You must have Primary Active Directory Domain Controller and Backup Domain Controller on 2 separate machines for the installation and upgrade process of a new Domain Controller on the NEW machine to take effect
Add, to the Domain, the machines that you intend to operate as New Domain Controllers. The NEW machine HAS to have RECORD in the Active Directory, that you intend to operate as a Domain Controller. Minimum ADD 1 machine you intend to Operate as a New Primary (or Master) Domain Controller to Active Directory
After new Servers are added to the Domain, give it a couple of days for the Primary and Backup Domain Controllers to SYNCHRONIZE, and Update RECORDS of new Servers.
Make sure that Backup Domain Controller has a COPY of the Domain Controller Database with ALL records up to Date. Please check Active Directory Replication with Windows Server Tools such as [repadmin]. Alternatively you can disconnect network cable from Primary Domain Controller, and check that Backup Domain Controller works. You can check for user logins and such. You can leave a Domain Controller disconnected for the night or a couple of days etc. When you are done testing the Backup Domain Controller, plug the Primary in and follow next step.
Now, on Primary Domain Controller, Demote Master Domain Controller Server Role. Primary Domain Controller takes OFF its Role to Serve Active Directory Group Data. Backup Domain Controller will Operate until you get NEW Master Domain Controller Up.
After this, on the NEW Server that you Intend to function as a Primary Domain Controller, under Server Roles, PROMOTE it to Primary Domain Controller. The System will copy Active Directory Database from Backup Domain Controller to the New Server and will PROMOTE it to Primary Role, that allow Serving and Editing of Group Policy Records.
Give it some time to Replicate the Database. A couple of days should be enough.
Please Note: Replication of Active Directory Database DOES NOT copy the EXTENDED SCHEMA, from the Backup DC to Primary DC. Administrator has to Extend Group Policy SCHEMA, on Primary Domain Controller MANUALLY, for EVERY Application that you are CURRENTLY using. DO NOT Extend Schema for the Applications that are NOT currently using. For example, you can extend Schema for Microsoft Exchange Email Server to the CURRENT Version of the software you are currently using. Other Software Packages may include VoIP software that connects to Active Directory, etc.
After all is done and replication is completed, you can PROMOTE and DEMOTE other Backup Domain Controllers at your convenience.
No comments:
Post a Comment