Hi, I cannot find Windows Server 2003 forums, so I'll put my question here. Well, we have only one AD server (Windows 2003) which must be formatted. Our plan should belike this: - find another server (code name AD2) - install there Windows Server 2003 and promote it to second AD server, move FSMO roles - format first server (code name AD1), install a fresh Windows Server 2003 installation, promote it to "new second" AD server, move FSMO roles back - demote AD2 to a member serverPlease advice if this is valid procedue. If yes, I need detailed instruction regarding promoting AD server and moving roles because I haven't done this before. Thnx!

Are you doing this to have in the end the same name for the old server ? Why not perfom an inplace upgrade , check my article here : In-Place Upgrade from W2K3 DC to Windows Server 2008 If you do not wish to do an inplace upgrade, then check this article to know how to transfer FSMO role, click here HTH, Tarek _____________________________Tarek Majdalani MVP -- ISA Firewalls Website : http://www.elmajdal.net/Win2k8

Hi, I cannot do in-place upgrade to Windows Server 2008 - it must be a Server 2003. Only difference is regarding 32/64 bit - new target AD after two transfering roles will be Server 64 bit (original is 32 bit). If I understand you correctly this is procedure for transfer FSMO roles: 1. Transferring the RID Master, PDC Emulator, and Infrastructure Masters via GUIActive Directory Users and Computers - Operation Masters 2. Transferring the Domain Naming Master via GUIActive Directory Domains and Trusts - Operation Masters 3. Transferring the Schema Master via GUIRegister the Schmmgmt.dll library MMC console - Active Directory Schema - Operation Masters or 1. Transferring the FSMO Roles via NtdsutilStart - Run - Ntdsutil - transfer <role> Transfer domain naming masterTransfer infrastructure masterTransfer PDCTransfer RID masterTransfer schema master After moving FSMO roles to a second AD - I can format the original AD - right? After fresh installation of previoslly server - I need to transfer FSMO roles back like on first time - right?

Do not forget to set your New DC as a Global Catalog. HTH, Tarek _____________________________Tarek Majdalani MVP -- ISA Firewalls Website : http://www.elmajdal.net/Win2k8

Oh, thnx! Well, i found this KB for setup new Global Catalog. It must be done before transfering FSMO roles or after that? Anything else...? thnx for your help.

Actually, this KB says how to How to create and How to remove the global catalog...

Hi, You might be interested into this approach as well : How to use the Install from Media feature to promote Windows Server 2003-based domain controllers HTH, Tarek _____________________________Tarek Majdalani MVP -- ISA Firewalls Website : http://www.elmajdal.net/Win2k8

Hi, Firstly, I confirm with you that your process is correct. The following is detailed steps for your reference: Steps for demoting the first server : ==================== 1. Verify the new server's TCP/IP configuration has been pointed to the current DNS server. 2. Make the new server become a member server of the current Windows Server 2003 domain first. 3. Run "dcpromo" on new server to promote it as an additional domain controller in existing Windows 2003 domain; Install DNS component on new server and configure it as a new DNS Server (Active Directory Integrated-Zone is preferred). All the DNS configuration should be replicated to the new DNS server with Active Directory Replication. Afterwards you may verify the installation of Active Directory. 4. Transfer the FSMO roles to the new server: Open Command Prompt and type Ntdsutil. At the Ntdsutil command prompt, type roles. At the FSMO maintenance command prompt, type connection. At the server connections command prompt, type connect to server <DomainController>. Please note: <DomainController> is the machine to which you want to assign the role. In this case, it should be the new Windows 2003 domain controller. At the server connections command prompt, type quit. At the fsmo maintenance command prompt, type the following lines in the sequence: transfer RID master transfer PDC transfer infrastructure master transfer domain naming master transfer schema master Reference: ============ How to view and transfer FSMO roles in Windows Server 2003 http://support.microsoft.com/kb/324801 How to view and transfer FSMO roles in the graphical user interface http://support.microsoft.com/kb/255690 Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller http://support.microsoft.com/kb/255504 5. Enable Global Catalog on new server and manually Check Replication Topology and afterwards manually trigger replication (Replicate Now) to synchronize Active Directory database between 2 replicas. Please note: It will some time to replicate GC between DC, please wait some time with patience. Here are some steps to enable a global catalog Open Active Directory Sites and Services. Please note: Active Directory Sites and Services/Sites/site that contains the domain controller that you want to disable or enable/Servers/domain controller In the console tree, click the domain controller where you want to enable or disable the global catalog. In the details pane, right-click NTDS Settings, and then click Properties. Select the Global Catalog check box to enable the global catalog. 6. Disable Global Catalog on old DC. Make all the clients change TCP/IP configuration to point to new server as DNS. 7. After ensuring everything works normally with the new server, you may start demoting the old DC by running DCPROMO. After completing reinstalling old DC, you can also refer to the above steps to replicate DC2 with old DC. I hope this helps. If anything is unclear, please post back. Best wishes --------------Morgan Che Microsoft Online Community Support

Hi Morgan, Thnx for your detailed instructions!! Well, I have just one additionalquestion... 5) how to manually check Replication Topology (after enabling new Global catalog)?Thnx.

I've been down this road before and wrote down my experiences in the process. You can use the replmon and repadmin tools to check and optionally troubleshoot proper Active Directory replication.

Thxn for your post too. I'll check all suggestions tomorrow and back to you at the end of day. BR, Jack

Hi guys, Thanks for all comments and instructions - I have checked all of this, everything is very clearand we'll try to do this tomorrow. Thnx again. BR, Jack.