[techtalk]

I have a question for all the WinServer 2003 geniuses out here:

I have an IT project that consists of a server consolidation...

Current network: (2) Windows Server 2003 servers running a single domain in native mode; all clients are Windows XP
Server #1: domain controller, DNS server, VPN server, file server, DHCP server
Server #2: Exchange Server 2003, anti-virus server
Goal: consolidate all network services to Server #2 (because Server #1 will be removed offsite and permanently disconnected from domain shortly).

What I know: I am taking care of moving over the VPN, file, and DHCP services
What I need help with: how to make Server #2 the only domain controller and DNS server in the domain (because Server #1 will be removed as of the end of this week).

If anyone could point me in the right direction, I would be tremendously grateful.

If I have missed a posting that addresses this issue, please forgive the newbie- just pass on the link. If this should be posted in a different forum/category, please advise.

Thank you one and all in advance for your help.

[wkasdo]

Hi, welcome to the forum! Some pointers to get you started.

- promote server2 to DC.
- move all 5 FSMO roles to server2
- make server2 a global catalog.
- install the DNS service on server2; it will automatically pick op the zones
- make sure all memberservers and workstations (and server2) point to server2 for DNS.

check everything carefully, for instance by turning server1 off. If all stays working, demote server1.

[windux]

Do not forget your DHCP.
You will choose to export the database if you have a complex scope configuratin or many reserved IP's.
All memberservers and workstations point to server2 for DNS trough dhcp scope options or if you have static ip address then you need to change it yourself.

[techtalk]

wkasdo,
Thanks very much for the help. Should I assume that the order in which you listed the items is a good chronological order to follow?

Today I successfully made Server2 a domain controller. I'll be working on the FSMO roles and the rest tomorrow- I'll let you know how it goes.


windux,
You're right about the DHCP. Thanks for the guidance.

[wkasdo]

Quote:

Originally Posted by techtalk

wkasdo,
Thanks very much for the help. Should I assume that the order in which you listed the items is a good chronological order to follow?

Yes, that is the general plan. I am sort of assuming here that you have nothing else on server1, like licensing, shares, quota, ... but I guess you know all that.

[techtalk]

Ok, I guess you could say that I'm hurtin' for certain.........

I found out too late that Exchange hates it when you change the role of the server that it's installed on (see http://support.microsoft.com/kb/822179 ). After I promoted Server2 to DC, I moved over the 5 FSMO roles, made Server2 a GC, installed DNS, and DHCP on Server2. I then started getting an avalanche of warning and error messages in several of the event viewers on both servers. Everything from DCs not being able to find a DC to not being able to find/apply the GPO policy to LDAP authentication errors to dynamic DNS update errors to file replication errors.... I've just been up the entire night trying to find out where the problems are coming from and what to do about it. I'm not sure where to go from here.

I've included two .docs of the error messages in the event logs.

Help?

The only thing I can think of is bring up another server in the domain, load Exchange on it, move over mailboxes, take Exchange off Server2, "fix" Server2, then reload Exchange on Server2 and move mailboxes back over. Does that make any sense?

[wkasdo]

Up front: never seen this before. However, most of it seems to be related to a bad DNS. Worth trying:

- point DNS in tcp/ip of server2 to server1.
- reboot server2.

If that fails, you could demote server2. That should restore Exchange functionality, right? Never mind why that is failing, can't think of any good reason.

If the demote fails, do it the hard way: 'dcpromo /forceremoval' on server2, and run the metadata cleanup afterwards on server1.

Strange KB, that link. Perhaps Daniel can shed some light. I guess the 'correct' way would be to:
- backup exchange
- uninstall exchange
- promote to DC / GC
- install exchange in recovery mode
- restore database.

Again, never tried that because I never had these trouble!

[techtalk]

wkasdo wrote

Quote:

...worth trying:

- point DNS in tcp/ip of server2 to server1.
- reboot server2.

Well, for the record, what seemed to fix it was some time, and a DNS change like you recommended. After finding a similar posting somewhere, I made the following changes:
- in the TCP/IP properties of server2 I made the 1st DNS point to server1 and the 2nd point to itself
- vice versa for server1's TCP/IP properties- 1st point to server1, then itself.
Then of course a reboot of both servers, and all was well! It's amazing how much can go wrong if DNS is off....and so much for that MS kb article!

At that point I was able to successfully demote server1, leaving server2 as the only domain controller.

Thank you kindly for your help!