Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Migrating NT 4.0 to Windows 2003 Active Dir

Posted on 2004-10-06
Medium Priority
Last Modified: 2010-04-19
I have 3 bdcs and 1 pdc on nt 4.0 domain with separate nt 4.0 and exchange 5.5 server.
What i am wondering is what people usually do in this case.
We are 500 users company with single domain.
I would like to migrate to a fresh domain rather than doing upgrade to AD.
My concern is that current comain is called domainNT and i would like to change it to match our dns name.
How will that impact each machine.  I know how to export usres from nt4.0 and import them to ad, but what can be done with computers.
Will each pc in the corp have to be rejoined to the new domain and each users profile on local machine will have to be redone.
How do other peple deal with this issue. Also, how is exchange handeled.  Do you upgrade os first to win2k and than exchange since exch 5.5 does not run on win2ks what are my options.  Exchange server is not domain controller.  Do i just build another temp box migrade 5.5 users and than rebuild the old 5.5 box with new os and exchg 2k3 and migrade users back from temp box?


Question by:dhasic
LVL 23

Expert Comment

ID: 12242088

We did a migration just a year ago (also approx 500 users and NT with 5.5 Exchange) and decided to copletely start over. This was because our old domain (the NT) was one big mess. It was faster for us to completel start over again. I know it takes a lot of time (specially createing 500 users), but i thought it was worth the time, cause we cleaned the mess.

We did the same with Exchange 5.5. We used Exerge to export the mailboxes and import them into Exchange 2003 (Exchange migration done within one day).

If you knwo how to change the users, then you could try installing the new AD and add the Exchange 5.5 to the domain using the ADC (Active Directory Connector). Then, install an Exchange 2003 server on servers 2003 and ad it to the 5.5 Exchange domain. Then, you can do move mailbox migration.

But if you have the time, resources and employees to pull it off, i would start over again. You can allready create the new AD before even bothering any user..

Author Comment

ID: 12242161
How did you guys deal with local profiles on pc's?  Did you move them manually, since when you create new account in new ad and join the pc to the domain new profile gets created?
LVL 23

Accepted Solution

rhandels earned 500 total points
ID: 12242265

We had roaming profiles (take notice of the had). We recreated all users and recreated all roaming profiles. We told the users it was because of cleaning up and they didn't agrue with us that much ;)..  We created an instruction on how to set the most importantr things (specially the Exchange settings and printers..) the rest will be recreated within a few days. Only problem you would have is th favourites. There are 3rd party tools to do this perfectly, but then you should consider if you would like to spend up to $5000...

Indeed, you will need to add the computers to the new domain, but we did 100 pc's within half an hour with 3 people, so this shoudn't be the biggest problem.

You could try using the ADMT tool, i know it helps copying the profile to the new domain (just copying it doesn't work, because the users get a new SID and permissions wouldn't be correct...

Expert Comment

ID: 12245151
Migrate the mailboxes using Exmerge 2 step
export them all to PST files.(maybe on separate drive or server
Upgrade to Exchange 2000 or 2003
Once built and mailboxes created, import from pst's to mailboxes (again using exmerge)
Yes you are going to have to join them all to the new domain
Any XP workstations can do it for you, simply use the copy settings wizard.
For non-XP Why not copy them to a temp share on the new server.
Create your users using ADMT. (which you'll need for exchange mailboxes anyways)
Set their profile path to \\server\%username%$
Log them in, and let it create their new profile, then log them off.
then copy their favourites, my docs etc over the top of the new ones , only thing you dont want to copy is the ntuser.dat
this will "migrate" their favourites, my docs, desktop, and shortcuts. etc
LVL 13

Assisted Solution

seb_acker earned 500 total points
ID: 12250035
It's difficulet ot give the best advice in your case, but i can confirm something

If you choose to migrate your domain to another, you can use ADMT tool to migrate uses, profiles, computers, and each other security ressource, if you Have your AD domain in native mode, because you can choose to keep the SID History of the objects. SO you yon't have any access problem, and you won't have to recreate all access rights on each objects.

So no problem , you won't loose your local profiles.

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Screencast - Getting to Know the Pipeline

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question