|
| | | New Member
Group: Forum Members
Last Login: 2/9/2006 2:34 PM
Posts: 4, Visits: 119 |
| | I have one domain controller now that is running Windows server 2000. This Domain controller has DNS and active directory running on it Plus DHCP. The scope in the DHCP is 192.168.1.10 to 192.168.1.150.This domain controller has about 35 users in Active directory. This domain controller also has VPN on it configured so users can remote in and connect to the network from home.This DC also has 3 other servers conected to it. What I have done is purchased 3 new Servers with windows server 2003 on them with all the proper licesens to replace the old Domain controller and servers completely. I want to keep up the old domain controller and put in place the new Domain controller named something different at the same time until everything is ready on the new domain is working correct. But I know that the Old Domain controller is running DHCP. And I want to have the new DC to have DHCP at the same time. So I need to know what is the best way to have both up and running at the same time without having them conflict. Do I keep the Old Domain on the 192.168.1.10 -150 DHCP Scope and put the New Domain controller on the network running DHCP with a IP scope range of like maybe 10.0.0.10 -254? My router is set to 192.168.1.1 with DHCP on router disabled. So will I be able to have two scopes of IP address on at the same time with the router without any problem. Can someone guide me in the right direction so I can have both domains running until I rollout info to new DC & Server's. Note I will on the new Active Directory create all new users. Also the reason why I want to do it this way is because there are so many problems on the DC. The office I work for had a really bad Admin come in over the years and Toast the DC.DC has errors all over it. Its not replicating. Its saying also that it can't find domain controller whe its is the DC. Alot of permissions aren't working properly. Plus alot more. Thats why I don't want to run DCPROMO...... |
| |
| | | Forum Moderator
Group: Moderators
Last Login: 8/13/2007 11:17 AM
Posts: 3,966, Visits: 1,057 |
| | Set up the new DHCP server with a scope that does not overlap your existing scope. 192.168.151 to 192.168.1.225 will work fine. Set identical scope options. Don't activate the scope. On the old DHCP server decrease the lease time to 10 minutes. Either have your clients release and renew their IP addresses OR keep the old server running long enough for clients to grab a new lease. Leases are renewed halfway through the current lease time by default. Once you're sure that the majority of your clients have the new lease, activate your new scope and deactive the old. Within 8 minutes you're clients you're clients will have leases from the new server. Don't forget that you'll need to authorized the new DHCP server in Active Directory. It would be much easier to fix your replication issues with your old DC, run adprep on it and upgrade it to 2003. Then, configure the new servers as replicas, transfer the FSMO roles and down the original DCs. Creating a new domain namespace will not only require you to create all users and group objects all over again, but you'll also need to completely reconfigure your permissions. Most replication issues are a result of DNS issues. One word domain names is an example of one of the causes. Also, you cannot point to any other DNS servers other than your own or AD will not work properly. Don't even use your ISPs DNS as a secondary.
Good Luck! It's going to be a long weekend soon.
__________________________________________________ 
|
| |
| | | New Member
Group: Forum Members
Last Login: 2/9/2006 2:34 PM
Posts: 4, Visits: 119 |
| | Thanks for the reply so fast... I think your right about running adprep on the old Domain controller and then upgrade. The only thing I get nervous about is that if the upgrade on the domain controller goes bad. I can image out all drive on the domain controller with Acronis first before I make any changes just incase. But I just wanted to tell you that the Domain name is called ( ferrara ) and the computer name is ( DC )when you go into DNS it shows as ( ferrara.local )with IP address 192.168.1.150.For some reason when I tried to add a BDC to this Domain during the setup it would come back and tell me it can't join ferrara.local and I made sure I am using administrator permissions. And then said that the domain must have a DNS problem check your DNS for problems. I checked everything on the domain controller but everything seems to look ok. I did look at the event log for DNS problems and I found that is saying that it can't find the global catalog. Is there any way to have me add a BDC to the domain with the issues I am getting. The problem That I think is going on is that This domain controller is not the primary DC. I think at one time it was a BDC and someone removed the Primary DC with out depromoting it correctly. Also when I try to view one of my servers the domain controller comes back and says it can't be found. But if I go onto the server and few the drives on the domain controller everything views fine.Once in a blue moon I can few the server without any problems.The problem comes and goes foe some reason.If you have any suggestion please send them my way. |
| |
| | | Forum Moderator
Group: Moderators
Last Login: 8/13/2007 11:17 AM
Posts: 3,966, Visits: 1,057 |
| | Just for the record, there is no such thing as a PDC and an BDCs anymore. All DCs are equal starting with Windows 2000. All of the issues that you describe indicate a DNS issue. Are you absolutely certain that all of your servers and clients are pointing to your own DNS server and no where else? For example: Your DNS is 192.168.1.150. No other IP address can be in a DNS configuration anywhere in your environment at all. This is mandatory. Is your DNS zone set to receive dynamic updates? Does your forward lookup zone contain the SRV records for your domain? You'll see them listed as _msdcs, _sites, _tcp and _udp in the zone. If so, what machine holds the role as the Global Catalog. If someone removed the first DC without demoting it, you would have noticed immediately. This machine holds the role of the GC by default. Your users wouldn't be able to log on. You can also verify which machine holds the role of the domain naming master using AD Domains and Trusts. This is always the first DC in the domain by default as well.
__________________________________________________
|
| |
|
|
