Advice needed: 2003 server reinstall

Hemps

Hemps

Honorary Master
Joined
Jan 19, 2009
Messages
11,661
Reaction score
1,631
Location
Slummies
We have +-60 staff members that currently connect to a 2003 R2 x64 server , they are all joined to the domain, active directory, receive dhcp etc.

Server was installed 5 years ago, but is giving us constant issues and runs very slow, previous IT chap installed lots of ****.
I am tasked with redoing the server from scratch, complete reinstall of server 2003 and reinstate data and apps.

Now I'm not in the mood to redo every workstation, so I want to keep their user profiles and not have to import .pst files and copy over desktop and my docs etc.

Any ideas?
 
I take it this server is running exchange as well. What is the hard drive layout you are using on it? eg 2 146 GB sas drives raid1 for os, 4 500 gb sas drives raid 5 for data etc.
 
No exchange.

250gb running OS
500gb storing data.

What does HDD order matter?
 
Given the current trouble you're having i'd recommend a swing migration,if it's a SBS server take a look at the kits these guys provide

If it's a regular Server 2003 with Exchange installed i'd set up a virtual server to replicate the AD for a week or 2 then set up the Replacement server to replicate thereafter for another week or 2. Backup your AD store and exchange. Install exchange on the replacement server and set it to run as a backup Mail server. Move 1 test account to the backup server and test whether the client PC automatically adjusts. If it's working as intended start moving more accounts over. Once all mail accounts have been moved DCPromo replacement server to take over all the FSMO roles that was running on Server1. Set up DHCP and DNS services on replacement server,and stop the services on server1. Now if everything went right you'll have your users still logging in and working with little knowledge of the change. Decommission server1

*Edit - i see no Exchange,ignore the Mail migration parts,demote server1 and promote replacement if replication is working as intended
 
Shortened version as im too lazy to edit the entire post:

Join replacement server and virtual second server to AD as member servers and install AD roles. Wait a week or 2 for AD replication. Test shutdown server1 and see if you can log into accounts not used before on specific PCs ( create a test login acc on server1,check if it's in server2's AD store,shut down server1 and try logging into test acc on one of your workstations only AFTER server1 is shut down ). If you could log in the replication's going good and you can install the new roles,promote it to primary after a time and remove the old server
 
What PsyWulf suggests is the best way of doing it. It gives you time to properly sit and configure the new server. Also remember to transfer all fsmo roles to the new server before decommissioning the old one.

Dont do the below if you are running a raid setup at the moment. The last thing you want to do is sit with a non bootable raid on your hands.

If you dont have the cash for a new server you can do a full backup including system state of the server onto another hard drive. Disconnect the current drives and replace them. Install windows with the same hard drive layout eg windows installed to drive c. Get the new install up to the same service pack level as the previous one and do an authoritative system state restore and select to include all the data. make sure if you data was on drive e that on the new install drive e is available to the OS before doing this.
 
Indeed as dark mentions if you don't have a second server standing by you could restore and pray :P

Or you can do the virtual -> transfer roles -> demote,remove server1 -> reload server1 -> join it to domain as member,add AD role and replicate the virtual -> promote server1 and transfer roles -> decommission virtual

It is a bit more risky and you have downtime then of course - I wouldn't want to do this replication for less than 3 days to be sure it doesn't immolate and suicide on me :)
 
Hemps, I would recommend you find out if the company you work cant look at replacing the server. The reasons i say this are

1. You can do the transition properly and setup everything on the new server and test with very little downtime. (the way PsyWulf) suggested first. The other way i have done, but not by choice.

2. More reliable and faster hardware. Something like this takes a lot of time to do and if you do it it might as well be for the next 5 years. Yes you might get everything setup in a weekend, but spend weeks on tweaking little issues. You also dont want go through this and the server fails a few months later.

The old server does not have to go to waste, you can use it for less important tasks. eg a virtual server for you to play.
 
Indeed! Not to mention that Backup tombstones for AD restoration can be stretched to a maximum age of 12months ( I say maximum but it's quite a pain to even consider using a tombstone this old ),after that you are quite fuxed if the new AD isn't cleanly handling the domain
 
PsyWulf said:
Indeed! Not to mention that Backup tombstones for AD restoration can be stretched to a maximum age of 12months ( I say maximum but it's quite a pain to even consider using a tombstone this old ),after that you are quite fuxed if the new AD isn't cleanly handling the domain
Click to expand...

Clean install! It's weekend ... Monday's worries!
 
agree with Psywolf,
(I do the below on a VERY regular basis)


1) Join a 2nd 2003 server to the domain (even a reliable PC will do)
promote it using "DCPROMO"
http://technet.microsoft.com/en-us/library/cc732887(WS.10).aspx
if both servers are on the same LAN segment the sync will be quick. (<3 hours on 100baseT)

2) Once the 2nd DC is happy (updates & all) transfer the FSMO roles to 2nd server
http://support.microsoft.com/kb/324801

3) Once the 2nd server hosts the FSMO roles, install DHCP. (duplicate the scope from the 1st server (same scope but with the new DNS server address in "scope options"))
Then disable DHCP on 1st server, & activate/authorize DHCP on the 2nd server
Do a "ipconfig /renew" on all workstations to see if desktops get IP details from new DHCP server.

4) Shut down the 1st server (or pull network cable) & test logons & DNS resolution from a couple of workstations.

5) if domain communication is happy, DCPROMO (demote) the 1st server + remove it from the domain.
If the demote fails (it sometimes does) use "ntsutil /remove" on the (new) server2 to forcibly remove server1 from AD.
http://support.microsoft.com/kb/216498

Now re-install the 1st server from scratch + updates etc.
Join to domain again + a DCpromo
transfer the FSMO roles back. (from server2 to server1)

and revert DHCP.

all usernames/passwords/profiles etc remain the same.

If you have a WSUS server on the LAN with all 2003 updates available then the above process can be 100% completed in < 8 hours.
 
Nice detailed steps bubbatentoe.

Is it really necessary to demote an old server if the newly replicated one works fine?
 
I'd suggest either RAIDing the hard drives, or replacing them entirely ( with RAIDed drives ) - I get very nervous with server hard disks that are more than a year old, especially for something as important as a domain controller.
 
OK I took into account that the newly promoted server was a temp machine, sommer a workstation PC.
I use PC's (with no driver support for Windows2003) regularly as temporary DC's.

My primary DC's are always server based machines with RAID1 for the boot & active directory partitions.

so if your new server is a SERVER then no, it's not required to demote it again (while promoting the original server back).
if it's happy and you are also then just leave it where it is.
 
What would you guys say is recommended after a clean install?

- Antivirus
- VNC + remote desktop
- Mozilla firefox (I hate IE :p)

that's about it I put on my servers. Don't need more than that.
 
I'm a Symantec endpoint protection (in a managed environment) fanboy.
I use their remote deploy tools over the WAN, works a treat.

UltraVNC (Active Directory integrated) & ALWAYS Firefox.

:-)
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X