"Moving" GPO from one DC to another
We are in the process of decommissioning our original DC which contains all of our GPOs. We have brought up 2 additional DC's and added AD to both.
The original DC was W2k3 R1. The new DC's are W2k3 x64 R2. I have transferred all 5 of the FSMO roles and run ADprep on one of the new DC's.
Before we can start decommissioning, we need to get GP on one of the new ones...but when I run the add/remove snap in, its asking me a quesion I dont know the answer to.
For any of you that have done this task before, could you help shed some light on what I need to google or what I need to do...as it doesnt look like I'm asking google the right questions
The original DC was W2k3 R1. The new DC's are W2k3 x64 R2. I have transferred all 5 of the FSMO roles and run ADprep on one of the new DC's.
Before we can start decommissioning, we need to get GP on one of the new ones...but when I run the add/remove snap in, its asking me a quesion I dont know the answer to.
For any of you that have done this task before, could you help shed some light on what I need to google or what I need to do...as it doesnt look like I'm asking google the right questions
Comments
-
RTmarc
Member Posts: 1,082 ■■■□□□□□□□
What is the question it is asking you?
By the way, you need to separate the FSMO roles between the two servers. One get's three and the other two.
http://support.microsoft.com/kb/223346
RID and PDC emulator go on one and the other server gets the other three. -
Mishra
Member Posts: 2,468 ■■■■□□□□□□
Get the GPMC as its great for working with GPOs.
I'm pretty sure that the GPOs are stored under the sysvol folder. That folder gets replicated throughout the domain so all your DCs should have copies of the GPOs.
If you don't have many GPOs go ahead and use the backup feature in GPMC just to make yourself feel better. -
Mishra
Member Posts: 2,468 ■■■■□□□□□□
Read this. It is a nice article.
http://searchwinit.techtarget.com/tip/0,289483,sid1_gci1206806,00.html# -
blargoe
Member Posts: 4,174 ■■■■■■■■■□
Download .net 1.1 here:
http://www.microsoft.com/downloads/details.aspx?FamilyId=262D25E3-F589-4842-8157-034D1E7CF3A3&displaylang=enIT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
HeroPsycho
Inactive Imported Users Posts: 1,940
Dude, GPO's are replicated between all DC's in a domain. Once you stand up the new DC's, the GPO's are replicated when AD replication is successful.Good luck to all! -
brad-
Member Posts: 1,218
Understood, but I've got to add the snap in before I can manipulate them. I was going to use the GPMC, but it doesnt work on x64 systems, and there is no patch for that.HeroPsycho wrote:Dude, GPO's are replicated between all DC's in a domain. Once you stand up the new DC's, the GPO's are replicated when AD replication is successful.
What I'm seeing is this...
...and I'm not certain if I should leave it on the local computer, or browse to one of the locations elsewhere. -
RTmarc
Member Posts: 1,082 ■■■□□□□□□□
Install the AdminPak on your machine and then don't worry about it. GPMC on the server/DC isn't required to view/edit Group Policy. Once you stood up the two new boxes, GP replicated with everything else. Install AdminPak and the GPMC on your machine and manipulate it from your desk.
