Should I demote my old DC?

Vertigo

Vertigo

Vertigo

Soldato
Joined
28 Dec 2003
Posts
16,522
Ok so the subject looks like a stupid question but bear with me :p

As per my previous post, I've been migrating our DCs to new 2012 R2 ones. This has all gone fine.

Of our two old 2003 DCs, I've demoted one of them back to a member server. In order to test everything is working correctly this week, I've now turned off the last remaining 2003 DC. I intend to leave it off for a week or so to check for any remaining issues (odd machines still pointing at it for domain services etc).

My question is, once this period is over and I'm happy, should I just leave the old server switched off (and eventually scrap it) or should I restart it, let it sync back up again and then demote it properly?

I don't care about the old machine as it'll be scrapped either way, I'm more concerned about whether I should properly demote it to remove all trace of it from the domain or whether I can just leave it disconnected and possibly perform a little manual clean-up of AD?
 
Vertigo1 said:
Ok so the subject looks like a stupid question but bear with me :p

As per my previous post, I've been migrating our DCs to new 2012 R2 ones. This has all gone fine.

Of our two old 2003 DCs, I've demoted one of them back to a member server. In order to test everything is working correctly this week, I've now turned off the last remaining 2003 DC. I intend to leave it off for a week or so to check for any remaining issues (odd machines still pointing at it for domain services etc).

My question is, once this period is over and I'm happy, should I just leave the old server switched off (and eventually scrap it) or should I restart it, let it sync back up again and then demote it properly?

I don't care about the old machine as it'll be scrapped either way, I'm more concerned about whether I should properly demote it to remove all trace of it from the domain or whether I can just leave it disconnected and possibly perform a little manual clean-up of AD?
Click to expand...

Demote it properly. If you turn it back on after, even a short time it will not sync properly.
 
Turn it back on. Its only been a few days. You will see any sync errors in the event logs on the other DCs if there are problems. If its been off for a couple of weeks you will most likely see problems.
 
I thought the tombstone period for DCs was 180 days?

Anyway, I plan to leave it off this week (been off since Friday). If all is well by the end of the week I think I'll start it up again, let it sync and then demote it properly before raising the functional level.
 
Tombstone period depends on the OS the domain started with.

I was in the same position as you. I shutdown a DC for 3 weeks after migrating roles and had errors on the other DCs when I booted it back up.

You could always demote, leave it on as a member server for a few weeks. Then if need be you can promote again or remove from domain and turn off server.
 
Turning off a dc, leaving it off, and then turning it back on weeks later is very very bad practice. You're much more likely to introduce issues to your environment than simply demoting the server.

Power it back on and demote it.
 
Re. upping the domain functional level, don't know how big your company is, but if you have any non-Microsoft systems that use AD or LDAP authentication, be very careful with this, as it's non-reversible, and can cause other stuff to break.

You also need to convert your SYSVOL replication to DFS-R as 2012 R2 is the last version of Windows to support FRS. If you try to upgrade those DCs to 2016, the upgrade will fail.

http://blogs.technet.com/b/filecab/...eamlined-migration-of-frs-to-dfsr-sysvol.aspx
 
Another vote for demoting... Deleting the object out of AD is viable, but one day you'll do something like install exchange 2030 and hit a wall because it left *something* behind. I inherited a domain a few years ago with all the old servers left in it, it took weeks to clear all the errors from the two DC's, which i needed to do before troubleshooting some actual problems :(

Nox
 
You must log in or register to reply here.
Back
Top Bottom