DC Demotion Question
-
@BRRABill I'm testing domain migrations in my test environment tonight actually. I want to attempt to move from 2003 to 2012.
-
@coliver said in DC Demotion Question:
@BRRABill said in DC Demotion Question:
Did you know...
Apparently it's a PITA to transfer DHCP to an existing DC?
(Countdown to someone saying "just install in on a Linux box" in 5...4...3...)
It is? How so? You can easily backup the DHCP scopes and restore them to the new DC, decom the old one and turn up the new one. I've done it twice in the past without any issues.
Exactly - what issue are you having? What does it being a DC have to do with it?
-
Is this from 2003 to 2012 R2? If so you can use the Windows Server Migration Tools.
-
@coliver said
It is? How so? You can easily backup the DHCP scopes and restore them to the new DC, decom the old one and turn up the new one. I've done it twice in the past without any issues.
The KB article I read said you have to move the role BEFORE promoting it to a DC, otherwise it's a PITA. Though re-reading it now, it's a bit confusing...
"Additionally, if the target Windows 2003 server is a member server, and if you plan to promote it to a domain controller, we suggested that you perform the DHCP database migration before promoting it to a domain controller. Although you can migrate the DHCP database to a Windows 2003 domain controller, the migration to a member server will be easier because of the existence of the local administrator account.
- Log on as a user who is an explicit member of the local Administrators group. A user account in a group that is a member of the local Administrators group will not work. If a local Administrators account does not exist for the domain controller, restart the computer in Directory Services Restore Mode, and use the administrator account to import the database as described later in this section."
Ah, I think I read that wrong. I think logging in as a Domain Admin will be OK.
-
Wait.... you're still deploying to Server 2003? Are you the one that is waiting till next month (or November) for 2016 to come out?
-
@coliver said in DC Demotion Question:
Wait.... you're still deploying to Server 2003? Are you the one that is waiting till next month (or November) for 2016 to come out?
Or moving to Samba4.
-
Yes, those both are me.
Keep in mind, I was ready to move to 2012, and deided to wait at the advice of ML, which has caused zero issues thus far.
Right now I am in the process of moving all the physical machines to virtual.
Only 2 left. Probably only 1 left at the end of today.
-
Well, DHCP transferred nicely.
It really was that easy.
-
Have you looked into the cost of buying Server 2012 with SA versus what 2016 will cost? They are changing the licensing to be core based - I thought I read...
-
@Dashrender said in DC Demotion Question:
Have you looked into the cost of buying Server 2012 with SA versus what 2016 will cost? They are changing the licensing to be core based - I thought I read...
I did look at the cost.
But really, I am in no hurry. Everything is working fine.
Since I've moved then 2003 servers to VMs (on SSD) they've been blazing fast, even.
-
@BRRABill said in DC Demotion Question:
@Dashrender said in DC Demotion Question:
Have you looked into the cost of buying Server 2012 with SA versus what 2016 will cost? They are changing the licensing to be core based - I thought I read...
I did look at the cost.
But really, I am in no hurry. Everything is working fine.
Since I've moved then 2003 servers to VMs (on SSD) they've been blazing fast, even.
it's less about hurry, and more about savings.
But really, do you want to be on a non patches OS longer than you have to be?
-
@Dashrender said in DC Demotion Question:
@BRRABill said in DC Demotion Question:
@Dashrender said in DC Demotion Question:
Have you looked into the cost of buying Server 2012 with SA versus what 2016 will cost? They are changing the licensing to be core based - I thought I read...
I did look at the cost.
But really, I am in no hurry. Everything is working fine.
Since I've moved then 2003 servers to VMs (on SSD) they've been blazing fast, even.
it's less about hurry, and more about savings.
But really, do you want to be on a non patches OS longer than you have to be?
Agree.
-
@Dashrender said in DC Demotion Question:
@BRRABill said in DC Demotion Question:
@Dashrender said in DC Demotion Question:
Have you looked into the cost of buying Server 2012 with SA versus what 2016 will cost? They are changing the licensing to be core based - I thought I read...
I did look at the cost.
But really, I am in no hurry. Everything is working fine.
Since I've moved then 2003 servers to VMs (on SSD) they've been blazing fast, even.
it's less about hurry, and more about savings.
But really, do you want to be on a non patches OS longer than you have to be?
Of course the solution to that is move to Linux... no need to ever be without patches or security updates.
-
@coliver said in DC Demotion Question:
@Dashrender said in DC Demotion Question:
@BRRABill said in DC Demotion Question:
@Dashrender said in DC Demotion Question:
Have you looked into the cost of buying Server 2012 with SA versus what 2016 will cost? They are changing the licensing to be core based - I thought I read...
I did look at the cost.
But really, I am in no hurry. Everything is working fine.
Since I've moved then 2003 servers to VMs (on SSD) they've been blazing fast, even.
it's less about hurry, and more about savings.
But really, do you want to be on a non patches OS longer than you have to be?
Of course the solution to that is move to Linux... no need to ever be without patches or security updates.
That really is the long term solution.
-
Yep, definitely something to look at long term.
-
@scottalanmiller is NTG using Azure AD for it's Windows 10 machines yet? Is NTG using anything for GPOs?
-
@Dashrender said in DC Demotion Question:
@scottalanmiller is NTG using Azure AD for it's Windows 10 machines yet? Is NTG using anything for GPOs?
Yes, we've been on Azure AD for quite a while now. Like since last year.
No GPOs.
-
@scottalanmiller said in DC Demotion Question:
@Dashrender said in DC Demotion Question:
@scottalanmiller is NTG using Azure AD for it's Windows 10 machines yet? Is NTG using anything for GPOs?
Yes, we've been on Azure AD for quite a while now. Like since last year.
No GPOs.
Local admin? or at least access to the Local admin account?