General setup advice

Posted on 2001-06-18
Last Modified: 2010-04-13
I have an NT domain, on the domain is a W2k server, that i want to run active directory, and make it the domain controller. Basically I need users to authenticate on the new w2k server so I can downgrade/reconfigure the existing NT PDC. My understanding is, that the best way do do this is install active Director on w2k server, settig it up as new parent in a new forrest, hence it becomes a new domain. Once this is fully functional I can then migrate users from my NT PDC to the new domain using MS migration tool. I need to keep all users active whilst this whole process is going on. I have tried doing this, and seem to get DNS errors, and users don't seem to be able to log on.
The help i need is this, firstly confirm that how I understand the configuration to be is correct, if no what else do i need to consider, secondly any links to walk throughs where this specific upgrade is described. Also the specific pifalls of migrating from NT to w2k with respec to DNS and wins etc whilst running 2 server os in parallel.

Please do not respond to this unless you have specifically been involved this type of implimentation. This question is probably fairly easy, so points nothing special, but if you help me with this, and form a decent point of contact whilst i am undergoing this implementation then there will be a lot more points available (1000).
Thanks in advance
Question by:gids_w
LVL 12

Expert Comment

Comment Utility
"I can then migrate users from my NT PDC to the new domain using MS migration tool." True.. Only if the New Domain is in native mode.... not mixed mode, meaning no nt4 bdc's.
"I have tried doing this, and seem to get DNS errors, and users don't seem to be able to log on."
-Do you mean, you cannot run dcpromo because it complains that there is no dns server available ? Make sure your Nic cable is connected to something...Like a hub with nothing else on it.. If it sences that the cable is disconnected , it will fail.. If that is not why it is failing... Install DNS server first.. Create a primary forward zone bound to the inside IP of the server, then run dcpromo.

-I dont see a problem with your plan..
-M$ docs & ADMT.exe download  here..
-Nice walkthrough doc from a tech at Lucent..with screen shots & gotcha's...

-Just keep in mind, admt only supported in native mode & dns must be installed before you can create the first DC..


Author Comment

Comment Utility
Housenet thanks for your time, ok I have done it, and now have a w2k active directory server on the network, viewable, browseable and drive mapable, my problem now is that I cannot from w2k pro log onto it or add my w2k pro client to the new domain, it always comes back with invalid username/password. Incidently the new 2000 domain does not appear in the drop-down list of domains to log onto. I can log onto the server locally with my new username and password (ie not admin acc .). Any ideas where I go from here?
LVL 12

Expert Comment

Comment Utility
gids_w Im not sure I userstand what you're saying... It sounds to me like you're saying , you were able to install active directory on a 2000 server (meaning it is now a domain controller) & yet do not know the administrator's username or password ??? You can login locally to the server & this is not the administrators account ?
-See to me this would imply that you assigned a domain user the right to logon locally to the domain controller, yet you need to be an administrator to assign this right... Im totally confused...

-I'll assume I didnt understand your can logon as administrator to the domain controller...
-On the server.. Go to administrative tools & open DNS server... Make sure the DNS server is active on the same IP address that is assigned to your local area connection...After you do this..
-From the 2000 PRO computer.. enter an IP address in the same subnet as the 2000 server (if you're not using dhcp).... enter the DNS ip (IP of the 2000 server)....
-Verify you can ping the servers IP & it is accessable..
-Right click my computer & choose properties. In system properties click on the network identification tab & clik the properties button... Enter the full 2000 domain name (Same name that appears at the root of the hive in active directory users & computers in administrative tools on the server).. It will prompt you for credentials of an account that has the right to add computer to the domain.. Enter user:administrator password:*****whatever you used .. It should say "welcome to the domain"...
-The key factor is DNS.. DNS is the primary means of resolution for 2000 computers...
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.


Author Comment

Comment Utility
I think it must be DNS on the server not functioning properly, let me try and explain.
--From all the computers on the network I can browse the new domain.
--I can Ping the new domain controller.
--I get a "machine path can not be found" error when trying to get my w2k pro client to join the new domain.
--If I sit at the new server, I can log onto it using the new username and password I have just created.

Here is a funny one, (think this is indicating DNS) with my primary DNS address on my W2k client set to the IP address of the new W2K server, web pages cannot be found.

Is there a sure fire way of testing and troubleshooting the DNS config?

Expert Comment

Comment Utility
No comment has been added lately (642 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:


Please leave any comments here within 7 days.



EE Cleanup Volunteer
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points.

Accepted Solution

modulo earned 0 total points
Comment Utility
Finalized as proposed


Community Support Moderator
Experts Exchange

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Marketing can be an uncomfortable undertaking, especially if your material is technology based. Luckily, we’ve compiled some simple and (relatively) painless tips to put an end to your trepidation and start your path to success.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now