Active Dirctory issues on 2003 server SBS and 2000 Server SBS! HELP PLEASE!

Posted on 2005-04-14
Last Modified: 2010-04-18

I have two servers one running Server 2003 SBS and the other Running 2000 server SBS both are domain controllers, when I create a user on the 2003 server it never updates to the 2000 server A.D., So If  I create a user on the 2003 server and the user trys to login, if the 2000 server D.C. answers the users login request that user will not be able to login because the 2000 server A.D. will not have this user in it's active directory.  I was told by Microsoft that 2003 and 2000 SBS active directory will not update with eachother and that I should take the 2000 server and migrate it's active directory into the 2003 server's active directory so I will only have the 2003 server to control the rights for both servers.

I need to know if the rights for all the users directories and shares will migrate over to the 2003 server, and than should I demote the 2000 server to a member server?

Is there any tech documents on how to complete this migration

Question by:EdwardVernier
    LVL 9

    Expert Comment

    I found an articel on Microsoft that explains how to migrate sbs4x to sbs2000 look at it and see if it is appropriate;en-us;278439
    LVL 51

    Expert Comment

    You cannot have 2 SBS servers in the same domain.  Both must be Forest root DCs in their own domains - therefore, they cannot communicate for purposes of Active Directory.

    Now, what you need to do is simply upgrade SBS 2000 to SBS 2003 by upgrading the OS using the SBS 2003 media.  If that's not possible, then perhaps a call to the SBS 2003 server vendor is in order to discuss switching the SBS software to Server 2003 Standard - which can join the SBS 2000 domain without problems.

    LVL 74

    Expert Comment

    by:Jeffrey Kane - TechSoEasy
    As you've already found out... you can't have two SBS's in the same network... I wouldn't recommend the switch to a standard server 2003 if you have a small domain anyhow... you're better off upgrading because sbs2k3 is far superior to sbs2k.  So...

    First thing to do... remove the SBS2K3 from your network before the AD gets corrupted (it may already have -- in which case you will need to reinstall).

    Go to and learn about the swing migration method it's pretty flawless, and will hold everything together (if it hasn't already broken from the two servers being on the same subnet).  Alternatively, here's the MS whitepaper:

    Note that you will need SBS2K3 CALS for all users.

    Then... you can't demote your SBS2K... essentially it can't be on the network anymore.  If you still want a Backup Domain Controller, you can install a standard server 2k or 2k3 on that machine.

    Good Luck!

    Jeff @

    Author Comment

    What I have now is SBS 2000  DC and SBS 2003 Domain controler, What I need to know is if I demote the 2000 server to a member can I control the rights to it from the 2003 server.

    And if I demote the 2000 server will all the shares and rights to directories be lost and I would than need to resetup the rights again.

    If I only have the 2003 server as the DC can users login to the 2003 server and have access to the files on the  2000 member?

    thanks for your help
    LVL 74

    Accepted Solution

    I am still unclear if you have both of those machines running on the same network... if you do... turn off the SBS2003 IMMEDIATELY before you corrupt your AD.  You can't have two SBS's on the same network.  Period.

    To migrate, you need to use a "straw" domain controller.  (If you know anything about property title transfer... this is essentially the same thing).  You can't demote the 2k server and simultaneously promote the 2k3 server... so you need to create an interim PDC.  By doing that... (which is spelled out in the links I provided above) you won't lose any of your account properties.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    I have never ceased to be amazed how many problems you can encounter on a fresh install of a Windows operating system.  This is certainly case in point& Unable to complete ANY MSI installation.  This means Windows Updates are failing and I can't …
    The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now