Yes, it sounds like a plan, in fact a good plan. Just with the FSMO transfer go have coffee or something before you move on to demoting the old DC. And a second cup after demote before you steal the IP address from it.
-----Original Message----- From: Michael Leone [mailto:[email protected]] Sent: Tuesday, March 02, 2010 3:51 PM To: NT System Admin Issues Subject: Re: Demote a DC that is primary DNS for a forest? - REVISED So here's what we've come up with, as a plan: Run FORESTPREP/ADPREP this week. On Sat: Upgrade Win2000 forest to Win2003 by DCPROMOing new-DC2 (which has DNS installed) Transfer all FSMO roles to new-DC2 Demote old-DC1. Use IP address of old-DC1 for new-DC1 (which has DNS installed). DCPROMO new-DC1. Transfer some FSMO roles to new-DC1, as balance. That means I now have a Win2003 forest. And I still have a DNS server at IP address of old-DC1 (which is what all the static IPs point to). And I've gotten rid of old-DC1, which is throwing an error about "trusted machine account" when running DCDIAG (hence the need to demote it). That should cover me, I think. Then, next weekend, I can upgrade the child domain to Win2003 by DCPROMOing more member Win2003 servers in that domain, and transferring roles accordingly. Sound like a plan? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
