Learn how to a build a cloud-first strategyRegister Now


migrating from NT 4 to Server 2003

Posted on 2004-11-23
Medium Priority
Last Modified: 2011-10-03

I've been trawling through the reams of information on the web about migrating from NT4 to server 2003 and none of it has been able to answer one of my concerns.
We're a smallish company with about 75 employees, but we have 5 branches scattered about the state.  At the moment we have one PDC in the head office along with 3 BDC's, and a BDC at each of the branch offices.
Because of the scattered nature of the offices, I can't upgrade all the servers at the same time and need to be able to stagger the upgrading of the servers starting with the head office.
My plan is to upgrade the PDC first, but I'm concerned that once the PDC is running Server 2003 and Active Directory, I won't be able to make it talk to the other servers.  This would be a major problem because the PDC is currently running DHCP and DNS and is, well, the PDC, it not talking to the rest of the network would be bad.
Is there any way to run a combination Server 2003/NT4 network, or should I approach this in a different way?

Question by:trishwilkins
LVL 15

Expert Comment

ID: 12660971
No, in general terms you're OK.

Upgrading an NT4.0 PDC to Server 2003 is fine, it will take the PDC Emulator role, allowing the remaining NT4 BDC's to function as normal. You will not be able to promote them to PDC, though as the role will be taken permanently off the NT4 servers.

Once you have more than one 2003 DC (Note there are no actual PDC or BDC in Active Directory - just a single "PDC Emulator" for compatability) you can transfer the PDC emulator role as need be.

You would also need to assign the Global Catalog roles to the remote servers once upgraded to ensure logon requests are processed locally.

One thing you might consider is this: Install a new BDC, promote to PDC, Upgrade to 2003. REBUILD each BDC as needed as a new 2003 DC, then when all nt4.0 machines are switched off, you can demote the upgraded machine, then remove it from the domain. Happy to give more info, but we'll leave it at concept stage for now...

There are some great links in this transcript: http://www.microsoft.com/technet/community/chats/trans/windowsnet/wnet0414.mspx

LVL 97

Accepted Solution

Lee W, MVP earned 2000 total points
ID: 12661396
I generally agree with harleyjd, but to give another version of his explanation and add a little:

The correct procedure for upgrading a domain is to upgrade the PDC first.  It is also HIGHLY recommended that you, immediately prior to upgrading, pull the plug on ONE BDC and keep it in reserve JUST IN CASE.  I've never seen a need to, but IF you had to restore the domain, you could then use this BDC (Promoting it to PDC).

Harley referenced the PDC Emulator - there are also 4 other Operations Master roles you should familiarize yourself with.  (Here's an MS article on viewing and transferring them, with a little description of each: http://support.microsoft.com/default.aspx?kbid=324801&product=winsvr2003)

As Harley states, strictly speaking there is no BDC or PDC roles - everything is a DC and will replicate their directory information to one another.  Honestly, I'm not sure if it's better to split these roles among several servers or have one that acts as THE FSMO roles.

I agree with the concept of rebuilding the DCs if you can.

In addition, note that you will be running in "MIXED MODE" - which means the Active Directory DCs will replicate changes to the NT4 BDCs.  In addition a few Active Directory features won't be available, such as Universal Groups.  When you upgrade to NATIVE mode, Universal groups will become available, but NT4 BDCs will no longer get directory information.  Also - the move from MIXED MODE to NATIVE MODE (2000 or 2003) are one way moves.  Once you move to NATIVE, you CANNOT go back.

Lastly, DNS is your BEST friend and WORST enemy.  Name resolution issues, authentication issues, etc., are probably 90% of the time related to DNS problems.  I would ALMOST suggest the most important aspect of Active Directory to study is how Active Directory uses DNS.

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question