At the moment on our ESXi Server are 10 VMs running. One of the VM is the Domain Controller (Windows Server 2008 R2). On this Domain Controller are role like AD, DNS, DHCP and Wins installed. The hole company has only one Domain Controller.
Now, we want to upgrade this Domain Controller to two redudant Windows Server 2012 Domain Controllers. One of this two would be the primary DC and the other one the secondary DC. Afther the upgrade, we want to decommission the Domain Controller (Windows Server 2008 R2).
Servername / IP-Adresse of the existing Domain Controller (Windows Server 2008 r2):
DCBLN / 192.168.1.150
Servername / IP-Adresse of the new Domain Controller (Windows Server 2012) (Primary):
DCBLN01 / 192.168.1.150
Servername / IP-Adresse of the new Domain Controller (Windows Server 2012) (Secondary):
DCBLN02 / 192.168.1.151
Im unsure how can I realize this migration at the best. That is why, I need your help. I hope you can give me a feedback, if my workflow has room for improvement:
- Install the Server DCBLN02 (Windows Server 2012) with their roles (AD(add to the existing forest)), DNS(configure as secondary) and Wins(replicate with the DCBLN)) and configure the Domain Controller as the secondary Domain Controller in the forest.
- After that I would install the Server DCBLN01 with their roles (AD(add to the existing forest), DNS(as secondary), DHCP, Wins). And here i have to make sure, that this server has temporary another IP-Adress (maybe 192.168.1.149). Make sure that DCBLN02 replicates with DCBLN01.
- Remove roles on DCBLN AD(make sure that the option "This server is the last domain controller in the domain" is unchecked), DNS, DHCP and shut down this server.
- After shutdown the Server DCBLN, i would clean the DHCP reservation of this Server and the DNS Host A entry and after that I would change the IP Adresse of the Server DCBLN01 to 192.168.1.154 and set the DNS on this server under zone options as the primary.
My aim is, that the other 10VMs has very short downtime. Would this be the correct and clean way to migrate my server? I hope you can give me a feedback.
Thank you.
Answer
You are basically right, but there are some points to be careful about:
- First of all, stop referring to "primary" and "secondary" domain controllers. There are no such things anymore since Windows 2000 was introduced :)
- Installing DCBLN02 and giving it its real IP address is ok; installing DCBLN01 with a temporary IP address and changing it later is also ok; I'm assuming you do this because the other domain computers use it as their DNS server, thus you always want to have a DNS service running on that IP address.
- Before promoting your new servers to domain controllers, you'll have to prepare Active Directory for this; just refer to the documentation.
- When promoting your new servers, choose the options to install the DNS service and make them Global Catalogs, but then don't configure anything on the DNS; especially not a secondary zone for your domain. Windows DNS service running on a domain controller will automatically replicate the domain zone through AD; if you manually create secondary zones, you'll only create a conflict there.
- Before removing the old server, remember to transfer the FSMO roles.
- When changing the IP address of DCBLN01 to switch it with your old server, be sure to reboot it two times to ensure DNS records are properly updated.
- Again, after removing your old server, you don't have to change anything on DNS (except removing any reference to it, of course). When the DNS service runs on a domain controller, DNS zones are replicated through AD and there is no concept of "primary" or "secondary" (unless you manually create UNIX-style zones, which is not recommended at all).
- If you want to avoid the hassle of manually reconfiguring DHCP, you can backup the service configuration on your old server and restore it on one of the new servers after installing the service.
- WINS shouldn not be needed at all on a modern network. However, if you choose to implement it, remember to enable replication between your servers, or they will hold different informations.
No comments:
Post a Comment