FSR TO DFS SYSVOL Migration on Windows Server 2012

Lab:

Windows 2012 AD Services

Functional Level 2003 raised to 2008 R2

CHECK BASICS

on domain controllers issue

net share – check if the sysvol are shared

repadmin /replsum – to check if the synchronization is working

regedit then HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters then check that entry SysvolReady is 1. You need to check on all domain controllers.

services.msc – check if the DFS Replication in the extended tab is set up Automatic Startup

MIGRATE FUNCTIONAL LEVEL

In my case I was on 2003 so had it raise it to 2008 (2008 R2).

First Make sure that all your AD server are within the level you raise.

So if you raise to 2008 R2 all your AD servers need to run at least Windows Server 2008 R2

Administrative Tools Folder -> Active Directory Domains and Trusts  Right click on domain then click on Raise domain functional leven Then choose the one you want from the list. Click Raise. This should only take few second. Once done on Primary AD the changes should be made to all of them.

to check which your DC is Primary issue

nltest /dclist:domain.int 

You will see that one of your DC has got [PDC] flag which means it’s primary

MIGRATE THE DOMAIN TO THE PREPARED STATE

BACKUP FIRST

Check install role Windows Server Backup from Add role control panel. It should on the second list of services after you press Next first time.

To make a state backup run: https://technet.microsoft.com/en-us/library/cc742124.aspx

wbadmin start systemstatebackup -backupTarget:\\myshare\dc1

Wait until backup is finish it may take some time.

SET GLOBAL STATE ON PDC DOMAIN CONTROLLER IDEALLY (Make sure it’s not RODC) (Read-only)  https://blogs.technet.microsoft.com/askds/2011/10/28/friday-mail-sack-they-pull-me-back-in-edition/#netdom

Use the command below firs to check then move it says Start dfsrmig /setglobalstate 1

Do not progress further until all domain controllers are showing “Prepared” state

check using

dfsrmig /getglobalstate

THIS PROCESS MAY TAKE SOME HOURS/DAYS

 

 

Advertisements

How to install multiple packages with Ansible

The below is my task example used in ansible-playbook of how you can install multiple packages in Debian use ‘yum’ in redthat/centos distros.

The below install bind (Dns) packages and it’s making sure that the bind9 is started


# This playbook contains common plays that will be run on all nodes.

- name: Is Bind Installed?
  apt: name={{ item }} state=installed
  with_items:
   - bind9
   - bind9-doc
   - dnsutils

- name: Is Bind Started?
  service: name=bind9 state=started

How to create directory and make sure that the permission are correct using Ansible

The below is an example of what you can enter in your task/main.yml file if you are using ansible-playbook command

The below will create multiple directories if does not exist and it will make sure that the permission are correct.


---
### This is main task for DNS Slave servers

- name: Make sure that directories for Slave servers exists
  file:
   path: '{{ item }}'
   state: directory
  with_items:
   - /var/cache/bind/Data
   - /var/cache/bind/Slave
   - /var/cache/bind/Slave.rev
   - /var/log/named

- name: Make sure that directory have got correct permissions
  file:
   path: '{{ item }}'
   owner: bind
   group: bind
  with_items:
   - /var/cache/bind/Data
   - /var/cache/bind/Slave
   - /var/cache/bind/Slave.rev
   - /var/log/named

 

 

How to select default editor in Linux / MC

 

Make sure that your choose editor exist or install apt-get install vim / yum install vim

then

export EDITOR=vim

Open up MC (Midnight Commander) if you are using then

$mc

then F9 -> Option -> Configuration and untick – select internal edit for view and edit.

The next time you will edit f4/or view f3 file in mc it will open in VIM or your selected editor