Domain controller server 2012



  • I have 90 users in a dc that is not working correctly, users permissions are messed up, shared drive access not showing printers not printing etc.

    Dc is being used for dhcp and file sharing.

    How can I build a new dc and migrate al the computers to the new forest?

    I have spent to much time trying to fix it. I think it will be faster to rebuild it?

    Your thoughts



  • Just build a new domain controller and sieze the roles.

    No need to create a new domain.



  • Simply disable the domain services one the defective DC while leave the file shares intact.



  • @dustinb3403 I think he's wanting a new domain. He's saying he's got lots of problems and wants to start fresh.

    I don't know if that's necessarily required based on the info. It sounds like file permission issues and maybe some Group Policy issues. For the file share, you could just spin up a new server (assuming you have the licensing) and robocopy everything over to it and slowly rebuild permission as you see fit. Once you get everything setup just right, do one last sync and then shut down the old server.

    Shared Drive access and printers not printing may be more group policy related.



  • If you want to migrate that involves the following:

    1- Setup a New DC
    2- Changing the DNS and DHCP settings that you would change on this domain.
    3- Migration of Data
    3- You will do the File Share and Folder Permissions again on the new domain and copy the data again.
    4- You will need to recreate the user profiles for all the users.
    5- Then Redeploy the Printers either manually, via script or via GPO (I do recommend GPO).
    6- You will need to rejoin all the computers to the new domain.
    7- Migrate their profiles using ProfWiz or manually.

    Then you need to make sure it all works. What are the actual main issues right now?



  • We got hit with crypto locker,

    The dc handled file sharing and dhcp and it was the primary dc

    We thought the secondary dc wAs fine,

    However having to many problems with drives not working and users don’t have access to files and gpo not updating



  • @mroth911 said in Domain controller server 2012:

    We got hit with crypto locker,

    The dc handled file sharing and dhcp and it was the primary dc

    We thought the secondary dc wAs fine,

    However having to many problems with drives not working and users don’t have access to files and gpo not updating

    So then a start from scratch sounds like a good idea to me.



  • @dbeato said in Domain controller server 2012:

    @mroth911 said in Domain controller server 2012:

    We got hit with crypto locker,

    The dc handled file sharing and dhcp and it was the primary dc

    We thought the secondary dc wAs fine,

    However having to many problems with drives not working and users don’t have access to files and gpo not updating

    So then a start from scratch sounds like a good idea to me.

    In that case I would concur. Build a new DC, DHCP, DNS, File Servers and restore from backup. The biggest issue is going to be the downtime during the transition and getting everything back to where it needs to be.



  • You will also need to use something like USMT to move your user's profiles from the old domain to the new. That will be your most labor intensive part of the process.



  • As per the above but to migrate the desktops, use Transwiz. Takes 1 minute to migrate the user profile from the old domain to the new.



  • @manxam said in Domain controller server 2012:

    As per the above but to migrate the desktops, use Transwiz. Takes 1 minute to migrate the user profile from the old domain to the new.

    That's the one that I was thinking of when I saw the post. Just didn't have the chance to post.

    The above works really well.


Log in to reply