Moving Active Directory

J

J'Tok

n00b
Joined
Oct 23, 2005
Messages
40
I'm not entirely sure this is possible, but here's the situation.
I have a Windows Server 2003 Enterprise domain controller which I want to replace the system drive on.
All I want from the old hard drive is the active directory. Nothing else.
There are several reasons I cannot just clone it.
1) It currently has the free 180 day trial from MS, and I now have a full copy of 2003 Enterprise from my school through academic alliance.
2) It has some other trials like SMS and SQL that I was playing with, but no longer want. (I'm really looking forward to starting fresh)

So, is there any way to just move all my user and computer accounts from active directory on the old hard drive to the new hard drive with only box?
 
Is the copy on the HDD a R1 version, and is the Advanced Server R2? If it is, yo ucan upgrade.
 
Good thought.
I totally forgot to mention that it's already R2.
Sorry about that.
Thanks anyway.
 
Well, try to find another machine. Use VMware Server if you have to. Add it to the domain as a domain controller. Demote the old box. Rebuild it. Promote it to a DC. Then demote the temporary box.
 
MorfiusX said:
Well, try to find another machine. Use VMware Server if you have to. Add it to the domain as a domain controller. Demote the old box. Rebuild it. Promote it to a DC. Then demote the temporary box.
Click to expand...

Just to verify.
I could install server 03 on one of my desktops using virtualization software, make it the primary DC, rebuild my old server with the new HD and do the same thing. Then demote the temporary server and call it a day?
 
Or you could run AD in the virtual machine and never have to worry about moving it from machine to machine when rebuilding.

I went through 2 domain rebuilds and 1 move on my home domain, finally decided to keep the AD server with all the user accounts, dns, dhcp and symantec antivirus center in a Virtual Machine.
- havent had to worry in the past 2 hardware upgrades !
 
AMD[H]unter said:
Is that the "swing" thing I have been hearing about?
Click to expand...

Not quite. The Swing migration you have been reading about is SBS specific "migration" that orginates from www.sbsmigration.com

The theories are relatively the same, but because SBS packs so much more into a single server, there is quite a bit more you need to do.

OP, the best advice has already been stated, use VMware to create a temporary Domain controller, however, you'll need to transfer FSMO roles prior to demoting your physical server and rebuilding it.

Once the new physical DC is built, joined to the domain, and made a DC, you'll need to transfer FSMO roles from the virtual DC to the physical DC.
 
SJConsultant said:
you'll need to transfer FSMO roles prior to demoting your physical server and rebuilding it.
Click to expand...
While technically you have to do this, demoting a FSMO server will automatically transfer the role to another server if one is available. If only one server is available, that's the server that will get the roles.
 
Thanks! I know what I'm doing tonight and tomorrow (oh joy!).
I hadn't thought of the VM approach. Thank you MorfiusX.
I'll let you know how it turns out. Though it sounds like it should work perfectly; unless I manage to foul it up.
'preciate the help.
 
Okay, I kow this took a little while, but I hit some snags with DNS. Basically, everything transfered to the virtual server, but when i tried to run dcpromo on the server with the OS, it said it couldn't find the DC. Whoops! Forgot to put DNS on the virtual server. Then it took forever for the bloody thing to populate. Then the RPC service wasn't started, and file sharing wasn't enabled on the adapter.
Long and short of it is that it was successful, and a learning experience.
So, the bad news is that it was probably more work than it was worth (though this is up for debate). The good news is that I should be able to do it in no time if I ever have to do it again (hopefully not too soon).

Thanks again for all the help,
- J'Tok
 
AS a general rule of thumb, if you're running a smaller AD domain it's not a bad idea to just put DNS on all the AD controllers.... Of course, as the domain gets bigger, the need or desire to do this lessens....
 
jpochedl said:
AS a general rule of thumb, if you're running a smaller AD domain it's not a bad idea to just put DNS on all the AD controllers.... Of course, as the domain gets bigger, the need or desire to do this lessens....
Click to expand...

Unless you are working in a widely distributed WAN and the locations with DCs are there because there are single network points of failure that would leave users isolated from both DNS and authentication with production processes running 24/7.

Add in the remenants of an old NT 4.0 domain still running at another external hosting company with production processes still running on win9x that is keeeping your 2003 AD controllers in 2000 native mode and you have to keep WINS everywhere as well.

I hate my life.

I second the running at least one DC as virtual idea. We don't do it on our production domain as we have 6 Dcs (see the above), but we did replace the PDC of the NT 4.0 domain with a virtual NT 4.0 server that we then upgraded to 2k3. It's running in mixed 2000 mode to talk with the NT 4.0 BDCs at the external hosting company.

On my home setup, I have a DC and an Exchagne server running as virtual. Talk about easy server migrations to new hardware. Intsall the OS and virtual server, copy 2 8 gig files, and I'm good to go.
 
Nessus, I love doing upgrades and just copying the VM machines ! :cool:
 
You must log in or register to reply here.
Back
Top