Solved

Pre-Migration Planning

Posted on 2004-08-19
17
213 Views
Last Modified: 2010-05-18
Hi

I have a client with a simple Windows 2000 AD domain - single box running as a DC and file server. There are just 5 users on this small network, a printer and an ADSL router/firewall.

As the existing server hardware is about 5 years old (and creaking!) I have been asked to get in a replacement server and to install Windows 2003 Server Standard edition. This will be my first go at migrating a Windows 2000 domain to Windows 2003. I've done several new install with no migrations but I'm keen to get things right first time if I can.

The server has LOADS of errors on it (my client set it up himself) and hasn't wanted me to spend the time getting the existing installation right... It also has Exchange Server 2000 on it (integrated with AD) but this has not been used for about a year now as the client on my recommendation uses an outsourced Exchange solution to cut down on network maintenance costs. I'm pleased to say this has worked well.

I have a number of questions please:

1. If I uninstall Exchange Server 2000 on the existing server using add/remove programs do I need to be aware of any post-uninstallation issues with AD (or anything else). In other words am I opening a can of worms? Or indeed is this strictly necessary to prepare for the migration to 2003?

2. The shares and permissions on the current server are a real mess. Basically whenever anything stopped working that user suddenly seemed to be added to the Administrators group! I'm tempted to start again and get the groups and shares on a firmer footing. Is it better to migrate the shares, groups and users using ADMT or should I take my time and do this manually?

3. Given the poor state of the current Windows 2000 server installation which approach to migration should I take? I've looked through EE and many other resources and it would appear that I could:

- Run ADMT with /forestprep and /domainprep switches
- Add the new server as a member server to the existing Windows 2000 domain
- Copy the profiles etc using ADMT
- Unplug the old server and run DCPROMO on the new box

Is this is best approach?

4. I don't seem to be able to see all of the user profiles when I look at My Computer | Properties | User Profiles. All profiles are roaming and stored on the current server but in two directories. For some reason (!) my client has mapped the root of the data partition (D:) on the server to drive letter H: also on the server. Some of the profiles are in the \\server\user profiles\[user name] whilst others are in \\server\data\user profiles\[user name]. The ones in the "data" share appear to be migratable whilst the others in \\server\user profiles\[user name] do not! Any thoughts on this please?

Thanks for your help!

regards

Rob



0
Comment
Question by:WebAdviser
  • 10
  • 7
17 Comments
 
LVL 9

Expert Comment

by:jdeclue
ID: 11846328
Since ther are only 5 users and one server (with a ton of errors), I would suggest a clean slat and no migration. Install the New server and New OS into a new domain. Create the Users and Groups, rejoin the computers to the new domains, restore the data etc... shouldn't be too bad.

J
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11846345
Oh as far as the profiles... When you create the acccounts, don't put in a profile. Then you Join the computer to the new domain, and log in as them one time. They will get a new profile. Log in as administrator, and copy the data in the old profile to the new profile. It should contain the same settings as was on the old server. Then set there account to put the profiles on the new server and it will copy them up.
0
 

Author Comment

by:WebAdviser
ID: 11850500
Thanks for your comments and reassurance jdeclue!

Point noted regarding accounts and profiles - I'll certainly follow that.

Your response said "Log in as administrator, and copy the data in the old profile to the new profile. It should contain the same settings as was on the old server. Then set there account to put the profiles on the new server and it will copy them up." This is the bit I'm concerned about!

So, would the following course of action work:

- Set up new Windows 2003 server with new subnet, domain name and server name

- Manually re-create Users and Groups and Shares on new server

- Restore data from backup

- Re-install server applications

- Create user accounts on new machine (without a profile at this stage)

- Join each computer to the new domain one at a time (new profile set up automatically)

- Log in to new server as administrator and use Robocopy to copy roaming profiles from old server to new server: e.g. robocopy \\svr1\profiles \\svr2\profiles /ZB /COPYALL /R:2 /W:5
(see http://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21039540.html).


I'm not 100% sure this is what you had in mind - perhaps you can let me know if I have anything wrong please?


Points of concern:

- Are there any SID, security permissions or password issues that I need to be aware of when using Robocopy and migrating profiles to a new Windows 2003 server (particularly as the subnet, domain name and server name are changing)?

- Do I need to run ADMT with forestprep & domainprep on the old server before migrating the profiles?

- Do I need to uninstall Exchange Server from the old server before migrating the profiles (Exchange will NOT be on the new server) ?

- If I can undertake a profile migration without any changes to the existing server what's the simplest way to hook the new and old servers up on the network temporarily to migrate the profiles? Or should I back up the old server to external USB2 hard drive and restore the old profiles directly into the new server profile folder?

Sorry for all the questions but I'm on a 90 degree learning curve at the moment...

regards

Rob
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11852319
Robocopy has the ability to move the profiles with permissions etc. It does this by translating the portion of the SID which contains the domain information while keeping the permissions correct. But, for this to work you would have to have trusts set up between the old domain and the new domain and the account running the robocopy must have Domain admin privelages on both domains.

The information that you had looked at was for someone copying the profiles from one server to another in the same domain. This will turn into a nightmare for you, and if it isn't done right the first time and your users login, the roaming profiles will get very screwed up.

