Things to do:
- Rename a DC, Rename a Domain
- Use the CLUs - REPLMON, DCDIAG, NETDIAG
- FSMO Roles, start by seizing rid role
- Links, bridgehead servers and cost
- Inter/Intra Forest Trusts (from matrix.com to cube.com)

AD Lab
Started my AD lab. Added SERVER11.matrix.com as another DC in Site1. Also added a couple of new DCs: One in a new forest cube.com (yup, I like sci-fi). Added SERVER2 which will be a DC in a child domain in Site 1 (neo.matrix.com)

Leaving SERVER1 and SERVER2 aside for a while, I've been working with SERVER11...

[1] Unattended DC install
DCPROMOed Added SERVER11. with unattended install DCPROMO answer:A:/dc.txt.
Here's what I used for the answer file
[DCINSTALL]
UserName=administrator
Password=P@ssword1
ReplicaOrNewDomain=Replica
ReplicaDomainDNSName=matrix.com
DomainNetbiosName=MATRIX
AutoConfigDNS=no
AllowAnonymousAccess=no
DatabasePath=%systemroot%\ntds
LogPath=%systemroot%\ntds
SYSVOLPath=%systemroot%\sysvol
SafeModeAdminPassword=P@ssword2
CriticalReplicationOnly=No
RebootOnSuccess=yes

[2] Authoritive Restore
There are loads of articles on this. Started by deleting an OU and an associated Group on SERVER11. Made sure that replication to other DCs in the domain was complete. NTBACKUP of System State. Reboot and F8, Directory Services Restore.
Found a bit of difficulty withthe exact syntax to restore an OU so went with:
NTDSUTIL: AUTHORITATIVE RESTORE
AUTHORITATIVE RESTORE: RESTORE DATABASE

Made sure the OU and Group was back on SERVER11. Replicated back to the other DCs. Done and done. Hope I never have to do it for real!

[3] Promoted the forest to 2003 Server level (AD Sites & Services). EZ-PZ. The domain was already at that level.