Rebuilding First DC in Forest

[K]

Due to a variety of software glitches and hardware issues I need to rebuild
the first DC in my forest. By rebuild I mean format and reinstall the
entire OS.

There are 2 DCs in the forest (both 2003 Standard SP2). Each has DNS
installed (AD integrated) and each has WINS. DHCP is running on the first
DC. Both DCs are GCs. All FSMO roles are on this first DC at present.

Exchange 2003 and SQL 2005 is running in the domain but on a different box -
not sure if this is relevant.

Can someone please advise me of the correct sequence to perform so I don't
miss any steps out.

So far I am thinking the following:

To flatten machine:
1 - Transfer FSMO roles to other DC
2 - Install DHCP on other DC (change DNS/WINS addresses to those of new
server)
3 - Uninstall DHCP, DNS, WINS on the DC to be rebuilt
4 - Remove GC
5 - Demote DC
6 - Flatten machine

To rebuild machine:
1 - Install OS and patch
2 - Promote to DC
3 - Install DNS and wait for zone to show up
4 - Make server GC
5 - Install DHCP and WINS and swap DHCP back
6 - Transfer FSMO roles back
7 - Wait for replication

Have I missed anything out? Are there any other steps because of Exchange
and SQL (although they are on seperate boxes)?

I do plan on rebuilding the second DC and the Exchange box at some point in
the future also but this is the main concern at the moment.

Thanks in advance

 

[Meinolf Weber]

Re: Rebuilding First DC in Forest

Hello K,

See inline.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Due to a variety of software glitches and hardware issues I need to
> rebuild the first DC in my forest. By rebuild I mean format and
> reinstall the entire OS.
>
> There are 2 DCs in the forest (both 2003 Standard SP2). Each has DNS
> installed (AD integrated) and each has WINS. DHCP is running on the
> first DC. Both DCs are GCs. All FSMO roles are on this first DC at
> present.
>
> Exchange 2003 and SQL 2005 is running in the domain but on a different
> box - not sure if this is relevant.
>
> Can someone please advise me of the correct sequence to perform so I
> don't miss any steps out.
>
> So far I am thinking the following:
>
> To flatten machine:
> 1 - Transfer FSMO roles to other DC
ok, use this one: http://support.microsoft.com/kb/324801
> 2 - Install DHCP on other DC (change DNS/WINS addresses to those of
> new server)
ok, use this one: http://support.microsoft.com/default.aspx?scid=kb;en-us;325473
Additional do not forget to change the DNS server settings in the DHCP scope
options for the clients if you only use one DNS server for them.
> 3 - Uninstall DHCP, DNS, WINS on the DC to be rebuilt
not really needed
> 4 - Remove GC
ok, sometimes needed for demotion

4a run dcdiag /v, netdiag /v and repadmin /showrepl to check for errors

> 5 - Demote DC
do not foget to delete it by hand in Active directory sites and services,
not dome during demoting. Also check that it is move to the computers OU
are demotion and reboot is completed. Also you have to remove it from the
DNS server list in the DNS management console.
> 6 - Flatten machine
> To rebuild machine:
> 1 - Install OS and patch
> 2 - Promote to DC
make sure during promotion that the preferred DNS on the NIC is only using
the running DC.
> 3 - Install DNS and wait for zone to show up
> 4 - Make server GC
> 5 - Install DHCP and WINS and swap DHCP back
For DHCP i would choose 50/50 instead of 80/20 rule for redundancy, use:
http://technet.microsoft.com/en-us/library/cc780311.aspx
> 6 - Transfer FSMO roles back
not really needed
> 7 - Wait for replication
run dcdiag /v, netdiag /v and repadmin /showrepl to check for errors
> Have I missed anything out? Are there any other steps because of
> Exchange and SQL (although they are on seperate boxes)?
If exchange and SQL are on member servers just make sure that they always
have a DNS server available like all clients also.

> I do plan on rebuilding the second DC and the Exchange box at some
> point in the future also but this is the main concern at the moment.
>
> Thanks in advance
>

 

[Dusko Savatovic]

Re: Rebuilding First DC in Forest

Yes, your steps are generaly OK. Some points thou:

1. You must always have these services/features available and properly
reconfigured on the remaining DC:
- GC (you didn't specify that GC is turned on on the remaining DC)
- FSMO roles
- DNS
- DHCP
- WINS (optionaly)

2. On the DC you intend to demote, you don't need to turn off GC
specificaly. It will be removed when you demote. Turning off GC will not
automaticaly transfer GC to the remaining DC. You have to turn it on
explicitly on the remaining DC

3. It is good that Exchange and SQL Server are running on different
computers (preferably member servers, not DC's).

4. You may need to "poke" replication. Install support tools from Win2003 CD
and use 'replmon' tool.
After demoting your old DC, you may need to manualy delete remaining record
of it in AD Sites and Services and in DNS. After that start promoting a
'new' DC.

5. There is 'transfer' FSMO roles and 'sieze' FSMO roles function. Transfer
is voluntary transfer, and sieze is forceful transfer. If you have to do the
second, I would recommend that you use another name of the server when you
reinstall it. Otherwise, you may introduce some instability in your AD.

I wish that all works well for you.

"K" <no@spam.net> wrote in message
news:eyYWYMlEJHA.4936@TK2MSFTNGP03.phx.gbl...
> Due to a variety of software glitches and hardware issues I need to
> rebuild the first DC in my forest. By rebuild I mean format and reinstall
> the entire OS.
>
> There are 2 DCs in the forest (both 2003 Standard SP2). Each has DNS
> installed (AD integrated) and each has WINS. DHCP is running on the first
> DC. Both DCs are GCs. All FSMO roles are on this first DC at present.
>
> Exchange 2003 and SQL 2005 is running in the domain but on a different
> box - not sure if this is relevant.
>
> Can someone please advise me of the correct sequence to perform so I don't
> miss any steps out.
>
> So far I am thinking the following:
>
> To flatten machine:
> 1 - Transfer FSMO roles to other DC
> 2 - Install DHCP on other DC (change DNS/WINS addresses to those of new
> server)
> 3 - Uninstall DHCP, DNS, WINS on the DC to be rebuilt
> 4 - Remove GC
> 5 - Demote DC
> 6 - Flatten machine
>
> To rebuild machine:
> 1 - Install OS and patch
> 2 - Promote to DC
> 3 - Install DNS and wait for zone to show up
> 4 - Make server GC
> 5 - Install DHCP and WINS and swap DHCP back
> 6 - Transfer FSMO roles back
> 7 - Wait for replication
>
> Have I missed anything out? Are there any other steps because of Exchange
> and SQL (although they are on seperate boxes)?
>
> I do plan on rebuilding the second DC and the Exchange box at some point
> in the future also but this is the main concern at the moment.
>
> Thanks in advance
>