• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 223
  • Last Modified:

NT to Windows 2003 Migration

I have a network with 26 NT Servers in a Domain with 180 Users.

I want to migrate to Windows 2003 avoiding a "big bang change over" if possible.

I am testing senarios in a test network.

At the moment I have upgraded an NT 4 PDC in the test environment and installed 2 new DC in the environment too.
This obviously moves all the users and groups accross.

I followed this procedure

1. Create a new NT Server as a BDC on the existing NT Network
2. Give it time to replicate
3. Turn off the BDC then put it aside - this gives you a copy of your NT domain and everything on it so if anything goes wrong you can promote it to a PDC and you have your network back
4. Upgrade the existing NT PDC to Windows 2003 with Active Directory
5. Join the Windows 2003 Server to this upgraded Domain and promote it to a Domain Controller
6. On the new server setup DNS, move the FSMO Roles and set Global Catalog
7. Run DCPromo on the upgraded NT machine to remove it from the domain for rebuild or decommision


So far so good, all working correctly.

Now whats the procedure with the rest of the network.

Remove the Live NT PDC
Plug in the new 2003 DC with the Upgraded domain

What will I have to do with Existing 2000 and NT servers (I also have 1 other BDC) or will these work with the new 2003 domain controller as it is in mixed mode.

What will I have to do with the exist XP clients (180) will I have to connect them to the new domain ?


Is this the best way to migrate this network, given that I want to avoid a big change over and I want to keep the same domain name.
0
KASBANK
Asked:
KASBANK
1 Solution
 
Netman66Commented:
Just remove the PDC.

The other servers (NT) should communicate with the new server as it will be in Mixed mode.

You want to cut over the other NT DCs as soon as possible since the new servers will be handling all the authentication traffic.

You do not need to rejoin any PCs.

0
 
brtweirCommented:
Per your request is this the best way to do this migration? No this is not, it is always reccomended to bring up a parallel domain with the same name and then establish a trust between the two and migrate the applicable objects. Please check the following link for some more helpful info regarding this - http://groups.google.com/group/microsoft.public.windows.server.migration/browse_thread/thread/97007872684fb97c/598f4183e6f99477?lnk=st&q=migrating+from+NT+4.0+Server+2003&rnum=1&hl=en#598f4183e6f99477

The above comments from Netman are correct if you choose to stay the current path. Remember if you do this, verify all your DNS and WINS are functional before bringing down the NT 4.0 BDC
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
I disagree with brtweir - a parallel domain is NOT the preferred method - there is a LOT more work involved in such a migration.  And I'm reasonably certain two domains with the same name will not trust each other.

Further information
http://groups.google.com/group/microsoft.public.win2000.active_directory/browse_thread/thread/55fd209d39fc34b4/2d4182d3df596c53%232d4182d3df596c53

If I understand what you have done so far, then I disagree with Netman66 as well.  Allow me to state my understanding of the current situation and then my recommended path of upgrade:

1. You have taken one of your existing BDCs off the pimary network and turned it into a PDC in a new test network.
2.  You have upgraded the test environment's PDC to 2003 and now effectively have Active Directory.
3.  You have installed two additional 2003 DCs into the test environment.

NOW, you want to upgrade the existing domain (production environment) to 2003.

Using netman's suggestion could result in lost password changes and some systems going offline because windows changes the client passwords on a regular basis.  You might get lucky, but you're more likely to have seemingly random problems with users and machines.

I recommend you do the same procedure you did with the test environment only do it to the production environment.

1. Create a new NT Server as a BDC on the existing NT Network
2. Give it time to replicate [NOT REALLY NECESSARY - wheny you make the BDC, it replicates the information right away]
3. Turn off the BDC then put it aside - this gives you a copy of your NT domain and everything on it so if anything goes wrong you can promote it to a PDC and you have your network back
4. Upgrade the existing NT PDC to Windows 2003 with Active Directory
5. Join the Windows 2003 Server to this upgraded Domain and promote it to a Domain Controller
6. On the new server setup DNS, move the FSMO Roles and set Global Catalog
7. Run DCPromo on the upgraded NT machine to remove it from the domain for rebuild or decommision

For ease of recovery, backup, you might want to do this on a VIRTUAL computer with VMWare or Virtual PC.
Your basically going to run the above 6-7 (steps (6 if omitting step 2 per note)) on the PRODUCTION domain, NOT bring over the test servers and try to incorporate them into the production domain.
0
 
wingateslCommented:
Leew is absolutely right, we normaly image the old servers array or drive to an IDE and put it into a p4 workstation. we normally have to tinker with a few settings and deal with a bsod or two but it always allows us to return to before the move. We then upgrade the workstation to 2003. Then continue on Leew's path at #5. Ever have a problem, you can always go back. The parallel domain method has always been a nightmare. They will definately not establish a trust if the have the same domain name even if it is DOMAIN and DOMAIN.LOCAL because of netbios. And with the trust method you have to move profiles which can sometimes be flaky
0
 
KASBANKAuthor Commented:
Thankyou for all your posts. It seems quite a hot debate.

I agree that you can not create a trust with the same domain names. As the netbios name is the same (remmeber I am running in mixed mode) I have tried and it just jumps out and says you cant create a trust with the same domain name.

So I believe I have to follow the BDC upgrade method.

Lew agree with all your comments, apart from our PDC is nackard.

When I decide to go live I may put my machine in I plan to upgrade as a BDC. Then promote it to PDC. Downgrading the current live PDC to a BDC and putting that in a cupboard.

 
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now