>> Can I promote the VM to be the Primary DC; take the 2003 DC offline; Do a clean

install on the physical machine and then re-promote it to Primary DC (with the same
name that it had)?

The previous comment pretty much answered this. The idea of 'Primary DC' and
'Secondary/Backup DC' from the NT4 days was removed in Windows 2000 and has
not been there in Server 2003 or 2008 either. All DCs are multi-master (meaning they
are all essentially the same). The only thing you need to be concerned about are the
Global Catalogs (GCs) - all DCs should be GCs too as per best practices - and the 5
FSMO Operations Roles.

When removing a DC, you need to ensure it doesn't hold any of the 5 operations roles,
that you have at least 1 other GC, and that there is another DNS server running
somewhere - workstations also need updating to point to this DNS server.

To do the action you describe, it's simply a case of doing a server migration - twice.
First time, you move the roles etc. to the VM, then you rebuild the old server and then
migrate back. I've posted details for this at the end of this post.

>> Should I use the 32bit or 64bit version? It is only a DC and a Printer Server/ I
have other 32 bit servers on the network... will this make a difference in their
performance as well?

Definitely 64-bit. I should note Server 2008 was the LAST server release which had a
32-bit architecture edition in the release. Server 2008 R2 (due to RTM sometime last
this quarter or beginning of the next) and all new server Operating Systems will be
64-bit only. By installing 64-bit now, you can more easily do an in-place upgrade to
R2 if necessary.

You may run into problems with a 64-bit print server but 32-bit workstations, but this
is quite easily overcome with a few simple precautions.

>> Aside from temporarily losing print services... What other problems would be
causes if I did it during normal business hours?

Agreed. DNS and DHCP are important. Workstations MUST be updated (through
DHCP, or manually if they are statically assigned) to use the VM DC as their
preferred DNS server; don't leave the IP of the server you are working on in there
while it is offline, as that could cause a potential problem.

>> Would I have to rejoin all the computers to the domain after it is completed? Will
I have to re-deploy printers to everyone? I have one shared directory on the
machine... will I have to set it up on the workstations again?
The VM DC maintains a replica copy of the Active Directory database, so will hold
the domain up while the other server is rebuilt. Just bring the new server up, dcpromo
to promote it, make it a GC and DNS server, then add it back in as a
preferred/alternate DNS server to workstations. No rejoining required.

Shared Directory will be fine - provided it is shared out with the same name. It will
just remap.
As for printers, you MAY run into a problem with drivers which I mentioned above.
This is just going to be a trial and error step, as depending on various variables will
depend on whether it is successful (no printer remapping) or not (remapping
required).

>> Will Windows 2008 as all DCs effect a SQL 2005 instance on a 2003 Server
machine???

It should not have an effect on an SQL Server 2005 database.

>> If I make it the same name... do I have to delete it from AD in order to allow it to
join?

You don't have to (you shouldn't have to with workstations either). However, while
the DC is formatting, it might be a good idea to pull out its computer account and
remove any traces of the DC from Active Directory Sites & Services (using the VM
instance).

>> can I just move those roles back to the physical server and then the VM will go
back to it's old ways??? Or should I take a snapshot of the VM and just use the
snapshot when I am done

Don't take a snapshot and revert - unneeded complications and recipe for disaster. Just
transfer the roles back using the same procedure you used initially (per the below
info).

-Matt

--
Steps to install the 2008 DC once the old box is demoted and formatted.
As the first step (to demote), you need to follow the procedure on transferring FSMO
roles and then the demotion procedure. Then format, install Server 2008 and follow
the entire set of steps from the top down...

Install Windows Server 2008 onto the new server which is intended to be promoted as
a Domain Controller. Ensure the new server is assigned a routable static IP address on
your IP subnet. Ensure the IP address is not included in any of your existing DHCP
scopes. The only DNS server entry at this stage should be the IP address of the
existing domain controller on your network.

After installation, join the new machine to the existing domain as a member server.
This procedure is exactly the same as joining a workstation to the domain.

