Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Upgrade domain to 2003

Posted on 2006-05-24
Medium Priority
Last Modified: 2010-04-18
Hi expetrs,
I have a small network with 150 comuputer and two domain controller W2k. I will install two new server with Windows 2003 and upgarde the domain.
Every Server is a DNS Server (Primary and Secondary).
Before exec the upgrade I must change my DNS to Primary/Secondary to integrated in AD. After I will install my two new Server, insert in domain, run adprep tool and promote to domain controller which is the best TCP configuration on the DNS?  Every server is configured to his DNS or the serv1 is configured to the DNS of serv2 and the serv2 is configured to the DNS of SERV1.
An other questions, on one of this server is installed SFU 2.0. If I upgrade the domain 2003 with adprep I have read that SFU stops to work. Is true?
Question by:delcurat
LVL 33

Expert Comment

ID: 16753641
In my opinion, every DC should be a DNS server.  You should use AD integrated zones (which are default).  There is no need to install the DNS service on the Windows 2003 server before hand.

I would keep the Windows 2000 machines running DNS before the migration.  Then add your Windows 2003 server to the domain.  run the domain and forestprep.  RUN DCPROMO on the Windows 2003 machine.  Then install DNS...and wait for the DNS database to replicate to the Windows 2003 server.  Transfer the FSMO roles to this Windows 2003 server.  Then make the new DC a Global Catalog.  Then remove the GC roles from the windows 2000 DC's.

Make your other Windows 2003 machine a DC by running DCPROMO.. after the installation, install DNS.  Make this server a GC too.  Point your clients and other servers to these Windows 2003 DNS servers.

As far as DNS configuration on the DNS servers themselves, follow these guidelines:  http://support.microsoft.com/default.aspx?scid=kb;en-us;825036

After run DCPROMO on the Windows 2000 machines to remove AD from them...

LVL 97

Expert Comment

by:Lee W, MVP
ID: 16753699
Before upgrading you should read through some of these links (skim each one initially).  

Here are some links that should get you going for upgrading a 2000 domain to 2003:

Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003 Domain

Hotfixes to install before you run adprep /Forestprep on a Windows 2000 domain controller to prepare the Forest and domains for the addition of Windows Server 2003-based domain controllers

Commodore.ca | Windows | How To Upgrade Windows 2000 Domain to Windows 2003 Server
Quote from the top of this article: "Several glossy Microsoft presenters have stated that all you need to do to complete a Windows 2003 Domain upgrade is run ADPREP and then upgrade away.  This may work for very small / simple environments but it is definitely not good advice for most companies.  After upgrading five servers in two unrelated domains and installing many fresh copies of 2003 I can say that I personally would not skip a single step in the process I have developed below."

How can I transfer some or all of the FSMO Roles from one DC to another?

How To Create or Move a Global Catalog in Windows 2000

[If you run Exchange 2000] Windows Server 2003 adprep /forestprep Command Causes Mangled Attributes in Windows 2000 Forests That Contain Exchange 2000 Servers

Windows Server 2003 Upgrade Assistance Center

[If using R2 release of Windows 2003] Extending Your Active Directory Schema for New Features in Windows Server 2003 R2

Expert Comment

ID: 16757054
Personally, I set the DNS settings on each DNS server to point to itself and itself only. With an AD integrated DNS zone, you shouldn't need to do any more.
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!


Author Comment

ID: 16759054
Thanks for preciouse information..
One year ago in this domain windows 2000 I have upgrade Exchange form 5.5 to Exchange 2003 and ISA from 2000 to 2004. I had upgrade all my DC to SP4 sndextended schema for Exchange 2003 run adprep (forestprep/domainprep) from the CD of Exchange 2003.
Now, If I extend the schema for W2003 or W2003 R2, are there any problems for my Exchange 2003 Server and ISA 2004?

For you, which is the best and less risk technical for do this work?
Is to upgrade the domain or install a parallel domain and use ADMT tools?
In the second case how can I move my Exchange 2003 that is a member server of w2000 domain from old to the new windows 2003 domain without reinstall exchange?

An other questions, I don't have the password for restore active directory, how can I find it?
LVL 33

Accepted Solution

NJComputerNetworks earned 375 total points
ID: 16759837
The upgrade to Windows 2003 domain is usually the best option.  This is a Microsoft supported upgrade procedure. The parallel option is very time consuming.

Here is how to reset the AD restore password:  http://www.petri.co.il/change_recovery_console_password.htm

Here is an article on how to migrate Exchange 5.5 to Exchange 2003: http://www.msexchange.org/tutorials/Migrating_Exchange_5_5_to_2003.html


Author Comment

ID: 16762144
thanks NJComputerNetworks,
i had just upgrade Exchange 2003. It is in windows 2000 domain enviroment.
I don't know if are there any problems for my exchange 2003 server after I upgrade the schema to prepare my windows 2000 domain to windows 2003 domain?

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question