DC Plan of action
itdaddy
Member Posts: 2,089 ■■■■□□□□□□
hey guys here is my plan. I am doing it this saturday.
1. I have built a 2003 R2 SP2 server
2. joined the domain
3. running DCPROMO on it first and making sure DNS is working good
4. turning off old dying DC
5. changing the IP Address from old dying DC to new DC
6. testing
a. logins from workstation to new DC
b. emailing from my outside email into our network from outside in
c. test inside emailing
7. if this works and test good then I am good to go
I was worried aboutthe IP address being the same. I want to keep the same IP address because the IP address of old dying DC is hard coded into
our ASA rules.
is this good or am I missing something. I just dont want to miss anything.
8. going to demote old dying DC from my domain once I test everyting with new DC then I will demote the old dying DC.
is this good guys?
thanks
1. I have built a 2003 R2 SP2 server
2. joined the domain
3. running DCPROMO on it first and making sure DNS is working good
4. turning off old dying DC
5. changing the IP Address from old dying DC to new DC
6. testing
a. logins from workstation to new DC
b. emailing from my outside email into our network from outside in
c. test inside emailing
7. if this works and test good then I am good to go
I was worried aboutthe IP address being the same. I want to keep the same IP address because the IP address of old dying DC is hard coded into
our ASA rules.
is this good or am I missing something. I just dont want to miss anything.
8. going to demote old dying DC from my domain once I test everyting with new DC then I will demote the old dying DC.
is this good guys?
thanks
Comments
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
i wasnt sure if the ip address mattered or something but
will change on both DCs so they can work just didnt know if some how
AD integrated the IPs ahah You never know with MS$$
my bet was it wouldnt matter but wanted to get some advice from you
experts. thanks man..will tell you how it turns out
GetCertified4Less - discounted vouchers for certs
the asa is only forward ldap service via IP.
and in DNS the ip is used. Do you think that the IP tied tothe old Dc matters or is some how integrated in the GUID creation of somthing like that. can you explain. to me it looks textbook to keep same IP since everything including workstation IP addresses are tied to the IP. seems like this is the correct option because you wouuld have to change every workstation and everything on the network that uses this ip address. just to me change the name to correspond to the ip and it should query the new DC for ldap infor??
can you exlaborate on your opinion. I would like to here it bud thanks for giving me your opinion.
why cant I run the new DC with the old IP address
and at the same time shut the old DC off so no IP conflict?
I do not want to demote the old DC until I know the new one works
with the old IP addresses. Does this sound logical?
GetCertified4Less - discounted vouchers for certs
GetCertified4Less - discounted vouchers for certs
I would place a DNS server on the IP address of the old DC if you are not sure if someone might be using it. Enable logging, come back in a couple days. If it's not been used, then shut it dowm.
Is Exchange in the envionment? How about your IAS server for that Cisco ASA?
our network on many workstations are alread configured to that IP of the old DC? it is going to be crazy work to convert over to the new DC due to many things are using this IP address? OMG the work to change everything over to thew new IP address. we have static everything we are afinancial and are suppose to have static IPs
Why do you say that? I know Wells Fargo doesn't use static ip addresses on their workstations. I know plenty of small banks that don't either.
MCTS: Windows WS08 Active Directory, Configuration
Even if it's for auditing purposes, I'd rather reserve IP's in DHCP for ease of management than configure statically
I would love to talk to financials with DHCP nonetheless I will have to change each one by hand
http://technet.microsoft.com/en-us/library/cc758579%28WS.10%29.aspx
As long as you remove the old DC (dcpromo, remove from DNS, etc.) then you have nothing to worry about. I've done this very same thing multiple times. Since you have more than one DC, it makes it even easier.
The DHCP thing is another discussion. I'd rather use DHCP reservations over static IP addresses.
I plan to make sure to demote it and then wait and then check the other DCs to make sure all meta data cleaned up..
then I will promote new cd with same ip...
and if it funks out; haha I will restore and call in some help..but I have done before just along time ago..seems straight forward...
thanks guys for all your guidance you are so cool!
beers on me
You mention about your old DC ‘dying’. Just a quick question; is this due to unreliable/old hardware?
It’s just you mentioned in your last post about imaging the disk volumes just as a backup. So if this is the case, was thinking you could perhaps try simply restoring this image onto the new hardware (providing the imaging software has some sort of universal restore facility like Acronis does). In this case you would only need to install the hardware drivers, configure the NIC and give the box a once over etc.
I know this isn’t the cleanest way of doing things, but I’ve successfully performed this operation in the past as a quick-fix solution for when a DC has gone down in the middle of a working day or if it’s randomly generating a hardware related BSOD.
If you have other software related issues with the current DC, or if you’re wanting to learn from this experience for Microsoft server exams then please ignore my post.
Best regards,
Budzy.
we did a vmware convert on this DC and 100% perfect no active directory issues none!
WORKED AWESOME. saved my butt! hahah
thanks guys for all your help....
Budzy
the reason I am imaging or did image was because in case of the conversion to vm would corrupt the dc I have heard of this happening. and if the convert failed but corupted the dc i could restore and try again with something else.
This DC was interwoven with the firewall and proxy offsite server ect..uses the certifcation services and everything wasnt sure what else but it was the first dc in the network and now is converted to vm perfect.
next is a mail exhange 2003 server will do that one COLD booting to vmware convert CD and do it that way..heard many good things about that. I will report back. I do use shadow protect software first to image then i play
doing 8 conversion s this year voice server included