If you follow the begininning part of your plan, you do not need ADMT at all, so you won't need to run forestprep or domainprep

The profiles do hold Outlook configuration data, there is no Exchange data in the profiles.  Are they getting a new Exchange Server?

J




0
 

Author Comment

by:WebAdviser
ID: 11852483
Thanks for your latest comments and warning about roaming profiles J.

OK so the revised plan should be:

- Set up new Windows 2003 server with new subnet, domain name and server name

- Manually re-create Users and Groups and Shares on new server

- Restore data from backup

- Re-install server applications

- Create user accounts on new machine (without a profile at this stage)

- Join each computer to the new domain one at a time (new profile set up automatically)

- Copy profiles across to new server.

As far as the actual copying of profiles is concerned can I simply copy the user profile folder (and subfolders) to (say) CD/DVD and then restore then to the desired location on the new server? If this is the case then I guess I could select all files and folder WITHIN a given user profile and paste these into the profile that gets created automatically the first time a user logs on to the new domain/server? Apologies if I'm over-simplifying this...

Due to the (small) size of the client and the lack of in-house expertise I recommended that they outsource their Exchange server to a hosted Exchange server solution about a year ago. This has worked really well and I've had no support calls on this at all - so one happy client at least :)

Look forward to your further thoughts in due course...

regards

Rob









0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11852521
Well, not quite.. The profiles are an issue again.. Here is the deal. You cannot just copy the profiles.

Please review this post.

http://www.experts-exchange.com/Operating_Systems/Win2000/Q_21075969.html
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11852576
So, after you read the answer... this is what you do. You need to log them in to the domain, one time, before they get a roaming profile setup. The profile for their Domain Account gets created when they log in. This is a new profile. Copy the information in the Old profile into the New profile, as administrator. Then log them in again and make sure everything looks right. If it does shut off the computer and add there roaming profile to the account. Try it first with one user... if it works ;)... then do the rest.

J
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11852655
Oh yeah, and just one more thing. Since I am telling you to basically build it from scratch, I wouldn't worry too much about making mistakes. This process will not change the old system at all, and it can still sit there running. If you have any problems, you put the machines back in the old domain, and they are back to normal! ;)

J
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:WebAdviser
ID: 11853077
Thanks for the updates J.

Sorry to be a pain but I'm unclear on one aspect of your answer...

You said:

"You need to log them in to the domain, one time, before they get a roaming profile setup. The profile for their Domain Account gets created when they log in. This is a new profile."

Wouldn't this new profile be a LOCAL profile at this stage?

Rob

0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11853673
No. Lets say you create a local account on the machine for BOB, he logs into the machine and he gets a profile:

My Documents and Settings\BOB\profile

Then you give him an account called BOB in the domain Windows.com, he longs into the domain and he gets another profile:

My Documents and Settings\BOB.Windows\profile

Now BOB has two local profiles.
BOB
BOB.Windows

Then you set him up with a roaming profile:

The next time he logs in his BOB.Windows\profile is copied to the network location. From that point on it is synchronized everytime he logs off, and when he logs in it gets copied down.


0
 

Author Comment

by:WebAdviser
ID: 11853867
OK I get it now - thanks for your patience.

So let's see if I have this now:

1. User logs in first time and creates profile

2. Log user out again and shut down machine

3. Set up roaming profile path for user in AD user account properties

4. User logs back in again and profile is copied to server path as defined in AD

5. Log user off again / shutdown

6. Now I can log into the new server as Administrator and copy the contents of the profile I backed up to CD/DVD (from the old server) into the new server user profile folder

7. User logs in again and (hopefully) finds all his previous settings (from the old server roaming profile) available to him fully restored.

I hope this is right  - perhaps you can put me out of my misery :)

thanks

Rob







0
 
LVL 9

Accepted Solution

by:
jdeclue earned 500 total points
ID: 11854229
Nope. I will be back in a few...


1. User logs in first time and creates profile

2. Log in as administrator and copy profile from cd to new profile.  (In Documents and Settings)

3. Log in as User, make sure everything looks right. (Desktop etc.)

4. Shut Down machine.

5. Set up roaming profile path for user in AD user account properties

6. User logs in again and (hopefully) finds all his previous settings (from the old server roaming profile) available to him fully restored.
0
 

Author Comment

by:WebAdviser
ID: 11854311
Thanks J.

So point 2 is the key here. I restore the old profile contents into the new profile on the user's local machine (Documents and Settings). The roaming profile is created once the AD user account path is set up following the next user logon (at which point the local profile is replicated to the roaming profile).

Have I got it this time?

thanks

Rob
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11854553
Yup ;)
J
0
 

Author Comment

by:WebAdviser
ID: 11854576
Cheers J. I'd give you 5000 points if it was available as you've worked so hard to help me!

Many, many thanks for all your help.

best wishes

Rob
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11854616
Test it with that first user, make sure everything is fine. And then do the others. Let me know if you have any issues.

J
0
 

Author Comment

by:WebAdviser
ID: 11854625
Will do!

Rob
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
We have come a long way with backup and data protection — from backing up to floppies, external drives, CDs, Blu-ray, flash drives, SSD drives, and now to the cloud.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now