I recently found myself in a rather tricky situation with my demo lab environment. My primary domain controller, which also happened to be my only domain controller, threw up a message box that left me scratching my head. After several failed attempts to activate Windows and troubleshoot the issue, I realised I needed to create a new domain controller and migrate everything across. This experience was a reminder of the importance of having a robust setup and a solid plan for such scenarios.
Setting Up the New Domain Controller
First things first, I had to get my new server, COBOL, ready to join the domain. Since it wasn’t currently connected, I needed to assign it a hard-coded IP address. Here’s how I approached it:
- Identify Network Connections: I checked the status of my network connections to determine which one was which. I had two networks: one connected to the internet and the other solely for the servers.
- Configure IP Address: I set a static IP address for COBOL and pointed its DNS to the existing domain controller, AIRLAN.
Once that was sorted, I joined COBOL to the domain without needing a reboot, which was a relief. I was now ready to promote this server to be a domain controller.
The next step was to promote COBOL to a domain controller. Here’s a quick rundown of the process:
Add Roles and Features: I navigated to the server manager and selected the Active Directory Domain Services and DNS Server roles. This was crucial as I planned to decommission the old server and migrate all services to COBOL.
Installation: After selecting the necessary features, I initiated the installation. Once completed, I proceeded to promote the server.
Configuration: I opted to add COBOL to the existing domain rather than creating a new one. The wizard guided me through the necessary configurations, including enabling the DNS server and global catalog.
Final Steps: After confirming the settings, I clicked install. The server restarted automatically, and I logged in as the administrator.
Migrating Active Directory Roles
With COBOL now functioning as a domain controller, it was time to transfer the Active Directory roles from AIRLAN. Here’s how I did it:
- Access Active Directory Users and Computers: I right-clicked on the domain and accessed the operations masters to see which server was currently holding the roles.
- Role Transfer: I changed the roles over to COBOL for all three operational master roles. This step is vital in ensuring that the new server takes over all responsibilities.
Decommissioning the Old Domain Controller
Once I confirmed that all roles had successfully transferred, I was ready to decommission AIRLAN:
Remove Active Directory: I initiated the process to remove Active Directory from AIRLAN. This involved running the necessary commands and confirming the removal.
Final Checks: After demoting AIRLAN, I ensured it was no longer a domain controller and that it had transitioned to a workgroup.
Clean Up: Finally, I shut down AIRLAN and deleted it from my Hyper-V manager, leaving COBOL as the sole domain controller.
Conclusion
Migrating Active Directory from one machine to another can seem daunting, but with a clear plan and methodical execution, it can be done smoothly. This experience reinforced the importance of having a backup plan and being prepared for unexpected issues.
If you find yourself in a similar situation, remember to take it step by step, ensure all roles are transferred correctly, and don’t hesitate to reach out for help if needed. After all, the world of IT is all about collaboration and learning from one another. Happy migrating!
so I just came upon a nasty situation in which my primary domain controller in fact my only domain controller of my demo lab environment and has popped off this message box and I have been unable to resolve it I’ve tried to activate Windows it failed and I’ve tried to do a bunch of other things so what I need to do is create our new domain controller and migrate everything across if I can so hopefully this is going to work so this server let me pop this open this is air LAN which is my primary domain controller if I flip over to my new server which is COBOL it’s not currently joined to the domain so I I do not have DHCP I will need to set a hard-coded IP address for this machine so we’re going to and now let me check which ones which network connect it’d be nice if it let me know which one was which so let’s just get the status and this has an IP address so this is Wi-Fi and this does not there we go so this is private I have fed two networks one plugged into the internet and the other plugged into just the servers so let me just fix it IP address with one and currently I need to set the DNS of the server that is our domain controller so let me join the domain and here we go go join this machine to the domain they don’t have to reboot this machine I have activated so I won’t be in the same boat as I was before and there we go welcome to the and naked isle I’m com domain so let’s restart this machine for a minute as my domain administrator and more or less there we go we are now in and the domain so what we really want to do is we want to promote this machine to be a domain controller within the domain so now if we go to local server we’ve got our server COBOL in the naked LM domain so now I need to promote this to be a domain controller so the first thing we do is when to add roles and features and the server and I got to go to so we need to select item Directory domain services and DNS server and we’re going to be decommissioning the old server moving all the services across to this server and so we need to make sure we have all of the things available we’ll need our DNS server we need to select any additional features it’s already set up anything that we need when we selected the options that we want it so it’s going to automatically set all this up and there we go we can start the installation going and there we go installation has completed we still have at some configuration to do because