migrating from NT 4 to Server 2003

Posted on 2004-11-23
Last Modified: 2011-10-03

I've been trawling through the reams of information on the web about migrating from NT4 to server 2003 and none of it has been able to answer one of my concerns.
We're a smallish company with about 75 employees, but we have 5 branches scattered about the state.  At the moment we have one PDC in the head office along with 3 BDC's, and a BDC at each of the branch offices.
Because of the scattered nature of the offices, I can't upgrade all the servers at the same time and need to be able to stagger the upgrading of the servers starting with the head office.
My plan is to upgrade the PDC first, but I'm concerned that once the PDC is running Server 2003 and Active Directory, I won't be able to make it talk to the other servers.  This would be a major problem because the PDC is currently running DHCP and DNS and is, well, the PDC, it not talking to the rest of the network would be bad.
Is there any way to run a combination Server 2003/NT4 network, or should I approach this in a different way?

Question by:trishwilkins
    LVL 15

    Expert Comment

    No, in general terms you're OK.

    Upgrading an NT4.0 PDC to Server 2003 is fine, it will take the PDC Emulator role, allowing the remaining NT4 BDC's to function as normal. You will not be able to promote them to PDC, though as the role will be taken permanently off the NT4 servers.

    Once you have more than one 2003 DC (Note there are no actual PDC or BDC in Active Directory - just a single "PDC Emulator" for compatability) you can transfer the PDC emulator role as need be.

    You would also need to assign the Global Catalog roles to the remote servers once upgraded to ensure logon requests are processed locally.

    One thing you might consider is this: Install a new BDC, promote to PDC, Upgrade to 2003. REBUILD each BDC as needed as a new 2003 DC, then when all nt4.0 machines are switched off, you can demote the upgraded machine, then remove it from the domain. Happy to give more info, but we'll leave it at concept stage for now...

    There are some great links in this transcript:

    LVL 95

    Accepted Solution

    I generally agree with harleyjd, but to give another version of his explanation and add a little:

    The correct procedure for upgrading a domain is to upgrade the PDC first.  It is also HIGHLY recommended that you, immediately prior to upgrading, pull the plug on ONE BDC and keep it in reserve JUST IN CASE.  I've never seen a need to, but IF you had to restore the domain, you could then use this BDC (Promoting it to PDC).

    Harley referenced the PDC Emulator - there are also 4 other Operations Master roles you should familiarize yourself with.  (Here's an MS article on viewing and transferring them, with a little description of each:

    As Harley states, strictly speaking there is no BDC or PDC roles - everything is a DC and will replicate their directory information to one another.  Honestly, I'm not sure if it's better to split these roles among several servers or have one that acts as THE FSMO roles.

    I agree with the concept of rebuilding the DCs if you can.

    In addition, note that you will be running in "MIXED MODE" - which means the Active Directory DCs will replicate changes to the NT4 BDCs.  In addition a few Active Directory features won't be available, such as Universal Groups.  When you upgrade to NATIVE mode, Universal groups will become available, but NT4 BDCs will no longer get directory information.  Also - the move from MIXED MODE to NATIVE MODE (2000 or 2003) are one way moves.  Once you move to NATIVE, you CANNOT go back.

    Lastly, DNS is your BEST friend and WORST enemy.  Name resolution issues, authentication issues, etc., are probably 90% of the time related to DNS problems.  I would ALMOST suggest the most important aspect of Active Directory to study is how Active Directory uses DNS.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Suggested Solutions

    by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
    Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now