C
C
chief2018-03-17 23:27:36
Active Directory
chief, 2018-03-17 23:27:36

Two main separate controllers of one domain. How to destroy?

Folks, please help clear this messed up situation.
In general, they called from their former work to look at their network, because "something the Internet stopped working."
There were two 2008 R2 servers on the network. One is AD\DNS\DHCP\Domain (in short, all in one), the second is terminal local users.
The first server is now dying, and their EniKeyschik, while the first one was offline, decided to re-configure the domain/dns/network on the second one. And in principle, everything works right now.
Here I appear, raise the first server, I see that from the remaining roles - AD (a couple of accounting users and their PCs). The rest of the working PCs are just in workgroups, the second PC is now in its own domain (same as the first one). I want to transfer everything to the second server so that the first one can be completely disabled and disassembled.
Actually task:
Yes:
- Server1 on which (so far) hangs only AD with computers and users + domain
- Server2 on which everything hangs + the same domain, but configured separately.
- Both servers are on the same network, and both consider themselves the primary domain controller.
- A bunch of working PCs outside the domain + a bunch of local accounts on the second server to which they clung via RDP.
It is necessary:
​​- To somehow transfer a few accounts / PC from AD Server1 to AD Server2.
QUESTIONS:
- How to make the server see each other and make the migration of users / PCs?
- Maybe there is some software to copy users and import them to Server2?
- If I create exactly the same Users and PCs on Server2, and reset the passwords (and turn off server1), will users be able to log in to client PCs normally? or it is necessary perevveti to the domain?
All in all. With the rest I think I'll figure it out.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
S
Saboteur, 2018-03-18
@saboteur_kiev

Demolish server2 and raise it as another AD server in the first domain.
Then transfer all functions to it and remove them from the old one. After that, the old server can be turned off.

C
chromimon, 2018-03-18
@chromimon

An Active Directory Domain Controller is multiple roles.
They can be transferred in parts.
In what condition are you looking and razrulit.
Google for the phrase: FSMO Active Directory
There must be 2 Active Directory servers in the network - the main and the backup. This is not required, but highly desirable.
Both a virtual machine and a machine with other functions (for example, terminal server functions) can perform the functions of an AD server.

#
#, 2018-03-18
@mindtester

1 - the bolivar cannot take away two - kill one, at your choice
2 - export groups and users to csv if necessary
3 - devotion to the new shogun (entering computers that have lost their owner, entering groups and users, and by the way - delegation of profiles (and nothing lost) - script everything - the granite of science is waiting for your teeth))
ps well, or as God's punishment - manual routine can be blamed on the guilty one))

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question