NT to Windows 2003 Migration

I have a network with 26 NT Servers in a Domain with 180 Users.

I want to migrate to Windows 2003 avoiding a "big bang change over" if possible.

I am testing senarios in a test network.

At the moment I have upgraded an NT 4 PDC in the test environment and installed 2 new DC in the environment too.
This obviously moves all the users and groups accross.

I followed this procedure

1. Create a new NT Server as a BDC on the existing NT Network
2. Give it time to replicate
3. Turn off the BDC then put it aside - this gives you a copy of your NT domain and everything on it so if anything goes wrong you can promote it to a PDC and you have your network back
4. Upgrade the existing NT PDC to Windows 2003 with Active Directory
5. Join the Windows 2003 Server to this upgraded Domain and promote it to a Domain Controller
6. On the new server setup DNS, move the FSMO Roles and set Global Catalog
7. Run DCPromo on the upgraded NT machine to remove it from the domain for rebuild or decommision


So far so good, all working correctly.

Now whats the procedure with the rest of the network.

Remove the Live NT PDC
Plug in the new 2003 DC with the Upgraded domain

What will I have to do with Existing 2000 and NT servers (I also have 1 other BDC) or will these work with the new 2003 domain controller as it is in mixed mode.

What will I have to do with the exist XP clients (180) will I have to connect them to the new domain ?


Is this the best way to migrate this network, given that I want to avoid a big change over and I want to keep the same domain name.
KASBANKAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Netman66Commented:
Just remove the PDC.

The other servers (NT) should communicate with the new server as it will be in Mixed mode.

You want to cut over the other NT DCs as soon as possible since the new servers will be handling all the authentication traffic.

You do not need to rejoin any PCs.

0
brtweirCommented:
Per your request is this the best way to do this migration? No this is not, it is always reccomended to bring up a parallel domain with the same name and then establish a trust between the two and migrate the applicable objects. Please check the following link for some more helpful info regarding this - http://groups.google.com/group/microsoft.public.windows.server.migration/browse_thread/thread/97007872684fb97c/598f4183e6f99477?lnk=st&q=migrating+from+NT+4.0+Server+2003&rnum=1&hl=en#598f4183e6f99477

The above comments from Netman are correct if you choose to stay the current path. Remember if you do this, verify all your DNS and WINS are functional before bringing down the NT 4.0 BDC
0
Lee W, MVPTechnology and Business Process AdvisorCommented:
I disagree with brtweir - a parallel domain is NOT the preferred method - there is a LOT more work involved in such a migration.  And I'm reasonably certain two domains with the same name will not trust each other.

Further information
http://groups.google.com/group/microsoft.public.win2000.active_directory/browse_thread/thread/55fd209d39fc34b4/2d4182d3df596c53%232d4182d3df596c53

If I understand what you have done so far, then I disagree with Netman66 as well.  Allow me to state my understanding of the current situation and then my recommended path of upgrade:

1. You have taken one of your existing BDCs off the pimary network and turned it into a PDC in a new test network.
2.  You have upgraded the test environment's PDC to 2003 and now effectively have Active Directory.
3.  You have installed two additional 2003 DCs into the test environment.

NOW, you want to upgrade the existing domain (production environment) to 2003.

Using netman's suggestion could result in lost password changes and some systems going offline because windows changes the client passwords on a regular basis.  You might get lucky, but you're more likely to have seemingly random problems with users and machines.

I recommend you do the same procedure you did with the test environment only do it to the production environment.

1. Create a new NT Server as a BDC on the existing NT Network
2. Give it time to replicate [NOT REALLY NECESSARY - wheny you make the BDC, it replicates the information right away]
3. Turn off the BDC then put it aside - this gives you a copy of your NT domain and everything on it so if anything goes wrong you can promote it to a PDC and you have your network back
4. Upgrade the existing NT PDC to Windows 2003 with Active Directory
5. Join the Windows 2003 Server to this upgraded Domain and promote it to a Domain Controller
6. On the new server setup DNS, move the FSMO Roles and set Global Catalog
7. Run DCPromo on the upgraded NT machine to remove it from the domain for rebuild or decommision

For ease of recovery, backup, you might want to do this on a VIRTUAL computer with VMWare or Virtual PC.
Your basically going to run the above 6-7 (steps (6 if omitting step 2 per note)) on the PRODUCTION domain, NOT bring over the test servers and try to incorporate them into the production domain.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wingateslCommented:
Leew is absolutely right, we normaly image the old servers array or drive to an IDE and put it into a p4 workstation. we normally have to tinker with a few settings and deal with a bsod or two but it always allows us to return to before the move. We then upgrade the workstation to 2003. Then continue on Leew's path at #5. Ever have a problem, you can always go back. The parallel domain method has always been a nightmare. They will definately not establish a trust if the have the same domain name even if it is DOMAIN and DOMAIN.LOCAL because of netbios. And with the trust method you have to move profiles which can sometimes be flaky
0
KASBANKAuthor Commented:
Thankyou for all your posts. It seems quite a hot debate.

I agree that you can not create a trust with the same domain names. As the netbios name is the same (remmeber I am running in mixed mode) I have tried and it just jumps out and says you cant create a trust with the same domain name.

So I believe I have to follow the BDC upgrade method.

Lew agree with all your comments, apart from our PDC is nackard.

When I decide to go live I may put my machine in I plan to upgrade as a BDC. Then promote it to PDC. Downgrading the current live PDC to a BDC and putting that in a cupboard.

 
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.