Transitioning to new Server 2008 R2 Domain from Server 2003 -> Do I move DHCP or DNS first?

windows-server-2008 domain-name-system active-directory dhcp
11,591

Solution 1

There's no problem with both DC's being GC's in a single domain forest, so go ahead and make the new server a GC as a first step. If your AD DNS is AD integrated then no "transfer" of DNS is required, the AD DNS zones will be replicated to the new server as part of the AD replication process. The only thing you'll need to manually transfer is DHCP. You can do this beforehand and authorize the new DHCP server but leave the scope deactivated until you're ready to make the switch. I would recommend that you not give the new server the same ip address as the old server as that's likely to make things flaky because of the DNS records tied to the old ip address of the W2K3 DC. Update your DHCP scope to assign the new server as the primary DNS server for the DHCP clients and manually set it for statically assigned hosts. Once you've done that you can turn off DHCP on the old server and activate the DHCP scope on the new server. After verifying that everything works you can DCPROMO the old server to demote it.

Solution 2

Migrate DNS first and DHCP second. When you move DHCP you will have to authorize your new 2008 box as well. Be careful when migrating DNS, nearly every service relies on it so before moving on to DHCP make sure dns is 100%.

Make the 2008 box a GC as well.

Make sure to run DCDIAG, and if you are running exchange wont hurt to run a BPA as well.

BPA is Microsoft Exchange Best Practices Analyzer, currently at version 2.8

Share:
11,591

Related videos on Youtube

ItsPronounced
Author by

ItsPronounced

Constantly learning web application development. Self taught ASP.NET and php since 2003.

Updated on September 17, 2022

Comments

  • ItsPronounced
    ItsPronounced almost 2 years

    My old Svr2003 domain controller is also my DNS and DHCP server (small domain, < 50 users)

    Here's what I've done thus far:

    1. Added new Svr2008 to the domain.
    2. Prepped domain with adprep (forest and domain)
    3. Promoted Svr2008 to Domain Controller and installed AD DS.
    4. Transferred all FSMO roles to new Svr2008 and made Svr2008 a Global Catalog Server as well.
    5. Confirmed Replication between two domain controllers.

    I want to transfer DHCP and DNS to my new Svr2008, decommission Svr2003, and switch the IP address of Svr2008 to match decommissioned Svr2003 (so I don't have to reassign DNS via DHCP). I've also already exported my DHCP to a txt file using netsh dhcp server export _filename_ command and it is ready to be imported when the new DHCP server role is running on the new Svr2008.

    My questions is should I do DNS or DHCP first?

    I want to make sure I do this in the right order and properly.

    Thanks!

  • ItsPronounced
    ItsPronounced over 13 years
    I AM Running Exchange 2007 on the domain. Should I run BPA on the new Svr2008 or the Exchange server (or both)? THANKS! I was about to do DHCP first when I thought I should get a second opinion on the steps.
  • pablo
    pablo over 13 years
    Run BPA from your admin workstation against the exchange server and new domain controller.
  • pablo
    pablo over 13 years
    i should note that leaving DNS active on the old server wont hurt and you can decommission this when you decom the server.
  • MDMarra
    MDMarra over 13 years
    If you transfer the DHCP database beforehand, the lease information will be out of date by the time the scope is activated. If the OP is intent on a cut-over instead of a split-scope migration, you should do the export and import right before the cut over.
  • ItsPronounced
    ItsPronounced over 13 years
    @joequerty - thanks for this info. I went to add the new Svr2008 as a global catalog server along with the old Svr2003 and I got the warning that: This Active Directory Domain Controller is serving as the infrastructure master role for this domain. The infrastructure master role should not be placed on an AD DC that is also a global catalog server unless all AD DCs in the domain are global... Are you Sure you want to make this AD DC a Global catalog? I'm assuming this is fine since Svr2003 is also global catalog, but what will happen when I decommission Svr2003? Should be fine right?
  • joeqwerty
    joeqwerty over 13 years
    Yes, you'll be fine. That warning is meant for a DC that is in a multi domain forest but isn't applicable in a single domain forest. Both DC's can be GC's with no problem. In addition, you don't need to manually transfer the FSMO roles before demoting the old server, the DCPROMO process will transfer those roles as part of the demotion.
  • ItsPronounced
    ItsPronounced over 13 years
    @joequery, one last question regarding the DNS transfer. It is AD integrated, but the DNS role is not setup on the new Svr2008 yet. Do I just setup the role and wait for replication? THANKS AGAIN!
  • joeqwerty
    joeqwerty over 13 years
    Pretty much. Add the DNS role and the DNS zones should be replicated to the new server as part of the AD replication process. Just make sure that on the W2K3 server that the DNS zones are configured to replicate to all DC's in the domain.
  • ItsPronounced
    ItsPronounced over 13 years
    DNS is now running on new server. Instead of exporting/importing the old DHCP database I just recreated the scope (only 1 scope). What is the best way to tell clients with a lease (from the old DHCP server) to refresh the lease from the NEW DHCP that includes the new DNS server address? Do I just turn off the DHCP scope on the old Svr2003 and activate the new scope on the Svr2007? THANKS
  • ItsPronounced
    ItsPronounced over 13 years
    DNS isn't working on my new server. Anytime I point a client to the new dns server it can't resolve. BPA is telling me all of this: http://i.imgur.com/4GPZf.jpg. The 192.168.200.13 address is my Old Windows Server2003 ip address. The PDC host is my New server 2007 hostname. I think something happened (or was already wrong) with the _msdcs zone. It already existed as a subzone in my main zone, but I read thats not where it is suppose to be.
  • ItsPronounced
    ItsPronounced over 13 years
    Ok following some instructions, I restarted the NETLOGON service and it seemed to have recreated the _msdcs zone but as a subzone of the main domain zone. But I also got event id 4010 one after another in the DNS event log and the best practices is saying i need to The Active Directory integrated DNS zone _msdcs.domain.com was not found. The resolution is to Restore the Active Directory integrated DNS zone _msdcs.domain.com. but I'm not sure how to do that.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Should the DNS and DHCP server be on the same machine?
Using BIND9 and DHCPD to support a Windows Domain
Windows Server DHCP role not working correctly in VMware Player
Can't add client machine to windows server 2008 domain controller
Unable to register a client to domain
Windows Server 2008 Domain alias for users to log on to?
Can't ping NETBIOS name of Server 2008 R2 domain
Preventing automatic DNS updates for multi-homed NIC in Windows Server environment
Automatic failover for domain controller
Windows 2008 Active Directory Install - DNS Issues?