Solved

Active directory 2000

Posted on 2004-04-01
17
164 Views
Last Modified: 2010-04-13
hi
i want to export the Active directory from windows 2000 server and import it on other windows 2000 server
is it possible to do that
if it possible how i can do that
thanks
0
Comment
Question by:moh_218
  • 6
  • 4
  • 4
  • +1
17 Comments
 
LVL 67

Accepted Solution

by:
sirbounty earned 125 total points
ID: 10733117
First run start/run/DCPROMO
on the target server.
Then read through these...

To move the GC...http://support.microsoft.com/?kbid=313994
Transferring the master roles...http://www.microsoft.com/windows2000/en/server/help/sag_ADFSMOs.htm
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 10733119
what is your purpose for doing this?   are you trying to make your current DC not a DC anymore and make another machine the new DC?  what is the ultimate goal you are trying to accoplish here?
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 125 total points
ID: 10733179
New Domain Controller

First DON’T consider using a cloning tool like Norton/Symantec Ghost to make an image of the server, this is fraught with pitfalls!
Consider keeping the old Domain Controller running, having two domain controllers build redundancy/Fault tolerance into your network.

1.      Build the new server in the live environment, put on all the relevant service packs (remember MS service packs are inclusive, SP2 includes SP1 etc) and join the server to the domain (You Must have the rights to do this)
2.      Promote the New server to a domain controller by running DCPromo (The server MUST be able to see DNS or it will fail) to run DC Promo Click Start >Run >type “dcpromo” {enter}
3.      When the server has finished and rebooted, you need to make the decision on weather to keep the old Domain Controller (I would say yes) If you do then your job is finished.
4.      You will now need to “seize” the FSMO roles there are 5 FSMO roles which are

·      Schema master - Forest-wide and one per forest.
·      Domain naming master - Forest-wide and one per forest.
·      RID master - Domain-specific and one for each domain.
·      PDC - PDC Emulator is domain-specific and one for each domain.
·      Infrastructure master - Domain-specific and one for each domain.
5.      To do this you need to use the “ntdsutil” tool

To move the FSMO roles from one computer to another, you can use two different methods. The first method is a transfer and is the method that is recommended. You can use the first method if both computers are running. Use the second method if the FSMO roles holder is offline. The second method requires you to use the Ntdsutil.exe tool to seize the roles.

Note Only seize the FSMO roles to the remaining Active Directory domain controllers if you are removing the FSMO role holder from the domain or forest.

To seize or transfer the FSMO roles by using Ntdsutil, follow these steps:
1.      On any domain controller, click Start, click Run, type ntdsutil in the Open box, and then click OK.

Note Microsoft recommends that you use the domain controller that is taking the FSMO roles.
2.      Type roles, and then press ENTER.

To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.
3.      Type connections, and then press ENTER.
4.      Type connect to server servername, where servername is the name of the server you want to use, and then press ENTER.
5.      At the server connections: prompt, type q, and then press ENTER again.
6.      Type seize role, where role is the role you want to seize. For a list of roles that you can seize, type ? at the Fsmo maintenance: prompt, and then press ENTER, or consult the list of roles at the beginning of this article. For example, to seize the RID Master role, you would type seize rid master. The one exception is for the PDC Emulator role, whose syntax would be "seize pdc" and not "seize pdc emulator".

Note All five roles need to be in the forest. If the first domain controller is out of the forest then seize all roles. Determine which roles are to be on which remaining domain controllers so that all five roles are not on only one server.

Microsoft recommends that you only seize all roles when the other domain controller is not returning to the domain, otherwise fix the broken domain controller with the roles.

If the original domain controller with the FSMO roles is still online, transfer the roles. Type transfer role.
7.      After you seize or transfer the roles, type q, and then press ENTER until you quit the Ntdsutil tool.
Note Do not put the Infrastructure Master role on the same domain controller as the global catalog.
http://support.microsoft.com/default.aspx?scid=kb;EN-US;197132

To check if a domain controller is also a global catalog server:
1.      Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
2.      Double-click Sites in the left pane, and then browse to the appropriate site or click Default-first-site-name if no other sites are available.
3.      Open the Servers folder, and then click the domain controller.
4.      In the domain controller's folder, double-click NTDS Settings.
5.      On the Action menu, click Properties.
6.      On the General tab, locate the Global Catalog check box to see if it is selected.
*****References*****

Using Ntdsutil.exe to Seize or Transfer FSMO Roles to a Domain Controller
http://support.microsoft.com/?kbid=255504

Windows 2000 Active Directory FSMO Roles
http://support.microsoft.com/default.aspx?scid=kb;EN-US;197132

Flexible Single Master Operation Transfer and Seizure Process
http://support.microsoft.com/default.aspx?scid=kb;EN-US;223787
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 10733261
siezing is really only to be used if the owner of the FSMO role is down and cannot be reached,,, so you HAVE to seize it from an available Global catalog server. The article below tells you how to transfer roles which is what you want to do:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;255690

If you have already siezed the roles,, you will need to check out this article:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;283595
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 10733630
So

>>If the original domain controller with the FSMO roles is still online, transfer the roles. Type transfer role

above doesnt then?

;) Pete
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11951925
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup topic area:
    Split: sirbounty {http:#10733117} and PeteLong


Any objections should be posted here in the next 4 days. After that time, the question will be closed.

jdeclue
EE Cleanup Volunteer

0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11957641
Presumably, you mean
Split: sirbounty {http:#10733117} and PeteLong {http:#10733179}
??
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11963428
Yes.... I think... Have you used the EE Quickpost... and done this volunteer cleanup before? This was the first time, and I can't figure out how to get the link for the second person in a split. Kind of hoping that your experience here, can help me.

Thank You in Advance,
J
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 57

Expert Comment

by:Pete Long
ID: 11965060
jdeclue

untill you get the full cleanup tools - or if you ever need to use an EE anchor use this :)

http://home.arcor.de/athens/expexc/ee_anchor.html
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11965166
Thank you PeteLong!

J
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11965191
:)
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11967720
jdeclue - send me your email address (mine is in my profile) and I'll send them to you...
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11967761
sirbounty - EE or hotmail? J
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11967822
I picked the latter ;)

J
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11968183
That's fine.  : )
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11968305
I gotta quit with the ;) and start using the :)... used to the ladies!

J
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now