belfusion
asked on
New PDC Emulator for NT Domain
Hi people, hopefully this won't be too tricky a question for the expert in the know.
My situation is as follows:
approx 5 NT4 servers, 5 Win2k servers, 10 Win2k3 servers.
We are currently running a NON-Active Directory environment. We will stay this way for another 3 months before a project is launched and we migrate to AD.
In the meantime, my current predicament is this:
I have a new box that I would like to install W2k3 on to take over the role of the NT4 PDC. This box will essentially become the PDC emulator, dishing out logon scripts and requests to both NT4 servers/workstations and Win2k clients/servers.
Will my PDC Emulator successfully perform this task as the new PDC? Will it also still run DHCP and WINS?
Any issues you can think of?
I know that I need to migrate to AD, but we will not be using this for the time being. I know very little about AD and our I.T dept is not ready for it.
Thanks in advance
Bel
My situation is as follows:
approx 5 NT4 servers, 5 Win2k servers, 10 Win2k3 servers.
We are currently running a NON-Active Directory environment. We will stay this way for another 3 months before a project is launched and we migrate to AD.
In the meantime, my current predicament is this:
I have a new box that I would like to install W2k3 on to take over the role of the NT4 PDC. This box will essentially become the PDC emulator, dishing out logon scripts and requests to both NT4 servers/workstations and Win2k clients/servers.
Will my PDC Emulator successfully perform this task as the new PDC? Will it also still run DHCP and WINS?
Any issues you can think of?
I know that I need to migrate to AD, but we will not be using this for the time being. I know very little about AD and our I.T dept is not ready for it.
Thanks in advance
Bel
Lee W, MVP
Sorry, 2000/2003 DCs cannot be DCs in a Windows NT 4 network. Simply won't work.
You can run WINS, DHCP, DNS from the 2003 server, but cannot make it a Domain Controller. The process for upgrading to Active Directory requires upgrading the PDC first.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
And still more info:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/cookbook/cookintr.mspx
And this question from EE as well:
https://www.experts-exchange.com/questions/21176048/NT4-to-W2K3-DC-migration.html
http://www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/cookbook/cookintr.mspx
And this question from EE as well:
https://www.experts-exchange.com/questions/21176048/NT4-to-W2K3-DC-migration.html
ASKER
leew, in the first comment you say that you cannot make a 2003 servers DC's.
Yes you can. Isn't this what PDC emulation is for? The existing NT4 BDC's see the 2k3 box as a NT4 PDC, while the 2K and 2k3 servers see it as a 2k3 box.
In the third comment, you reference a document which clearly tells you that you can. But what this or the subsequent URL's don't do, is answer my original question.
Will my PDC Emulator successfully perform this task as the new PDC? Will it also still run DHCP and WINS?
Any issues you can think of?
To clarify, I'm really interested in the repercussions of running AD when we aren't setup or ready for it. (we will not be wanting to utilise this yet, so hence the PDC emulator).
Thanks for trying though
Yes you can. Isn't this what PDC emulation is for? The existing NT4 BDC's see the 2k3 box as a NT4 PDC, while the 2K and 2k3 servers see it as a 2k3 box.
In the third comment, you reference a document which clearly tells you that you can. But what this or the subsequent URL's don't do, is answer my original question.
Will my PDC Emulator successfully perform this task as the new PDC? Will it also still run DHCP and WINS?
Any issues you can think of?
To clarify, I'm really interested in the repercussions of running AD when we aren't setup or ready for it. (we will not be wanting to utilise this yet, so hence the PDC emulator).
Thanks for trying though
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks idyllicsys.
These are exactly the issues i'm looking for. I didn't realise we wouldn't be able to use User manager for domains any longer. Is this a certainty?
Also, we aren't currently enabled with any trust relationships and as yet, no multiple sites.
Why do you mention this?
Cheers
Bel
These are exactly the issues i'm looking for. I didn't realise we wouldn't be able to use User manager for domains any longer. Is this a certainty?
Also, we aren't currently enabled with any trust relationships and as yet, no multiple sites.
Why do you mention this?
Cheers
Bel
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
leew, I learnt many things since posting the original question, and of course, many more have been raised!
I understand what you meant now, I guess not knowing too much about AD, I had hopes that I could run a PDC emulator without actually utilising AD.
