[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 215
  • Last Modified:

Windows 2000 server migration Question

I am in process of fine tuning my migration steps from a single NT4.0 Domain to Windows 2k AD.
My current setup is consist of One PDC and Two BDC.  One of the BDC is located in a remote site which is connected to use by point to point.  The point to point is done by 4 bonded Ts.

My questions are:

1.  After upgrading my PDC in the main office to  Win2k AD (Mixed Mode) the GC will be located in the main office.  Would my users in the remote site experience longer/slower login, because GC is located across the WAN?  The remote office is all Win2k Pro.   What purpose the NT 4.0 BDC will play?  

2.  I am also using Kixtart for login scripts and mappings.  Kixstart is running on all NT4.0 DCs.  Again, once I upgrade the PDC in the main office to Windows 2k AD, then what would happen with my login scripts.  Are all my remote users login scripts be running from the main office Wind2k DC and my NT4.0 BDC at the remote site will be ignored?

Based on my test lab, I know my current version of Kixstart works fine with Windows 2k... But, I am worried about my remote users.  

1 Solution
2000 Mixed mode supports universal group membership cache, meaning all login and access info is still replicated to, and implemented by, the BDC as long as it is the authenticating server at your remote location.  The result is that they are getting all their login info from the local NT4 box.  As far as the login script goes, that depends on the software, but if it is a problem, why not just use the built-in login script features that were implemented long ago in Win NT?
abastanpourAuthor Commented:
Let me make sure I understand this:

If the GC AD is at the main office location, and the BDC located remotely across the WAN (Ts) will continue authenticating win2k pro users at that remote location. Is that correct?  So, the GC across the Ts is not a factor.

The Kixstart is installed on the BDC in the remote site.  So, even if my first Windows 2000 DC is located in my main office the remote site will still continue using their NT 4.0 BDC for login and login scripts..

Is this correct? or I got it wrong..

I just went throught the same situation.  A couple of things, make sure your Domain name is a FQDN when you go through the upgrade.  MS is going to tell you to make your BDC at that site a GC just for good measure.  This is important if you are using Exchange 2000 or 2003.  What I think you should be asking yourself as we did, when that line goes down will the users still be able to authenticate to the BDC at the site when the PDC is unreachable.  We had to make sure DNS and DHCP setting were modified correctly for when the line went down.  
You logon scripts should be fine on that BDC at the remote site.  Just make it a GC and that should answer you question.


Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now