Hi All, I am planning to install new DC in our HQ (Dublin) and then ship the DC to branch office (Cork). We have two sites in our AD Dublin and Cork. After bringing up DC in cork change it's IP address to local subnet IP and move DC object in ADSites to Cork. Do you see any issues with this approch? Or should i need to travel to cork and do clean install in branch office? Thanks in Advance, Ne0 Renukanath S

Hi, By reviewing the information in Known Issues for Adding Domain Controllers in Remote Sites, you can determine the best method to use for installing domain controllers in your remote sites. Known Issues for Adding Domain Controllers in Remote Sites http://technet.microsoft.com/en-us/library/cc781721(v=ws.10) When you ship a domain controller to a remote site, you must disconnect it from the network and, consequently, from the replication topology. If a domain controller must be separated from the replication topology for a period of time that might be longer than a tombstone lifetime, you must take preliminary steps to ensure a smooth reconnection. Otherwise, it is possible that a long-term disconnection can result in a deleted object being reintroduced into the directory. Such deleted objects, when they are retained on a domain controller that has been disconnected for a period that is longer than a tombstone lifetime, are called "lingering objects." Lingering objects that are security principals, such as users or groups, can cause problems with Active Directory searches and e-mail delivery. Lingering objects can also jeopardize security if a user is allowed access to a resource by virtue of membership in a group that has been deleted. By taking preliminary precautions, you can ensure that long-term disconnections do not result in directory inconsistency from lingering objects. To complete this task, perform the following procedures: Determine the anticipated length of the disconnection.Determine the tombstone lifetime for the forest.Determine the maximum safe-disconnection period by subtracting a generous estimate of the end-to-end replication latency from the tombstone lifetime. Either find the latency estimate in the design documentation for your deployment or request the information from a member of your design or deployment team.View the Current Operations Master Role Holders to determine whether the domain controller is an operations master role holder.Transfer the Domain-Level Operations Master Roles, if appropriate.Transfer the Schema Master, if appropriate.Transfer the Domain Naming Master, if appropriate.If you use File Replication Service (FRS) to replicate SYSVOL, you can decrease the time required to update SYSVOL when the domain controller is restarted by performing a preliminary registry update on the server.Enable Strict Replication Consistency, if necessary. If strict replication consistency is not enabled on the domain controller that you are disconnecting, use this command-line procedure to enable strict replication consistency on specific domain controllers or on all domain controllers in the forest.Synchronize Replication with All Partners. Update the domain controller with the latest changes just before you disconnect it.Verify Successful Replication to a Domain Controller for the domain controller that you are disconnecting.Label the domain controller with the date and time of disconnection and the maximum safe-disconnection period. For more information and detailed procedures please refer to following MS articles: Best Practices for Adding Domain Controllers in Remote Sites http://technet.microsoft.com/en-us/library/cc779177(v=WS.10).aspx Preparing an Existing Domain Controller for Shipping and Long-Term Disconnection http://technet.microsoft.com/en-us/library/cc816924(v=WS.10).aspx Preparing a Server Computer for Shipping and Installation from Backup Media http://technet.microsoft.com/en-us/library/cc782774(v=ws.10)Lawrence TechNet Community Support

Hi, By reviewing the information in Known Issues for Adding Domain Controllers in Remote Sites, you can determine the best method to use for installing domain controllers in your remote sites. Known Issues for Adding Domain Controllers in Remote Sites http://technet.microsoft.com/en-us/library/cc781721(v=ws.10) When you ship a domain controller to a remote site, you must disconnect it from the network and, consequently, from the replication topology. If a domain controller must be separated from the replication topology for a period of time that might be longer than a tombstone lifetime, you must take preliminary steps to ensure a smooth reconnection. Otherwise, it is possible that a long-term disconnection can result in a deleted object being reintroduced into the directory. Such deleted objects, when they are retained on a domain controller that has been disconnected for a period that is longer than a tombstone lifetime, are called "lingering objects." Lingering objects that are security principals, such as users or groups, can cause problems with Active Directory searches and e-mail delivery. Lingering objects can also jeopardize security if a user is allowed access to a resource by virtue of membership in a group that has been deleted. By taking preliminary precautions, you can ensure that long-term disconnections do not result in directory inconsistency from lingering objects. To complete this task, perform the following procedures: Determine the anticipated length of the disconnection.Determine the tombstone lifetime for the forest.Determine the maximum safe-disconnection period by subtracting a generous estimate of the end-to-end replication latency from the tombstone lifetime. Either find the latency estimate in the design documentation for your deployment or request the information from a member of your design or deployment team.View the Current Operations Master Role Holders to determine whether the domain controller is an operations master role holder.Transfer the Domain-Level Operations Master Roles, if appropriate.Transfer the Schema Master, if appropriate.Transfer the Domain Naming Master, if appropriate.If you use File Replication Service (FRS) to replicate SYSVOL, you can decrease the time required to update SYSVOL when the domain controller is restarted by performing a preliminary registry update on the server.Enable Strict Replication Consistency, if necessary. If strict replication consistency is not enabled on the domain controller that you are disconnecting, use this command-line procedure to enable strict replication consistency on specific domain controllers or on all domain controllers in the forest.Synchronize Replication with All Partners. Update the domain controller with the latest changes just before you disconnect it.Verify Successful Replication to a Domain Controller for the domain controller that you are disconnecting.Label the domain controller with the date and time of disconnection and the maximum safe-disconnection period. For more information and detailed procedures please refer to following MS articles: Best Practices for Adding Domain Controllers in Remote Sites http://technet.microsoft.com/en-us/library/cc779177(v=WS.10).aspx Preparing an Existing Domain Controller for Shipping and Long-Term Disconnection http://technet.microsoft.com/en-us/library/cc816924(v=WS.10).aspx Preparing a Server Computer for Shipping and Installation from Backup Media http://technet.microsoft.com/en-us/library/cc782774(v=ws.10)Lawrence TechNet Community Support

Hello, there is no need for clean install in Cork. Prepare the server in Dublin and if everything is replicated after promotion and you have checkd with the support tools dcdiag, repadmin and dnslint change the ip settings and shutdown the server. NOW reconfigure AD sites and services where the DC should be moved to the Cork site. If you start the DC in Cork check within DNS zones and all SRV records that the new ip address is listed and use the support tools again to assure everything is healthy.Best regards Meinolf Weber MVP, MCP, MCTS Microsoft MVP - Directory Services My Blog: http://msmvps.com/blogs/mweber/ Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.