 2000
    Server, this prepares AD for the new Windows 2003 Server
    Then yes you can DCpromo the windows 2003 server(make sure you have a DNS
    entry to your old 2000 server) and make sure you choose an additional domain
    controller option and not new domain option, you can install DNS at this time
    or install the snap in later as you suggested

    Then you will have a 2000 DC and a 2003 DC on your network
    You can then manually move the FSMO Roles to the windows 2003 server, but if
    you just demote the Windows 2000 DC and make sure not to choose this is the
    last domain controller in the forest, the demotion will move the FSMO roles
    over to the 2003 server for you.

    There should be a number of Tech articles out there such as

    Make sure you have a good backup before you do any of this, last thing you
    want is to have a bad upgrade and have no way to go back.
    Zoddy, Sep 3, 2008
    1. Advertisements

  3. Hello Dan,


    One question first:
    Is the old server also Exchange server and will it be taken out of the domain

    forever, when the new server is running?

    - On the old server open DNS management console and check that you are running
    Active directory integrated zone (easier for replication, if you have more
    then one DNS server)

    - run replmon, dcdiag and netdiag on the old machine to check for errors,
    if you have some post the complete output from the command here or solve
    them first

    - run adprep /forestprep and adprep /domainprep from the 2003 installation
    disk against the 2000 server, with an account that is member of the Schema
    admins, to upgrade the schema to the new version

    - Install the new machine as a member server in your existing domain

    - configure a fixed ip and set the preferred DNS server to the old DNS server

    - run dcpromo and follow the wizard to add the 2003 server to an existing

    - if you are prompted for DNS configuration choose Yes (also possible that
    no DNS preparation occur), then install DNS after the reboot

    - for DNS give the server time for replication, at least 15 minutes. Because
    you use Active directory integrated zones it will automatically replicate
    the zones to the new server. Open DNS management console to check that they

    - if the new machine is domain controller and DNS server run again replmon,
    dcdiag and netdiag on both domain controllers

    - if you have no errors, make the new server Global catalog server, open
    Active directory Sites and Services and then double-click sitename, double-click
    Servers, click your domain controller, right-click NTDS Settings, and then
    click Properties, on the General tab, click to select the Global catalog
    check box (

    - Transfer, NOT seize the 5 FSMO roles to the new Domain controller (

    - you can see in the event viewer (Directory service) that the roles are
    transferred, also give it some time

    - reconfigure the DNS configuration on your NIC of the 2003 server, preferred
    DNS itself, secondary the old one

    - if you use DHCP do not forget to reconfigure the scope settings to point
    to the new installed DNS server

    - export and import of DHCP database (if needed)

    Demoting the old if needed:

    - reconfigure your clients/servers that they not longer point to the old
    DC/DNS server on the NIC

    - to be sure that everything runs fine, disconnect the old DC from the network
    and check with clients and servers the connectivity, logon and also with
    one client a restart to see that everything is ok

    - then run dcpromo to demote the old DC, if it works fine the machine will
    move from the DC's OU to the computers container, where you can delete it
    by hand. Can be that you got an error during demoting at the beginning, then
    uncheck the Global catalog on that DC and try again

    - check the DNS management console, that all entries from the machine are
    disappeared or delete them by hand if the machine is off the network for ever

    Best regards

    Meinolf Weber
    Meinolf Weber, Sep 3, 2008
  4. Existing DC is not running Exchange
    Since HP has stated "end of life" on this server it will be relogated to a
    utilitairin existance and not used to support any "production" endeavours
    nut it will remian running in the domain

    Dan DeCoursey, Sep 3, 2008
  5. These utilities you list here do not seem to be available on my W2k
    server....... whered o iget them and what versions are proper to run on the
    W2kserver ?
    I do not think any replication is setup since there is only ythis one is it still necessary to run that replmon?

    Dan DeCoursey, Sep 3, 2008
  6. Hello Dan,

    On the 2000 or 2003 install disk you have under tools\support\suptools.msi,
    doubleclick it and it installs the support tools.

    Best regards

    Meinolf Weber
    Meinolf Weber, Sep 3, 2008
  7. Meinolf,

    So after all this adprep stuff is run andthen the DCPROMO then Active
    directory will now be on the new DC and all user authentication will be done
    by this new DC ?? I could decomission the old one and power it down and users
    would never know the difference?
    Dan DeCoursey, Sep 4, 2008
  8. Hello Dan,

    If you did all steps from my first answer, including moving the FSMO roles,
    GC, install DNS, move DHCP if needed and reconfigure the clients to use the
    new DNS server it should work, yes.
    Also as stated, for testing disconnect the old one for some days from the
    network and check all services your users need. If the old is disconnected
    and you found no problems you can start to demote the old server.

    Best regards

    Meinolf Weber
    Meinolf Weber, Sep 5, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.