question about setting up a new domain controller
-
@dave247 said in question about setting up a new domain controller:
Is this pretty much the way to do it?
Yes, assuming that the DNS zone is AD integrated
Who holds the FSMO roles?
-
@dave247 said in question about setting up a new domain controller:
Hi guys I have kind of a noob question..
I have two 2008 R2 domain controllers: DC1 and DC2 (one physical one virtual), and an on-prem Exchange 2010 (SP3) server in my environment. I think I've learned enough now where I'm comfortable setting up a new domain controller and replacing an old one but I still technically haven't done it yet.
I would like to set up a 2012 R2 domain controller to replace the physical 2008 R2 domain controller, DC1. DC1 is the primary DNS server that everything in the environment looks to, and so I want to make sure everything gets replaced with the new IP address.
Note: I am going 2012 R2 DC right now because it's the highest I can go with having Exchange 2010 SP3 running. I will eventually be going to Exchange 2016 and then at that point I can make a 2016 DC.
The main thing I'm wondering about is if I can simply set up the new 2012 R2 server, promote it to domain controller, and then one by one point my servers and all the other statically mapped systems to it, without experiencing any disruptions. And right now DHCP is being controlled by the physical DC but of course that would be trivial to replace once I get the new 2012 R2 DC up and running. I really just want to be able to make the transition without disruption.
Is this pretty much the way to do it?
First let me get this straight, you have two DCs and one has Exchange on it?
That should be changed if that’s the case as it is unsupported.As for the DC you can go up to a DC with Server 2016, as long as the domain and Forest level are on Server 2008 or 2008 R2 your Exchange 2010 will continue to work.
DHCP should be configured so all the devices get connected and pointing to your new DC. Test everything and make sure to have the replication working.
As always make backups before and after doing changes.
-
@dave247 said in question about setting up a new domain controller:
I would like to set up a 2012 R2 domain..
What is driving you to do a fresh install of an old OS?
-
@dave247 said in question about setting up a new domain controller:
The main thing I'm wondering about is if I can simply set up the new 2012 R2 server, promote it to domain controller, and then one by one point my servers and all the other statically mapped systems to it, without experiencing any disruptions.
You can have all three, or more, running at once, you disruptions. The only thing that gets repointed, static or dynamic, is the DNS settings, not the AD ones. DNS handles AD transparently.
-
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
I would like to set up a 2012 R2 domain..
What is driving you to do a fresh install of an old OS?
Exchange 2010 SP3 he said.
-
Simply set up a new DC as you normally would. Install the role, promote it to DC... (new DC in existing domain, make sure to select/install DNS too).
Move all of your FSMO roles to the new DC.
Make the changes on everything on the network to point to your new DC...
- Switch dns settings
- Copier DNS settings
- other servers DNS settings (especially DHCP servers)
- etc
Demote old DC using DCPROMO.
-
@tim_g said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
I would like to set up a 2012 R2 domain..
What is driving you to do a fresh install of an old OS?
Exchange 2010 SP3 he said.
How does that affect the DC, though? That affects the Exchange server.
-
@flaxking said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
Is this pretty much the way to do it?
Yes, assuming that the DNS zone is AD integrated
Who holds the FSMO roles?
Yeah, DC1 has the DNS role and so does DC2. DC1 has FSMO roles.
-
@dbeato said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
Hi guys I have kind of a noob question..
I have two 2008 R2 domain controllers: DC1 and DC2 (one physical one virtual), and an on-prem Exchange 2010 (SP3) server in my environment. I think I've learned enough now where I'm comfortable setting up a new domain controller and replacing an old one but I still technically haven't done it yet.
I would like to set up a 2012 R2 domain controller to replace the physical 2008 R2 domain controller, DC1. DC1 is the primary DNS server that everything in the environment looks to, and so I want to make sure everything gets replaced with the new IP address.
Note: I am going 2012 R2 DC right now because it's the highest I can go with having Exchange 2010 SP3 running. I will eventually be going to Exchange 2016 and then at that point I can make a 2016 DC.
The main thing I'm wondering about is if I can simply set up the new 2012 R2 server, promote it to domain controller, and then one by one point my servers and all the other statically mapped systems to it, without experiencing any disruptions. And right now DHCP is being controlled by the physical DC but of course that would be trivial to replace once I get the new 2012 R2 DC up and running. I really just want to be able to make the transition without disruption.
Is this pretty much the way to do it?
First let me get this straight, you have two DCs and one has Exchange on it?
That should be changed if that’s the case as it is unsupported.No. Exchange 2010 SP3 is on it's own 2008 R2 server.
As for the DC you can go up to a DC with Server 2016, as long as the domain and Forest level are on Server 2008 or 2008 R2 your Exchange 2010 will continue to work.
Not according to the documentation I've looked at.. seriously, I would love to do this if I actually can..
DHCP should be configured so all the devices get connected and pointing to your new DC. Test everything and make sure to have the replication working.
My plan would be to turn off DHCP on DC1 and add it to the new DC and then at that time, I would include the new DC in the DHCP info.
As always make backups before and after doing changes.
For sure.
-
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
I would like to set up a 2012 R2 domain..
