Collections
Deploying Active Directory
Administration
DC IP Change

DC IP Change

Changing the IP address of a domain controller is surprising straight forward. Below are instruction on how to both prepare your environment and perform the IP address change.

Prerequisites

It’s recommended that you validate the following settings before proceeding.

Domain Controller Health Check

Before proceeding please perform a DC Health Check on the domain controller to verify that it’s fully functional. It’s recommended that any errors found be resolved prior to continuing.

Network Adapter’s DNS Settings

To ensure the new IP address is registered within DNS, confirm that your domain controller’s DNS settings are configured correctly. Please see DNS Settings for more information.

FSMO Roles (Optional)

While not strictly necessary, you may wish to ensure all FSMO (Flexible Single Master Operation) roles are located on other DCs. This will reduce the importance of the DC within the domain and make it easier to manually remove if disaster strikes.

Please see FSMO Roles for information on determining which DCs control each role and the process to migrate roles to other DCs.

Global Catalog (Optional)

Its best to ensure at least one other DC holds a copy of the Global Catalog. Please see Global Catalog for more information on determining which DCs contain a replica of the Global Catalog and how to add additional DCs.

Clearing Cache Preparation (Optional)

As many servers cache DNS records in an effort to reduce the number of queries sent to the domain controllers, it may be worth performing a system-wide DNS cache flush after IP change operation has been completed. Doing so will reduce the overall impact as systems will no longer need to wait for the affected cached records to timeout before being able to obtain the new IP information and re-establish communications with the DC.

Environment Specific Considerations

Depending on your environment you may need to consider and prepare for updating the following services:

  • If you use Active Directory Sites and Services, you may need to update the subnet information to reflect the new topology changes.
  • You may need to update your DHCP scopes if this DC is one of your listed DNS servers.
  • If any services were configured to perform LDAP queries against the IP address of the DC, these services will need to be updated.
  • If Network Policy Service is installed and in use, you may need to update any affected device that uses the DC for RADIUS authentication.

Performing the IP Address Change

Once the above prerequisites have been satisfied, perform the following to update the IP address on the DC.

  1. Change the IP address via the network adaptor settings.
  2. Open a Command-Prompt window as Administrator and run the following commands.
# flush dns
ipconfig /flushdns

# register the new IP address with the DNS service
ipconfig /registerdns

# ensure all affected SRV records are updated
dcdiag /fix
  1. (Optional) Restart the DC.

Post Operations

Depending on your configuration, check and verify the following:

  1. If running the DHCP service on the domain controller, verify the server is still authorized.
DC Health CheckDC Decommissioning