• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 287
  • Last Modified:

Windows NT4 to 2003 server migration

I have a question about how to go about Migrating our existing NT4 domain over to AD and Win 2003 server.  Currently we have 5 servers, a PDC running NT4, a BDC running NT4, a dedicated exchange server running Win2000, and 2 dedicated application servers running Win2000.  We have an internal domain name that is non-internet routable and we have no internal DNS server, we use our ISP for our external DNS.

So my question is this, What is best way to go about migrating our domain?

I purchased two servers to aid in the testing and design of the whole process.  Should I mess around with installing NT4 on the new server as a BDC, and then upgrading it, or should I just create an entirely new domain and use ADMT to transfer over the user accounts.  From what I have read, since I have access to these spare servers I should just create a new domain and use ADMT.  THis all sounds wonderful in theory, but what problems will I run into.  I have read about problems with file permissions after the migration, Exchange 5.5 problems, login problems after the migration, etc.  I have all the time in the world to plan this and do it right so I want to get some ideas on how to go about it.  Any ideas?

  • 5
  • 5
1 Solution
Lee W, MVPTechnology and Business Process AdvisorCommented:
Upgrading the domain SHOULD be easy.  I've done it a few times and there really weren't any problems.  Things to understand:
-Native Mode vs. Mixed Mode
-DNS is CRUCIAL!!!!!
-FSMO Masters (there are no BDCs/PDCs)
-Global Catalog Servers.

In short, assuming you upgrade, you will be running in Mixed Mode.  DO NOT upgrade this to native mode until you have removed all your NT4 BDCs from the network and are satisfied with the upgrade's success.  Also, using Native Mode, your Global Catalog and DNS services both become even MORE crucial.

When you upgrade, you MUST upgrade the PDC first.

Some good info on FSMO Masters:
http://computerperformance.co.uk/w2k3/W2K3_FSMO.htm (also has links to Upgrading from NT4 and Mixed and Native Roles).

More good reading:
vmrfadminAuthor Commented:
Thanks for the links

I am looking for info on migrating a domain instead of upgrading.  I have two new servers so I can create a new domain so I might as well use them.  I am looking for some info on using ADMT, setting up DNS, and what steps are involved
Lee W, MVPTechnology and Business Process AdvisorCommented:
I can't say I understand your logic.  In my experience, it's just easier to do the upgrade (I've been involved in upgrades with both).  You can still use one or both of the servers and you'll save yourself and your technicians headaches in the field with profiles that didn't transfer right, computers that didn't transfer right, and so forth.  

"A domain upgrade, or in-place upgrade, involves migrating an NT 4.0 domain's PDC and BDCs from NT Server 4.0 to Win2K Server. This approach is the most common migration method and the easiest, least risky route to take."
Excerpt from: http://www.windowsitpro.com/Windows/Article/ArticleID/15709/15709.html

But if you insist on a course of action that will probably make your life more difficult, here's some links on ADMT.
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

vmrfadminAuthor Commented:
Well part of my decision to migrate rather than upgrade is this...

My NT4 PDC and BDC have no fault tolerance whatsoever.  They are both running two scsi drives with no RAID setup.  So we purchased new PERC4 controllers and hard drives so we can set these up for RAID 5 or 10.   I have posted on EE in the past about transferring single disk images onto a RAID set and the answers have been that it is a longshot.  So I figured since I have pretty much unlimited time to test all my scenarios I should just migrate.

Now im starting to think I should try to get these new servers running with duplicate images of the old disks (running NT4) and just try to upgrade them.  If it works then I can do the upgrade on current PDC and BDC.

Any Ideas?
Lee W, MVPTechnology and Business Process AdvisorCommented:
Don't make things more complicated than they have to be.

What kind of hardware are the existing NT BDCs?

There are TWO routes I would consider options in your situation:
1.  Follow the instructions for migration of an NT4 domain to 2003, specifically, right before the upgrade, pull the BDC off the network and store it somewhere for recovery purposes.
2.  Upgrade the PDC to 2000.  So what, it has no RAID.  Big deal.  We're not going to keep it.  Just upgrade it.
3.  Install Windows 2003 freshly on one of the new servers.  Promote it to a DC and transfer the FSMO roles, make it a Global Catalog, and make it a DNS server - THE DNS server.
4.  Now, DEMOTE the old NT4 upgraded to 2003 server.  Once demoted, remove it from the network.  Toss it in the trash.  Build a creative new cubicle farm with this as the cornerstone - whatever you want to do with it.  JUST BE SURE TO DEMOTE IT FIRST.

1.  Get an OLD PCI NIC and stick it in the NT4 system (I mean old, even a 10 MB SMC card or something - something compatible with NT4).  Then install NT4 on the new server as a BDC.
2.  Promote the new NT4 server to PDC and upgrade to 2003.  
(Likewise, remember to pull a bdc off the network before you actually start installing 2003 as a backup).

vmrfadminAuthor Commented:
Could I test out this whole upgrade scenario using my two new servers.  They are both Poweredge 2550s just like my original PDC and BDC.  I'm beginning to warm up to the idea of upgrading but I need to be able to test the upgrade on these test servers beforehand.  If I could copy all the volumes from the PDC and BDC onto the test servers, could I run this upgrade on my dummy domain?
Lee W, MVPTechnology and Business Process AdvisorCommented:
If you want to test (always a good idea), you should connect one to the network now and install NT4 on it as a BDC.  Then take it off the production network and install it on a test network.  Then you can practice from there - upgrade it to the PDC, perhaps install the other server to be the BDC - then upgrade the PDC and then the BDC.  If you want, install a client or two and move them over as well. (meaning, install the clients as members of the production network.  Then when you pull the test BDC off the production network, put the test clients onto the test network as well).
Lee W, MVPTechnology and Business Process AdvisorCommented:
Once you are satisfied things worked (heck, do this 2 or 3 times... perhaps intentionally screw up to see what could happen...), make one of the new systems a freshly installed BDC.  Then turn it off and stick it in a corner - this is your backup system in case something you didn't experience happens when it's time for the real thing.
vmrfadminAuthor Commented:
Thanks for the help.  My servers should be here in a week or so.  I'm sure i'll have more questions when they get here.
vmrfadminAuthor Commented:
Im Back!!!

So I finally received my two test servers and got them mounted in my rack, ready for testing.

So far I have managed to ghost my original PDC over to one of the test servers and successfully perform and IN PLACE upgrade from NT to 2003 on the test machine.  I installed AD on this machine as well as DNS.  I have successfully logged into my new domain using a test laptop and played around with some group policy changes.  My next step is this...

I am in the process of getting an internet connection that is separate from my production servers in order to test the DNS and other features.  I would like to plug this test server into my symantec firewall along with a few client machines in order to test the DNS functionality as well as AD.  I would like to confirm that external DNS requests are being handled by our ISP's DNS server while my local server still handle DNS requests for AD.  I was going to do this by adding all my test clients and verifying that they can browse the web.  Will this work?

Once I have verified that I am getting the DNS settings correct I would like to test for communication between my new primary server and the rest of the member/application servers.  I am a little hazy on how to go about testing for this functionality.

How do I make sure that after I upgrade my server to 2003 that it will communicate with my terminal services machine that runs our accounting package?

I know this is a stupid question, but is it really as easy as going to each application server and simply joining it to the new domain?

If any of this is too broad or you need more info, please let me know.  Thanks in advance
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now