although we’ve installed all the PCs we need we haven’t configured any of them yet so I’m going to click on this option to promote at the server to a domain controller so we’re going to M we’re not creating a new domain or a new forest or any of those things I already have all of that set up I just want to move everything across so I’m going to add this domain controller to the existing domain so it’s pre-selected the domain and that I was currently on she’s awesome so I’m just going to click Next and really we mostly want a default set of options so right now is communicating with the mid mean domain controller and figuring out what options I can select so now that that’s loaded you can see that the it’s limited the options that we have available and we’ve got dinner server enabled global catalog we don’t want it read-only I’m going to leave the default site put in our password options replicate from well I can see I need to mean controller or it can pick the one other one I have easy enough I’m going to leave the path default this really is a demo system but I’ve made a lot of configurations so I don’t want to lose the existing to me and that’s why I’m not just setting up a new one it’s fun when you have to then go and rebuild all of your servers that have sequel server and whatnot on them there we go there’s completed all the appearance it checked there’s a couple of triangles a couple of bangs default security settings are enabled I’m okay with that a thorat of parent zone can be found again I’m ok with that and so we can just go ahead and click install if you were in a production to mean you may want to look more carefully at those things I’m not so I don’t care so because we just installed domain controller it’s going to restart as automatically if I click close I think it’s effectively just going to there we go often do it itself now this restart me take a little bit longer than normal there we go let me Logan is the administrator no no we’re almost there we have a server it is a domain controller if we still have a bunch of things that we need to move across to this it’s going to sink in the background at some of the capabilities and it should other DNS may not be replicating yet go to DNS manager and it has already replicated awesome so you can see all the the servers that I’ve had in the past so I’m no longer exist probably needs a bit of cleanup um but it’s already replicated the DNS across but there are a number of other M pcs - Active Directory that are specific to a server and we need to move those across before we can decommission the old server so the first thing we need to do is open up our Active Directory users and computers and if we right click on our domain and click operations masters we will see that I am currently the our ID operational master is airline and we’d like it to be cool bald so if we hit the Change button that will change it over our primary domain controller is currently airline we change that now it’s COBOL our infrastructure master is currently airline again change it over and I were at COBOL for all three of our operational master roles now in a very large domain you might have these on separate servers for performance and scalability but here we don’t really need that now everything should be transferred over m to cobol we’re going to leave that for a couple of minutes just make sure that everything trans over errors over correctly and then we’ll be able to decommission the old domain controller so in order to remove Active Directory we remove idividuals pick our server so you can see that we still have the schema operational master role on this server so if we right-click and select run and run MMC for /a and add the schema snap in there we go we’re now currently we connect to airline there we go so we’re connected to our operational master and if we click operations master you can see that it says airline in both boxes what we need to do is change the server and see then know both online connect to cobol and if we right-click select operations master we don’t have current as airline we want to change it to cobol so we hit change yes we want to change operational master has now been changed close that no so we’ve removed the schema operational master we also need to remove the domain name operational master in order to that we run the domains and trusts we right-click on Active Directory domains and trusts select operational master and you’ll see that the current is airline we want it to be cool ball and we can just change that over and we’ve moved that across as we’ve moved these over we’re pretty good we can proceed with the removal hit next and that was it will and we can demote it we won’t we’ve successfully it demoted it’s going to restart anyway just force it there we go now while this machine is still is not a domain controller anymore it’s still currently joint the domain I believe we will check that in just a minute message we’re trying to avoid nope it’s a workgroup awesome so this server has been and removed from the domain and we have a new domain controller and really as there is absolutely no going back at this point anyway let me shut down this server there we go it’s off I’m going to open up my hyper-v manager and I can delete there we go I’ve deleted that server so now cobalt is our domain controller so on Kobol and if we do I pee don’t fake and this is for so now I can change let me pick our machine let’s connect to Baltar take the right password you may need to login as a local administrator let me open up Sarah manager up not on Wi-Fi well let’s open up our private about six before and this is number four is our new DNS server our new active joyed your domain let’s try something simple and we’re able to find everything in our domain and I will be who is not on this machine and add them in so we were able to query connect to itit rectory so it looks like everything’s doing just fine and there you go that’s how to migrate Active Directory from one machine to another and dmort the old machine
