Move a Domain Controller to an Orphan Site.

Garima Das 981 Reputation points
2020-10-01T08:00:16.13+00:00

Hi All,

I have an environment where I have two sites one in India and another in China. I have Domain Controllers under each site that are communicating among themselves. If I demote one of the servers, it will disturb the communication among the other DC's as well. I want to move one of DC's from one of the sites to an orphan site to cut off the traffic coming into that DC. Can this be done and will this disturb the communication among the DC's?

How do I move the DC to the orphan site?

Thanks

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,575 questions
{count} votes

4 answers

Sort by: Most helpful
  1. Dave Patrick 426.1K Reputation points MVP
    2020-10-01T13:15:29.527+00:00

    If I demote one of the servers, it will disturb the communication among the other DC's as well

    What is meant here?

    I want to move one of DC's from one of the sites to an orphan site to cut off the traffic coming into that DC

    If this will be permanent the you can perform cleanup to remove the DC from active directory.
    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments No comments

  2. Fan Fan 15,276 Reputation points Microsoft Vendor
    2020-10-02T00:28:41.533+00:00

    Hi,
    Welcome to post here!
    To know the questions more clearly, would you please tell more information following, if i misunderstand you ,please feel free to let me know:
    All the DCs from one site(India) can communicate with DCs from the other site (China),right?
    All the DCs within the same sites can communicates with each other, right?
    When you said "move one of DC's from one of the sites to an orphan site to cut off the traffic coming into that DC", do you mean you want to create a new site ,and move one of the DCs into it?Or you just want to cut off the traffic coming into that DC?

    Best Regards,


  3. Fan Fan 15,276 Reputation points Microsoft Vendor
    2020-10-05T05:26:35.263+00:00

    Hi,
    For Moving a Domain Controller to a Different Site
    You can refer to the following procedures in order:

    Chane the static IP address of a domain controller
    Create a delegation for a domain controller
    If the parent DNS zone of any zone that is hosted by this DNS server contains a delegation to this DNS server, use this procedure to update the IP address in all such delegations.
    If your forest root domain has a parent DNS domain, perform this procedure on a DNS server in the parent domain. If you just added a new domain controller to a child domain, perform this procedure on a DNS server in the DNS parent domain. By following recommended practices, the parent domain is the forest root domain.
    Verify that an IP address maps to a subnet and determine the site association
    Determine whether the server is a preferred bridgehead server
    Configure the server to not be a preferred bridgehead server
    Move the Server object to the new site.
    For more details you can refer to :https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc739015(v=ws.10)?redirectedfrom=MSDN

    Then when moved the DC successfully, you can cut down the traffic between from the new sites to other sites.(Make sure that the DC was acted as a DNS server also, or if you but down the traffic, the name resolution will not work.)

    Active Directory Replication over Firewalls

    0 comments No comments

  4. Dave Patrick 426.1K Reputation points MVP
    2020-10-05T13:00:25.42+00:00

    Now the question is, If I do so, then will it cut off the traffic coming in to that DC?

    This is more a networking question. As long as there's no route between the two there will be no communications.

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments No comments