If I were you, rather than put Exchange on a DC, I would put the second DC
on an older but still robust workstation (and beefed up to boot). A long
way from Best Practices, but still preferable to the Taboo Mix.
----- Original Message -----
From: "Steven Johnston" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Monday, August 21, 2006 2:24 AM
Subject: RE: [ActiveDir] Can the Gods return to our domain? an ex-DC naming
question
Firstly I would like to say thanks for all the help. I probably wasnt as
clear in my original description about a few things as I could have been
so I will go over the assumptions some of you made that were incorrect.
Ok so from my notes..
----------
Existing Environment
The existing environment contains 2 Domain Controllers running Windows
2000 Server named Ceres and Hades, the Domain operates in Mixed Mode.
Ceres has all of the FSMO roles (RID, PDC, Infrastructure, Domain Naming
and Schema), runs DNS, Blackberry Enterprise Server, VERITAS Backup Exec,
acts as a Print Server, WINS server and the GC.
Hades acts as a DHCP, DNS Server and runs Exchange 2000 Server with
Symantec Mail Security 5.0. The DHCP options for 006 DNS Server only
point to Hades IP address and not to Ceres.
The new server to replace the Exchange Server “Insert Server Name Here -
Server3� is running Windows Server 2003 Standard.
----------
Ceres is a very old server that was once an NT4 pdc and hence doesnt have
the minimum spec to run 2k3, this is why I will probably literally dump
it. Hades is also quite an old server but was introduced when the W2k
domain was introduced, I will be keeping Hades to use only as a DC
(running DNS in ADI mode) and probably to run BES and Backup Exec.
Server3 is a brand new server (slightly over spec'ed probably - if thats
possible), I will be using Server3 for Exchange 2k3 but also need a second
DC when Ceres is removed so this will probably fill that role.
My current plan included installing E2k3 and then dcpromo'ing but as you
say this isnt supported so I wont be doing this - Thanks for the heads up
I will just juggle my plans around to DCPROMO and then install E2K3, I
dont think that will cause an issue.
I need to edit my current plan and make quite a few updates, thanks for
the suggestions.
Are there any other items of concern in the above environment. (ignore
the blackberrys, I will just uninstall and install that from scratch again
I think as they are a massive hassle, or maybe I will let Ceres remain as
a BES server only)
Thanks
Steven
-----Original Message-----
From: [EMAIL PROTECTED] on behalf of Almeida Pinto, Jorge
de
Sent: Fri 8/18/2006 11:44 PM
To: [email protected]; [email protected]
Cc:
Subject: RE: [ActiveDir] Can the Gods return to our domain? an ex-DC
naming question
In your case I would:
* execute from the E2K3 media: SETUP /FORESTPREP (this preps your forest
for E2K3 servers) (this will resolve the incorrect attributes in a W2K AD
with E2K)
* execute from the E2K3 media: SETUP /DOMAINPREP (this preps your domain
for E2K3 servers)
* execute from the W2K3-SP1 media: ADPREP /FORESTPREP (this preps your
forest for W2K3 DCs)
* execute from the W2K3-SP1 media: ADPREP /DOMAINPREP /GPPREP (this preps
your domain and SYSVOL for W2K3 DCs)
* Install W2K3 on server3 and join to the domain, install E2K3 on server3
* Move ALL Exchange stuff from HADES to server3 (follow KB articles, etc.)
* Move other roles and services (e.g. DNS,WINS,DHCP,etc.) from HADES to
CERES if these do not exist yet on CERES
* Decommission HADES as a server provinding Exchange services (uninstall
exchange, follow KB articles, etc.)
* If needed MOVE the FSMO roles from HADES to CERES
* Shutdown HADES
* Cleanup AD metadata for HADES on CERES
(http://blogs.dirteam.com/blogs/jorge/archive/2005/12/03/213.aspx) and
remove the server object manually (which is normal) (check that ALL
metadata is removed!)
