NT4 to AD 2003 Migration

Posted on 2005-04-04
Medium Priority
Last Modified: 2010-04-18
After much deciding i have bitten the bullet and decided to do the migration. I have a question thoe i set up a test bed. I built a fresh nt4 bdc on a box replicated with the domain took it onto my test network, prometed to pdc then just put the win2003 cd in and followed the wizzards, I now have an migrated 2003 ad network(all be it small) with everything appears to have migrated across with no problems. I have taken a couple of workstations off the normal domain plugged them into the test bed and log in. the first time they log in it takes about 5 minsas they update there info and move across to the new domain, dynmic dns works fine. Now to me that seemed to easy and once a box has logged onto the ad its no way back. I dont want to just put it live and have 200 pcs connect to ad reconfig themselevs only to find a problem and then its to late. Also is there any problems with have 2k member servers? I have done 2k ad migrations a long time ago and they were no where near as easy as this.

Question by:blackcs
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Expert Comment

ID: 13698430
The migration should be quite easy as you already experienced. Usually problems arise from other applications that all of a sudden do not work in AD. Do you have Exchange? or any application that is crucial for your company? If so you would do well to test how it works in the test environment before going with the upgrade.
And yes you can have w2k memeber servers in a w2k3 domain.

Author Comment

ID: 13698639
The only item that would intergrate with ad is sql server 2000 running on a 2000 member server. Is that likely to cause anyproblems

Author Comment

ID: 13698663
is there away that the clients do not get moved across to the new new domain as such. ie can i just turn off all move nt4 pdc and bdc check everything works inplace and if it doesnt turn them back on and turn off ad dc. At the momment once a client has logged into the ad it is then no longer able to access the old domain
LVL 85

Accepted Solution

oBdA earned 1500 total points
ID: 13698690
Well, it is in fact not that complicated.
As far as "too late" for your W2k/XP machines is concerned, you can get around that for some time; *before* you upgrade the production PDC, set the "NT4Emulator" value as described here:
How to prevent overloading on the first domain controller during domain upgrade
That will make your AD domain still appear like an NT4 domain for clients running W2k (or later); they will continue to logon to NT4 BDCs as well (which they won't anymore once they've noticed they're in an AD domain). If you upgrade further DCs or want to introduce additional AD DCs, you need to set the "NeutralizeNT4Emulator" on those (and the NT4EMulator value as well!), otherwise they won't recognize the new AD domain either. As long as this value is set on all AD DCs, you can always fall back to plain NT4.
It shouldn't take five minutes for the clients to logon, though; you might have some DNS problems. Make sure DNS is set correctly on your DCs and your clients before you finally remove the NT4 Emulator value (until then, your clients will still use WINS).
"Correctly" means that your DCs and domain members use only your internal DNS servers (so probably your DCs) for DNS resolution, that dynamic updates are enabled on your AD DNS zones, and that forwarders are configured (or you use the root hints) on your DNS servers to enable external DNS lookups.
Here's more about that:

10 DNS Errors That Will Kill Your Network

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003

How to Verify the Creation of SRV Records for a Domain Controller

How Domain Controllers Are Located in Windows

How Domain Controllers Are Located in Windows XP

SRV Resource Records May Not Be Created on Domain Controller

HOW TO: Configure DNS for Internet Access in Windows Server 2003

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows Server 2003

And finally some documents about upgrading from NT4:

Tools and Documentation for Upgrading to Windows Server 2003

Background Information for Upgrading to Windows Server 2003 Active Directory

Migrating Windows NT Server 4.0 Domains to Windows Server 2003 Active Directory

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question