DNS is slow to resolve after force removal of a domain controller

There's no problem with both DC's being GC's in a single domain forest, so go ahead and make the new server a GC as a first step. If your AD DNS is AD integrated then no "transfer" of DNS is required, the AD DNS zones will be replicated to the new server as part of the AD replication process. The only thing you'll need to manually transfer is DHCP. You can do this beforehand and authorize the new DHCP server but leave the scope deactivated until you're ready to make the switch. I would recommend that you not give the new server the same ip address as the old server as that's likely to make things flaky because of the DNS records tied to the old ip address of the W2K3 DC. Update your DHCP scope to assign the new server as the primary DNS server for the DHCP clients and manually set it for statically assigned hosts. Once you've done that you can turn off DHCP on the old server and activate the DHCP scope on the new server. After verifying that everything works you can DCPROMO the old server to demote it.

This is the expected behavior.

You should have another system, that is a DC, and is also in the same IP subnet as the DC with the PDC role. This second DC should be a direct AD replication partner with the DC that holds the PDC FSMO role. If you only have two DCs, it will become a direct replica when promoting it.

For example, if you only have those two DCs, your second DC should already be a direct replication partner with the first DC (PDC). You can verify this by going into AD Sites and Subnets MMC (under admin tools) and expanding out sites, expanding out the PDC DC, clicking "NTDS Settings.." and then checking what DC the replication occurs to/from (it will show you in the right pane of the MMC window). It should be the second DC. This shows that the two are direct replication partners.

If you have multitudes of DCs, you may need to go into AD Sites and Subnets MMC and determine which DC is the direct replication partner of the PDC (follow the steps above and check each DC, till you find which one replicates with the PDC). Intrasite AD replication is quicker than Intersite replication (Replication between two AD sites as defined in AD Sites and Subnets).

This will allow you to quickly seize the PDC role, in the event it fails, to the DC that is the direct replication partner.

I would suggest reading up on the long list of functions the PDC role provides:

http://technet.microsoft.com/en-us/library/cc780487(WS.10).aspx

Some of the key functions include:

• Acts as primary time source for the domain, to keep all time synchronized.
  • If clients/ servers are out of sync you could have major authentication issues
• Acts as the final authority for password unlocks, and failed password attempts
• Acts as the Master Domain Browser