I need to specify an approach for migrating a Windows 2008 Active Directory environment to a new data centre. There is not currently connectivity between the two data centres though that could be an option if needed.
I am looking for the most sensible approach here. A limited amount of downtime will be acceptable, but this should be limited to hours rather than days.
Current options I have looked at are:
- Adding new DCs in the new Data Centre to the existing domain (with appropriate connectivity) and allowing replication, then decom old servers.
- Take a backup and restore this in the new Data Centre, but base don my reading this uses a system backup and so would probably not work if restored to a new machine?
Appreciate your help with this one.
Thanks
This could easily turn into either opinion-based or "minimal understanding required" to be honest. Since this isn't a one size fits all thing. It will depend on your environment, options at your disposable, downtime allowed (which you stated), size of environment, IP network provisioning and overlap if any, and many other factors.
However, given your current options you are considering....
Option #2 is a bad idea.
Option #1 works...and would be the most likely scenario most would go with. Bring up a new DC or 2 in the new data center. Replicate (and continue to replicate) AD over whatever connection you can achieve (VPN tunnel, MPLS, whatever) between the old and new centers. If the old DCs truly aren't doing anything that the new ones are at some point then yes you can decomm them (properly), or you can simply migrate them over to the new data center as well. Bear in mind factors like IP changes (which may include firewall policy changes), DHCP and DNS issues, CAs, FSMO roles, and other common roles that may be included on a DC.