0

Our main server got hit with a virus last week and although I cleared it the server is acting very slow and getting tons of reg errors. We have a back up server that only has the OS installed on it. (2003)

What are some options on moving AD,DNS,DC to the back up server? I`ve looked up AD migration but does this move over all the documents and such too?

We are still using the server that was infected just so people can work. Would it be wise to install all the software and documents on the backup and then migrate over? Anyone know of a good guide to do this?

Or is just starting from scratch more secure?

Install DNS,AD,DC to back up server under a new domain and then entering all the users installing the license server, terminal server etc... And then move everyone's information over...

I plan on formatting the server that was infected and making it a second DC in case this happens again.

squillman
  • 38,163
user160605
  • 73

2 Answers2

4

Restore the server from backup. You do have a backup, don't you?

Who knows how badly this virus has damaged your server. I honestly couldn't recommend transferring anything over from it.

An easy way out would be to promote that other server to a domain controller, transfer all the FSMOs to it, then completely wipe the first server.

Then rebuild the first server after a complete wipe of the hard drive, and make it your new secondary DC.

Ryan Ries
  • 56,311
3

You want to:

1) Add a second Domain Controller to your existing domain. Make sure it's a Global Catalog.

2) Transfer all the FSMO roles to the new Domain Controller.

3) If possible, gracefully demote your virus infected Domain Controller. If not, forcefully remove it.

4) Format the virus-infected server.

5) Add a second Domain Controller to your existing domain (using the formerly virus-infected server hardware that you formatted).

HopelessN00b
  • 54,273