need to move a domain controller, the first in the forest that holds all the fsmo roles, to another location in a clients building. it will require turning off this dc, call it dc1 for this question. i want to transfer the fsmo roles to a new domain controller call the new one dc2. dc2 is already on the network and has been promoted and made a domain controller, it's dns settings are set and it is also a global catalog (GC). the work is scheduled to be done after hours and i am also planning on moving the dhcp server to dc2.
i am looking for a best practices checklist of things to verify prior to moving fsmo roles and turning dc1 off? as far as i know there are no issues with replication between the dc's. my biggest worry is if i turn on dc1 after moving it and i have hardware issues or boot issues, i would rather move the fsmo roles to a known good one that is a few months old (dc2) vs still using a 5yr old box (dc1), this is part of my migration strategy too.
thanks for the help.
Some of these tips are just general AD health checks.
dcdiagon both domain controllers to ensure everything is clean.dcpromo.Why do you want to turn dc1 off? If there is only a single domain controller in your domain and it fails, you'll have a big problem on your hands. Consider leaving dc1 running as backup.
If you are simply turning the FSMO role holder off to move it to another physical location but logically on the same network, there is no reason to move the FSMO roles. The only exception is if you are not confident the server will survive the move.
Even so, should the server not survive the move, it is possible to seize the FSMO roles onto another DC. This requires removing all references to the old DC from Active Directory and DNS; the old DC can never again be connected to the network until Windows is reinstalled.
Transferring roles cleanly is always preferable to seizure.
Reference: http://www.petri.co.il/seizing_fsmo_roles.htm