What is driving you to do a fresh install of an old OS?
As I explained in the OP, Exchange 2010 SP3 will not work with a 2016 DC. I plan to eventually scrap both 2008 R2 DC's. DC1 is a physical server and it's been having issues, so I'm basically just trying to quickly replace that with a new DC, and 2012 R2 is sure to work with Exchange 2010 SP3.
-
@dave247 said in question about setting up a new domain controller:
As I explained in the OP, Exchange 2010 SP3 will not work with a 2016 DC.
That can't be right. What's the documentation on that?
-
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
The main thing I'm wondering about is if I can simply set up the new 2012 R2 server, promote it to domain controller, and then one by one point my servers and all the other statically mapped systems to it, without experiencing any disruptions.
You can have all three, or more, running at once, you disruptions. The only thing that gets repointed, static or dynamic, is the DNS settings, not the AD ones. DNS handles AD transparently.
I don't understand..
-
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
As I explained in the OP, Exchange 2010 SP3 will not work with a 2016 DC.
That can't be right. What's the documentation on that?
https://blogs.technet.microsoft.com/rmilne/2016/05/16/exchange-support-for-windows-server-2016/
So it does say it there, how is this possible? How can 2016 be working properly yet break something like this?
https://msdnshared.blob.core.windows.net/media/2016/12/image_thumb378.png
-
@scottalanmiller said in question about setting up a new domain controller:
@tim_g said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
I would like to set up a 2012 R2 domain..
What is driving you to do a fresh install of an old OS?
Exchange 2010 SP3 he said.
How does that affect the DC, though? That affects the Exchange server.
Yeah, if Exchange won't work, then I don't want to use 2016 for now.
-
@dave247 said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@tim_g said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
I would like to set up a 2012 R2 domain..
What is driving you to do a fresh install of an old OS?
Exchange 2010 SP3 he said.
How does that affect the DC, though? That affects the Exchange server.
Yeah, if Exchange won't work, then I don't want to use 2016 for now.
Which begs the question.... how is 2016 doing 2012 or earlier domain levels, if it isn't fully compatible with them? How and why did MS break that in that way. That's very concerning.
-
@scottalanmiller said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
As I explained in the OP, Exchange 2010 SP3 will not work with a 2016 DC.
That can't be right. What's the documentation on that?
https://blogs.technet.microsoft.com/rmilne/2016/05/16/exchange-support-for-windows-server-2016/
So it does say it there, how is this possible? How can 2016 be working properly yet break something like this?
https://msdnshared.blob.core.windows.net/media/2016/12/image_thumb378.png
Yes, that is what I was going by. Sorry I didn't post it. I didn't have time to dig up the link..
So am I correct that having a 2016 DC with Exchange 2010 SP3 (AND NO 2008 R2 domain controllers) will not work? I want to get away from 2008 R2, ya dig?
-
@dave247 said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
The main thing I'm wondering about is if I can simply set up the new 2012 R2 server, promote it to domain controller, and then one by one point my servers and all the other statically mapped systems to it, without experiencing any disruptions.
You can have all three, or more, running at once, you disruptions. The only thing that gets repointed, static or dynamic, is the DNS settings, not the AD ones. DNS handles AD transparently.
I don't understand..
AD DCs run in clusters. You can have as many as you like, they are one single pool. So you can add as many as you want, and they all get used, live.
You never point to AD. There is no setting for that on Windows. The clients request AD information from DNS, DNS points them to the AD DC that is best for them at the time (or just round robin.)
-
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@tim_g said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
I would like to set up a 2012 R2 domain..
What is driving you to do a fresh install of an old OS?
Exchange 2010 SP3 he said.
How does that affect the DC, though? That affects the Exchange server.
Yeah, if Exchange won't work, then I don't want to use 2016 for now.
Which begs the question.... how is 2016 doing 2012 or earlier domain levels, if it isn't fully compatible with them? How and why did MS break that in that way. That's very concerning.
I don't know. I was also confuxored as hell but hey I have to work with it.
-
@dave247 said in question about setting up a new domain controller:
So am I correct that having a 2016 DC with Exchange 2010 SP3 ... will not work?
According to the chart, no it won't work. It's just insane that that could be the case. It means MS failed to maintain application compatibility across AD, even at matching compatibility levels.
It's a pretty big fail on MS' part and shows very much that AD is not as robust as people like to think.
-
@dave247 said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@tim_g said in question about setting up a new domain controller:
@scottalanmiller said in question about setting up a new domain controller:
@dave247 said in question about setting up a new domain controller:
I would like to set up a 2012 R2 domain..
What is driving you to do a fresh install of an old OS?
Exchange 2010 SP3 he said.
How does that affect the DC, though? That affects the Exchange server.
Yeah, if Exchange won't work, then I don't want to use 2016 for now.
Which begs the question.... how is 2016 doing 2012 or earlier domain levels, if it isn't fully compatible with them? How and why did MS break that in that way. That's very concerning.
I don't know. I was also confuxored as hell but hey I have to work with it.
And they provide no explanation for something that I feel demands rather a bit of it. They just ignore the fact that they have this big break.