How to migrate windows 2000 DC and Exchange 2000 on 2003 changing hardware

Hello all !

I'm planning how to migrate my server. I want to migrate one Server (PDC w2k + AD + Exchange 2000) on two differents servers.

I want a new Windows 2003 server with AD and a new Exchange 2003 with back-end/front-end technology.

Note : I'm configuring a DMZ. So, my new Exchange server will be configured in back-end and I will install Exchange front-end on my webserver.

I'have read a lot of informations about that and I finally decided to use ADMT v.2.

Have you an idea about the order I must proceed ?

Of course, in first I will install my 2 news servers in windows 2003 server. But after ? What must I migrate from my W2k server in first ? What the order ?

Note : I must change my domain name, so... When i do then change ? Before or after migration ? Are there any links between W2k old server and W2k3 new server during the migration ?

For Exchange 2003 configuration, which network ports must be blocked or not between the DMZ and the LAN considering there is a Front-end and a back-end server ?

Thanks a lot !

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Forget about installing Exchange in the DMZ. A member of the domain does not belong in the DMZ and no one has given me any convincing reasons to do so. The number of holes required in a firewall makes it look like swiss cheese, you have to compromise security (changing dynamic ports to static) and if the DMZ machine is compromised the attacker can walk straight in to your network.

Put both servers inside your network, allow port 443 (https) and 25 (smtp) ONLY into the network.

If you are wary of Exchange being directly exposed to SMTP then a plain Windows 200x server makes an excellent relay. Make sure that it is part of a workgroup not your domain. If it gets attacked then the attacker hasn't gained anything.

As you want to change the domain name, the order doesn't really matter. Build the new domain, two way trust with the old domain and then move everything across.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.