From my understanding it seems that in order to do this, I would have to utilise Active Directory users and computers and in doing so, would need to begin strategic planning on OU's etc as a result.
It seems to me that the overall answer would be that in fact, I cannot do this without launching into AD territory.
My best course of action is to build this new box as an NT4 box as the new PDC (the eixsting one is suffering old age), start planning my migration to AD and learning the ins and outs before I migrate. Then and only then, migrate using the steps as outlined in leew's link above.
Would this best describe the scenario?
Bel
I understand what you meant now, I guess not knowing too much about AD, I had hopes that I could run a PDC emulator without actually utilising AD.
From my understanding it seems that in order to do this, I would have to utilise Active Directory users and computers and in doing so, would need to begin strategic planning on OU's etc as a result.
It seems to me that the overall answer would be that in fact, I cannot do this without launching into AD territory.
My best course of action is to build this new box as an NT4 box as the new PDC (the eixsting one is suffering old age), start planning my migration to AD and learning the ins and outs before I migrate. Then and only then, migrate using the steps as outlined in leew's link above.
Would this best describe the scenario?
Bel
Obviously, and I'd say you seem to know this already, read up on the Active Directory upgrade process.
In the mean time, if you have more than one BDC, consider just promoting one of the BDCs to PDC if you are having issues with your current BDC.
While it's always a good idea to learn as much as you can, from my experience, the upgrade is generally painless - as long as you don't go to Native mode. AND you can use Group Policies (VERY handy) and various other AD features.
When I did my upgrade, we bought a server to act as the first DC in the 2000 active directory. In doing so, I had to install NT4 on it and then upgrade to 2000 - I would recommend this course of action, it was as clean an upgrade as it could be because the NT4 box was upgraded within a week of being installed, meaning no time for registry crap and misc. files getting corrupt, improper shutdowns, etc. And of course, I pulled a BDC offline prior to upgrading. This way, if there were any problems, I could yank the AD DC off the network and recover it with a promotion for my offline BDC to PDC.
In a smaller domain we had, I actually imaged the hard drive of the PDC before doing the upgrade. This allowed me to recover the system if things didn't go well.
I'd suggest setting up a small test network and run through the process a few times. Get comfortable with it. The first couple times I did an upgrade, I was scared something would go horribly wrong (and I'd have 800-1000 users to recreate if that were the case, not to mention permissions nightmares). But things went pretty smooth and other later domains I upgraded also went smooth and I got more comfortable (running a test network at home helped too).
One other note: The 2000/2003 server running a PDC emulator MUST always be the PDC for other NT4 DCs. You could NOT, for example, make an NT4 box the PDC once you've got a 2000/2003 DC acting as the PDC emulator - there is no BDC emulator.
In the mean time, if you have more than one BDC, consider just promoting one of the BDCs to PDC if you are having issues with your current BDC.
While it's always a good idea to learn as much as you can, from my experience, the upgrade is generally painless - as long as you don't go to Native mode. AND you can use Group Policies (VERY handy) and various other AD features.
When I did my upgrade, we bought a server to act as the first DC in the 2000 active directory. In doing so, I had to install NT4 on it and then upgrade to 2000 - I would recommend this course of action, it was as clean an upgrade as it could be because the NT4 box was upgraded within a week of being installed, meaning no time for registry crap and misc. files getting corrupt, improper shutdowns, etc. And of course, I pulled a BDC offline prior to upgrading. This way, if there were any problems, I could yank the AD DC off the network and recover it with a promotion for my offline BDC to PDC.
In a smaller domain we had, I actually imaged the hard drive of the PDC before doing the upgrade. This allowed me to recover the system if things didn't go well.
I'd suggest setting up a small test network and run through the process a few times. Get comfortable with it. The first couple times I did an upgrade, I was scared something would go horribly wrong (and I'd have 800-1000 users to recreate if that were the case, not to mention permissions nightmares). But things went pretty smooth and other later domains I upgraded also went smooth and I got more comfortable (running a test network at home helped too).
One other note: The 2000/2003 server running a PDC emulator MUST always be the PDC for other NT4 DCs. You could NOT, for example, make an NT4 box the PDC once you've got a 2000/2003 DC acting as the PDC emulator - there is no BDC emulator.
ASKER
Thanks guys, i've given you split points as I felt you both provided the points that led to me finally understanding the solution.
Cheers and good work!
Bel
Cheers and good work!
Bel