Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Windows 2003 R2 Dcpromo

  • 29-12-2007 10:01am
    #1
    Registered Users, Registered Users 2 Posts: 119 ✭✭


    Hi all

    I am installing two new sites on our WAN.

    The OS for these servers are Windows Server 2003 R2.

    Our Domain is at 2003 functional level. All DC's are Windows Server 2003 (initial release) with SP1

    DO I need to upgrade all the servers to SP2 and run a ADPREP then?

    Our FSMO master is Windows 2003 Server initial version. Will this cause an issue??

    Thanks

    Mark


Comments

  • Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    I would bring all servers up to SP2 1st, its nice to have them all the same, Also Why use R2 you just just not use R2 CD when it asks for it

    Then this way you will have all server on 2003 sp2 R1

    how does this sound?


  • Closed Accounts Posts: 1,637 ✭✭✭joePC


    1. Install SP2 on all R1 machines
    2. Run the following on your exsiting FSMO holder.

    Insert the R2 cd and from start --> Run

    D:\CMPNENTS\R2\ADPREP>adprep /forestprep

    This will upgrade the schema to the R2 version and you will be able to run dcpromo on all your new R2 machines.
    This will have no issues with your exsiting setup.

    Cheers, Joe


  • Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    nice 1

    will try this is a test lab 1st!


  • Registered Users, Registered Users 2 Posts: 119 ✭✭keystone


    Thanks for this.

    One of the techs in the office built them using R2. We want to utilise the R2 DFS improvements for sharing our DML. They are located in Dublin and Galway. We (IT) based in Waterford.

    We have 22 DC's so upgrading the all to R2 would be painful. We may downgrade.

    Do we need to upgrade all DC's to R2 considering the Schema changes?


  • Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    Would it be easier to wipe to 2 servers rather than messing up 22?


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 119 ✭✭keystone


    Exactly my thinking........

    Gonna have a 'chat' with the techs in the office when we are back after the break!!!!!!

    I'm going to recreate this in the lab and see what happens with it anyway.


  • Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    yeah I alot of headache for the sake of rebuilding 2 servers 4 hrs would rebuild 2 server with full windows updates,

    Vs

    the unknown of messing with Schema and FSMO And all?


  • Closed Accounts Posts: 1,637 ✭✭✭joePC


    There is no unknown here, simply upgrade the schema to R2 on one of your DC's and it will automatically replicate to all,

    Its a tried and tested solution and won’t affect your GP's

    Best of luck. Also just out of interest how many locations / users are you serving with 22 DC's


  • Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    It does seem like alot of DC's alrite?

    Are all 22 servers DC or maybe just member servers??

    Does the DC you upgrade need to hold all the FSMO roles or just any DC?


  • Registered Users, Registered Users 2 Posts: 119 ✭✭keystone


    I have multiple site on the WAN. Some are remote VPN based.

    We have at least one local DC in each site that serves local logons etc.

    Altogether there are 39 servers in the organisation.

    Luckily all data in centralised regionally i.e. East, West, Southe, North, using Sharepoint etc.

    Virtualisation may be the next big step.

    The server that is being promoted is just a member DC

    The FSMO master is Windows Server 2003 SP2 (R1). No plans to upgrade that yet.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    Quite alot of kit so then, How do you manage backup on all the WAN sites? have you got SAN's and stuff?

    Have you Exchange on all sites, or you you multiple e-mail domains?


  • Closed Accounts Posts: 1,974 ✭✭✭mick.fr


    Would be curious to know the number of sites/clients as well.
    For instance I know a gov body that has 14.000 employees in over 500 sites, they have 4 DC that's it, and in a central location.
    Even people isolated behind 128k lines can authenticate.


  • Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    Hmm thats sounds a vert interesting configuarion

    I suppose the Ideal setup is to have a DC/GC on each site just for a local DC for speed??

    Should all the remote sites just be DC and GC and hold no other FSMO roles?

    How about DNS / DHCP and subnets whats the best way to configure these?


  • Registered Users, Registered Users 2 Posts: 119 ✭✭keystone


    It is. Allows for speedier logons and application of Group Policies in a more managed environ.

    The local DC hold no FSMO roles. We have a 'hub' site that has these roles shared amoung two DC's. These roles can be switched easily enough anyway.

    It's always a good idea to have all DC's as GC's also.

    Each site has it's own subnet and DNS (due to the fact it has its own DC). I would generally run DHCP from the DC's also.

    All in all it works very well. Its especially good for site on VPN connections.


  • Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    I supposse that make godd sense alright

    are you using intergrated DNS with AD ?


  • Registered Users, Registered Users 2 Posts: 119 ✭✭keystone


    Yes. Scavanging DNS records every 5 or 6 days. Works ok!

    All Subnets have a reverse DNS Zone also.


  • Registered Users, Registered Users 2 Posts: 2,860 ✭✭✭tech


    sweet deal so then


  • Closed Accounts Posts: 1,974 ✭✭✭mick.fr


    tech wrote: »
    I supposse that make godd sense alright

    are you using intergrated DNS with AD ?

    That should almost always be the case anyway.
    Replication is faster and the data transmitted securely.


Advertisement