Home
Join
check
  • Since you're not actually removing the 2003 DCs, I see no benefit to trying to shut down DNS on the DCs. You can leave DNS running, while pointing everything to new DNS servers.

    Was this post helpful? thumb_up thumb_down
  • View Best Answer in replies below

    10 Replies

    • What is the plan for AD? Are you just going to workgroup mode? Why move to 3rd party for DHCP and DNS, compared to introducing newer domain controllers?

      How many different subnets?

      Any reason to not keep the same IP addresses for DHCP and DNS? That basically eliminates any client changes, and no change to IP helpers needed.

      I keep same IP when replacing my domain controllers/DHCP/DNS servers. It makes cutover much simpler.

      Spice (1) flagReport
      1 found this helpful thumb_up thumb_down
    • Agree with transferring DHCP server (Not totally though) but not DNS server as it completely should be integrated with your AD infra if you want to have AD structure in your production however.

      Was this post helpful? thumb_up thumb_down
    • Hi,

      The 2003 domain is an old legacy domain that we'll look to eventually decommission, but we're not quite ready yet. We have another Windows 2012 R2 domain which is our main AD, but that also runs using a 3rd party DNS provider. We've already paid over £150K for this DNS and DHCP IP address management solution. My preference would have been use AD for DNS and DHCP or another product, but I work in the public sector and in this case, a new supplier/system is seen as a risk and too big a change (hence the directive from management to continue with the status quo - not my choice).

      We have around 20 subnets and around 50 clients in the legacy domain (as most clients have been migrated to our new AD). We can't keep the same DHCP and DNS server addresses as they belong to our 2003 DCs and we want to move this functionality to our main DNS and DHCP appliances which serve the bulk of our estate (several thousand clients). 

      Was this post helpful? thumb_up thumb_down
    • Wow, you are paying so much for so little.

      You can take existing DCs and give them new IP addresses, and then that makes old IP available to  new appliances. Lower risk because you only touch the current DCs and new appliances, not everything else. Easy to revert, too. Changes can be implemented in just minutes.

      Was this post helpful? thumb_up thumb_down
    • Your IPAM solution is costing 3000 quid per endpoint? OMG.

      Was this post helpful? thumb_up thumb_down
    • " Wow, you are paying so much for so little." - I kind of agree, like I mentioned we're public sector, unfortunately if we moved to a new solution and something didn't work there'd be a lot of finger-pointing and blame, however, to upgrade an existing solution at a significant cost is lower risk as we're doing a like for like upgrade (even if the system isn't that great). Basically saving the organisation £150K in an attempt to improve services is seen as being outweighed by the risk of moving to a new solution.

      " that makes old IP available to new appliances" - I can't do that as the new appliances are already being used for several thousand devices.

      " Your IPAM solution is costing 3000 quid per endpoint" - No, we already have QIP being used for several thousand devices, we're simply looking to move another 50 devices over to QIP (the legacy 2003 AD domain). My question is how do I handle the decoupling of DNS and DHCP from 2003 domain controllers when integrated DNS is being used?

      Was this post helpful? thumb_up thumb_down
    • Turn off DHCP on old servers. Turn on DHCP on new devices, and update DHCP relay.

      Now, for DNS you can either update all statically assigned devices and DHCP scopes to use new DNS servers, or maybe you can take current DCs and give them different IP, and take new appliances and give them original IP of current DCs.

      Was this post helpful? thumb_up thumb_down
    • Can anyone advise if there are specific steps related to AD that I need to do, other than ensure all records are copied across?

      Can I just stop the DNS and DHCP service on the 2003 DCs and reconfigure their local NICs to point to QIP?

      Should I change the SOA and the Nameservers for my2003domain.com to point to QIP?

      Or should I just install the DNS and DHCP roles from the 2003 DCs? This worries me a little, as it'll mean we'd struggle for a rollback.

      Was this post helpful? thumb_up thumb_down
    • Since you're not actually removing the 2003 DCs, I see no benefit to trying to shut down DNS on the DCs. You can leave DNS running, while pointing everything to new DNS servers.

      Was this post helpful? thumb_up thumb_down
    • The old DNS servers would have had an allow rule on the firewall that would need to be closed

      https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc...

      Ensure the DHCP options are set for Phones etc on the new subnets

      Was this post helpful? thumb_up thumb_down

    Read these next...

    • Spark! Pro Series - 16 August 2022

      Spark! Pro Series - 16 August 2022

      Spiceworks Originals

      Today in History: 16 August 1501 – Michelangelo awarded contract to create his statue of David at Florence Cathedral by the Overseers of the Office of Works (The Operai) of the Duomo 1691 – Yorktown, Virginia f...

    • Weather proof box to house a 5 port ethernet switch

      Weather proof box to house a 5 port ethernet switch

      Networking

      I am doing a project for a non-profit museum and part of that is finding a way to mount 2 5 port ethernet POE switches (2 different locations) on a pole. This will have to be done in a small weather proof lockable box/cabinet. Basically, I am going to be ...

    • Snap! UK water supply, Android 13, Zoom for Mac, Artemis I, cable closet story

      Snap! UK water supply, Android 13, Zoom for Mac, Artemis I, cable closet story

      Spiceworks Originals

      Your daily dose of tech news, in brief. Welcome to Tuesday, August 16th, which is also Tell A Joke Day. I imagine most of you know the common UDP joke so I'll go with another one. What wedding gift should you buy for a Windows administrator? I don'...

    • Patch cabinet spaghetti

      Patch cabinet spaghetti

      Networking

      I’m awaiting the arrival of new switches. I’ve got a patch panel full of a tangled mess some 3-5m cables some to short etc…. our engineersmonskte have added some cables directly From rooms to the patch panel and they are just ends to go directly into swit...

    • Never set up AD, where to start learning?

      Never set up AD, where to start learning?

      Windows

      I have ZERO experience on setting up AD, but I'm thinking on upgrading a network from customer to AD. Actually, they have just the server there with all folders shared to everyone, not even passwords on the shares.I'm assigned to fix it. They have 25 user...