* Re-install HADES as a W2K3 server configure TCP/IP settings accordingly
and join to the domain
* Promote HADES to a DC, make it a GC also
* MOVE the FSMO roles from CERES to HADES
* Install services like DNS,WINS,DHCP,etc. (if needed) on HADES and
configure accordingly
* IF NEEDED, move other roles and services (e.g. DNS,WINS,DHCP,etc.) from
CERES to HADES if these do not exist yet on HADES
* Shutdown CERES
* Cleanup AD metadata for CERES on HADES
(http://blogs.dirteam.com/blogs/jorge/archive/2005/12/03/213.aspx) and
remove the server object manually (which is normal) (check that ALL
metadata is removed!)
(for the following steps use CERES or some other more powerfull server,
but not server3 with E2K3)
* Re-install CERES as a W2K3 server configure TCP/IP settings accordingly
and join to the domain
* Promote CERES to a DC, make it a GC also
* Install services like DNS,WINS,DHCP,etc. (if needed) on CERES (or some
other more powerfull server) and configure accordingly
* As HADES if the most powerfull server leave the FSMO roles on it
* Install and/or configure everything else needed
* Get a cigar and a beer! ;-)
This should help you on your way, but make sure all steps mentioned are
correct for you and nothing is missed!
Make sure you test the stuff in a test environment, create backups before
doing anything, etc, etc.
Although E2K3 is supported on a W2K3 DC (by FIRST promoting to DC and THEN
installing E2K3. FIRST installing E2K3 and THEN promoting to a DC is
UNSUPPORTED!), bla bla, bla...DON'T DO IT! Have 2 DCs with for example
DNS, WINS, DHCP, BUT NOT E2K3. Use a separate server for E2K3!
Another thing...IMHO I would not use names for servers that do not mean
anything (names of gods or whatever). Use descriptive names for servers
that mean something about the server and maybe its roles (just opinion)
Also see: http://blogs.dirteam.com/blogs/jorge/archive/2005/11/19/110.aspx
Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
( Tel : +31-(0)40-29.57.777
( Mobile : +31-(0)6-26.26.62.80
* E-mail : <see sender address>
_____
From: [EMAIL PROTECTED] on behalf of Steven Johnston
Sent: Fri 2006-08-18 21:30
To: [email protected]
Subject: [ActiveDir] Can the Gods return to our domain? an ex-DC naming
question
Hello list,
(Skip the first Paragraph if your in a rush :p It is a self
introduction.)
This is my first post so I would like to introduce myself and say hello to
everyone and thanks for the bucket loads of good info floating around. I
am relatively new to the industry and this is my first permanent job since
University, I have just 8 months in my current role after 6 months of
contracting for a large Aerospace company. I work for a consultancy that
mainly provides software solutions using .net. I am working as a Systems
Admin and am totally responsible for our internal systems (25 or so
servers including development boxes) and also for several external clients
server environments. I have been trying to pick up as much as possible by
reading books, blogs, whitepapers and gathering advice from the many
helpful individuals in this community. With that in mind forgive me for
any newbie mistakes :-) Thanks again and on that note, I hope one day to
be as useful as many of you already are.
Ok so here is the situation: I am planning an Active Directory 2k and
Exchange 2k upgrade to 2k3. Our servers are named after Greek / Roman
Gods hence the subject.
I have 2 DC’s Ceres and Hades (also the Exchange server) and a third new
server running server 2k3 (Server3 – currently unnamed) which shall
replace the DC Ceres. I plan to do an in place upgrade of Exchange on
Hades, join Server3 to the domain install Exchange 2k3 move all the mail
boxes, public folders and system folders then demote Hades remove it from
the domain, rebuild it with 2003 and rejoin it again and dcpromo. Finally
I will demote, remove Ceres and bin it (its very old :p) . Ok so maybe I
have simplified this a bit but you get the general idea, enough to answer
my question.
My question is.. Can I use the name Hades again when it is rebuilt and
re-made a DC? I presume if the name Ceres is given to another box it wont
matter unless that box goes on to become a DC too.
I know the answer to the above is yes but it requires some tweaking using
ADSIedit. This is the part I don’t know. What needs to be changed and
what precautions can I take before making this change to ensure I won’t
mess it up?
Oh and Don’t worry I am doing this on Virtual’s at the moment and will
do multiple full backups on the live systems before I start this :p
Thanks
Steven Johnston
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
