Author Topic: Q: best practice to replace old 2008r2 DC  (Read 1134 times)

fortech

  • Zen Apprentice
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Q: best practice to replace old 2008r2 DC
« on: September 10, 2021, 04:34:17 pm »
Hi,

I'm trying to setup a Zentyal machine to replace an old 2008r2 DC in a small office (10 staff)

I am curious if someone can comment / basic sanity check. As I am unclear on the 'last graceful step' options.

More or less I have followed hints from online doc, https://zentyal.com/migration-from-windows-server-to-zentyal/

- install zentyal clean from latest installer
- during install tell zentyal to join existing windows domain, give the correct hostname/wins name for current DC / user-pass for domain admin and designate suitable new wins name for this zentyal host.
- this much went smoothly, and it imported the users / I can see and manage them from Zentyal now as secondary DC.

What I am less clear about.
- my goal is to power off the old windows box
- ideally won't delete / reconfigure map drive access on client computers, which all point to old 2008r2 server

I am unclear if I can simply
- do the AD migrate command step (sudo ./ad-migrate)
- let it transfer roles from windows DC to Zentyal DC
- after that I can power off the old windows box
- next bits are fun questions:
-- assign secondary IP address to zentyal so it has 2 IPs, one is its unique IP it was deployed with, and second IP will be on a virtual interface and is same IP that used to be associated with windows 2008r2 DC.
-- and similarly add a FQDN/Alias pointer so that clients can still ping the 'old-windows-server-FQDN' and get reply back from zentyal

in this manner clients can access

\\192.168.0.2  (old IP of windows DC)
and hit Zentyal not the windows box
or

\\FQDN-of-windows-server   - and also hit the zentyal box

which will have shared/samba shares to mimic what was present on the 2008r2DC box.


I'm just not sure if I will make zentyal-samba-DC unhappy - if I give it this identity via secondary IP and alias FQDN
or if it really won't care, since it will hold the windows domain keys to the kingdom after the ad-migrate script has basically retired the old DC from the picture anyhow?

sorry if this is painfully obvious, I just can't see this detail covered off in the howto doc.

I'm quite familiar with Linux, Samba, etc, so that is less a concern. More a matter of the zentya / and samba DC config.

Many thanks!

Tim