Since you are upgrading the Operating System on the new Domain Controller, you
will need to add some values to the existing Active Directory schema, in order for the
new server to become a Domain Controller. Windows Server 2008 supports more
functionality than before, so a schema upgrade for the domain and forest is required to
facilitate this and make this new feature set fully functional on the domain. To make
the necessary changes, you must be logged on as the built-in Administrator user
account, or a user with Domain, Schema and Enterprise Admin privileges.

Insert the Windows Server 2008 media into your current server . Open a command
prompt and browse to sources\adprep folder within the Windows Server 2008 DVD
media. Execute the command adprep /forestprep.

Next, execute adprep /domainprep . You must be logged on as a Domain Admin user
for these steps to work correctly. Once these commands have run your Active
Directory schema will have been extended to support Windows Server 2008 as a
Domain Controller.

The next step is to promote the new server as a Domain Controller for the domain.
Enter dcpromo at a command prompt and follow the wizard. When prompted, select
the option for an additional domain controller in an existing domain. After the wizard
completes, the new server will be acting as a Domain Controller for your domain. It is
necessary at this point to restart the server for these changes to be applied.

In a single-domain Active Directory forest, all servers should also be Global Catalog
servers. The Global Catalog is a required component of Active Directory which is
used during logins to establish universal group membership for a user account. To
promote the new server as a Global Catalog, open Active Directory Sites and Services
from the Administrative Tools container within Control Panel or on the Start Menu.
Double-click Sites, then Servers, followed by the name of the new server. Next, right-
click "NTDS Settings" and select Properties. On the General tab, check the Global
Catalog checkbox. Restart the new Domain Controller for changes to take effect.

Since you intend on removing the old Domain Controller from the domain, you need
to transfer all the Operations (FSMO) roles to the new Domain Controller.

The current FSMO role configuration for your network can be found by running the
command "netdom query fsmo" at a command prompt on a Domain Controller.

To transfer these FSMO roles to the new domain controller, follow the information
detailed in the following Microsoft Support article:
http://support.microsoft.com/kb/324801. Please ensure any other information you
follow is information regarding the TRANSFER of FSMO roles. Seizing FSMO roles
is an emergency operation which should not be performed during this procedure.

DNS is a critical component of your Active Directory network. The easiest way to
install the DNS role onto the new server is to follow the instructions outlined at
http://technet2.microsoft.com/WindowsServer2008/en/library/3cf4d1b1-7a6e-4438-
bf4f-22d9468c17321033.mspx You should be already using Active Directory-
integrated DNS zones, which is the easiest method of allowing DNS replication to
occur - DNS information is stored in Active Directory and replicates with Domain
Controller replication traffic. To check if your DNS zones are AD-integrated (and
convert them if not), please follow http://support.microsoft.com/kb/227844.

You probably want to enable DNS forwarding in the DNS console on the server, too.
This forwards lookups for external domains to a DNS server at your ISP, which
allows the server to effectively resolve DNS for external domains. More information
on forwarders can be found at
http://technet2.microsoft.com/WindowsServer/en/Library/ee992253-235e-4fd4-b4da-
7e57e70ad3821033.mspx.

To move DHCP to the new server, you will need to first install the role. To install the
role in Windows Server 2008, check the DHCP Server role option within the Add
Roles wizard in the Server Manager. To correctly configure DHCP after the role is
installed on your new server, you will need to ensure you configure it to distribute IP
addresses which are in a different range to the IP scope defined on the other DHCP
server. You should also ensure the correct DNS and WINS servers are entered into the
scope options. Remember that the only DNS servers which should be configured on
workstations are the Domain Controllers which are also acting as DNS servers - no
ISP DNS server should ever be set through DHCP.

Once all of these steps have been completed, you should have successfully transferred
all of the Active Directory roles to the new domain controller. At this stage, I would
suggest you shut down the old domain controller and check to ensure all services on
workstations and servers are working correctly - including logins. If they are, you
should be safe to switch the old DC back on, run dcpromo (after migrating and
uninstalling Exchange) and demote it from its Domain Controller role. This will
remove the DC as a Domain Controller, leaving it as a member server on the network.

To completely remove the DC from the network, you will need to remember that any
other data - including folder redirection folders and user profiles - should be
replicated or otherwise transferred to either the new server or another location on the
network.