+ Reply to Thread
Results 1 to 4 of 4
  1. Senior Member
    Join Date
    Oct 2010
    Posts
    857

    Certifications
    CISSP, CEH
    #1

    Default 2003R2 to 2008R2 migration question

    Hi all,

    I have a question, I already performed a 2003R2 Domain controller to 2008R2 DC upgrade (prepping the 2003 environment, checking domain / forest levels, transfer of fismo roles, regserv32, then clean up meta data, etc). Is this the same process if you have a secondary domain controller? Meaning, if I already transferred the primary DC to a 2008R2 DC would I do the same steps (minus the forest prep / transfer of roles) for the secondary DC? I was under the impression its the same process from my readings minus those steps. Just curious if my logic / understanding is correct.
    Last edited by higherho; 04-19-2012 at 12:30 AM.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Oct 2010
    Posts
    857

    Certifications
    CISSP, CEH
    #2
    almost 100 views and no response

    Well, I figured out that I really did not need to do anything other than clean up metadata from the old secondary domain controller. Word of advice to all! If you are using PKI (Smart card logins) do not forget to publish your certs to your NTAuthCA store! :0
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Oct 2005
    Posts
    1,030

    Certifications
    CCNP (R&S/Voice), CCDP, CCIP, VCP, NCDA, MCSE, CCNA Security
    #3
    Cleanup metadata? You shouldn't have to do that if you demote the domain controllers properly.

    I also usually go through DNS and make sure the SOA, NS, and SRV records for the old controllers were removed/updated.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Oct 2010
    Posts
    857

    Certifications
    CISSP, CEH
    #4
    Quote Originally Posted by kalebksp View Post
    Cleanup metadata? You shouldn't have to do that if you demote the domain controllers properly.
    I have a bad habit of double checking everything when it comes to devices that control alot. I went through the steps that I learned through my 70-640 / virtual setup. After I removed the roles and disjoined the old box from the domain all that was left was DNS.

    I also usually go through DNS and make sure the SOA, NS, and SRV records for the old controllers were removed/updated.
    Yep all have been removed and new ones in place.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks