3

I need to re-build a Server 2008 R2 instance, but I don't want to lose all the current Active Directory info, what's the best way to go about it?

The reason I'm rebuilding over repairing is great, as the server has many issues (I inherited them from previous IT):

  • Cannot upgrade domain forest functionality level from 2000 to 2008
  • Cannot download Windows updates
  • Cannot use Enterprise anti-virus agents
  • SQL Server is non-functional
  • Roles/Feautures error out, and won't even let you view the list
  • Partition structure is messed up

Any one or two of these issues, and I'd just try to repair the server, but at this point; unless there's no way to safely migrate the AD users/permissions, I think I'm better off with a clean install.

Brian Deragon
  • 227
  • 1
  • 4
  • 13

2 Answers2

5

Install another AD server, replicate AD information, then rebuild the original? You should have more than one AD server; they'd replicate your information (except for specific roles.) That's supposed to protect from having an AD server crash or losing connectivity, so your network continues to function with most of the functionality.

Bart Silverstrim
  • 31,092
  • 9
  • 65
  • 87
  • Should is the key word, my clients running a very small business, only like 10 computers, so 2 servers wasn't an option for him. – Brian Deragon Jan 29 '12 at 14:47
  • 2008R2 has both 60-day and 180-day trial versions you can use to leapfrog here. – SpacemanSpiff Jan 29 '12 at 14:53
  • No, should is the solution. Install second server on a laptop you bring in as consultant. Noone says it has to be there for ages. THAT SAID: I run a small business with 6 employees and we have 2 servers because guess what - small servers cost nothing compared to having 6 pople not do any work while backups come in. And the client DOES make backups, or is he gambling his business away? – TomTom Jan 29 '12 at 15:03
  • TomTom while I do agree that having 2 x AD/DNS is good practice in real life scenario with small companies 6-10 people and spending 1000 euro per server (means 2000euro+) and another 500 euro per Windows 2008 R2 Standard license isn't an option in a lot of cases. But I do propose to use Bart solution to migrate AD first (even to VM on Laptop) – MadBoy Jan 29 '12 at 15:12
  • Look into the cost of getting a decent server for virtualization purposes, then have a physical and one virtual AD server. Really, small business or not, losing your AD because of a single server going down can cost more than the cost of an extra server. AD doesn't need a hugely spec'd system to be functional. – Bart Silverstrim Jan 29 '12 at 21:29
1

If you want to continue using this Active Directory on rebuild server you may as well go and fix the problems first. Considering that you can't do much about upgrading forest functionality etc means you already have problems with AD that will require fixing (I really doubt that simply by reinstalling server and reimporting same AD data will fix the problems).

Fix Active Directory and all the problems and then migrate AD (and other things) as per @Bart suggestion to a temporary location (like setup a VM on your laptop, make it secondary AD and migrate everything to it using trial license). Then when you are sure AD migrated properly, (most likely you will have to fix AD first anyway for that to succeed) databases are copied, remove AD from main server (using dcpromo and Roles and Features - hence why you should have to fix your server first). Simply backing up System Data and Registry and reapplying it to reinstalled server may cause serious consequences and be pain in the a...

Also I would suggest using some imaging software to mirror drives to make sure you have a working copy (it's easy to forget some important thing).

MadBoy
  • 3,703
  • 13
  • 61
  • 93