Solved

Upgrade from Win2k/Exchange 2k server to Win2003/Exchange 2003 and new Domain Name

Posted on 2006-10-27
13
256 Views
Last Modified: 2010-04-18
I have a single server running Windows 2000 Server-SP4 with Exchange 2000-SP3 (100 mailboxes) and I am replacing that with a new box running Windows Server 2003 and Exchange 2003. The tricky bit is that we are moving to a new domain name, reason being is errors made before me, our current domain name is the same as our external domain name, eg. domain.com.au is our internal domain name also instead of HeadOffice.domain.com.au
As I don't want to have to recreate all of the AD and Exchange users again and export/import PST files, what are my options (I am not keen on adding the new server to the existing domain, going through the demote/promo and then later the 80-page document on changing  the domain name)??
This work will be done over a weekend, and the existing server has to be up and running till the start of that weekend.
0
Comment
Question by:WorkSupport
  • 7
  • 5
13 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17826025
Having the current domain name the same as your internet domain name is not an error. I deploy most domains in that way. Granted it takes a few more minutes to get the DNS working correctly, but otherwise it works very well.

Considering the number of users involved I don't think you have much choice - I would continue to use your existing domain.

To change the Windows domain is going to involve a lot of work, which I doubt whether you would be able to over a weekend on your own. I recently did a 60 user site over four days. There were two of us and we got it running at 8am before the 9am start, having done two over nighters. If you want to do that sort of change over a weekend it will probably need three or four people working on it at the same time.

Simon.

0
 

Author Comment

by:WorkSupport
ID: 17828394
Thanks for that Simon. Yes, I know it is going to be a long weekend either way, but have done it before so know what is ahead, and I do have some help.
As for the structure of the domain name, it is not a recommendation to set it up as it is, Microsoft do recommend setting it up as a sub domain of your external name to avoid any DNS issues, especially if you are hosting your own website, which we will be within the next 12 months. Also, I have seen companies have strange issues like not being able to browse to their own website etc.. when the internal and external names are the same.
I know the easiest way is to keep the same domain and do a promo/demote, but as the domain controller will be in place for 3-5 years, I want to make the correct decisions now, not necessarily the easiest ones.

I would welcome everyone's comments on this.

Glen.
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 17828410
I also use external domain names for my windows domains.  I generally considered it a cowboy way of doing things, as the only problem is that you have to configure you dns a little bit more, and had no idea that Sembee also did it.

I have no problems with it though, with the caveat that I had to create aliases for www and mail on my internal dns records so that the website works inside as well as RPC/HTTPs.

Now that I know Sembee does it as well, I feel much better about it - but this is the first time I have ever really admitted to doing it :)

-red
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17828926
If we all followed Microsoft's recommendations, then all deployments not on SBS would consist of at least 10 servers, before you have even put any application servers in place.

The problem with not being able to browse your own web site is very easily fixed, and these days is something that almost every site should really be doing as almost every site is using NAT. That is to use a technique known as split DNS. I use split DNS on every site that I deploy, even more so with RPC over HTTPS being widely deployed.

RPC over HTTPS is supposed to work where it uses the HTTPS connection externally and TCP/IP internally. In practise I find it doesn't, and you need to set the feature to use HTTPS all the time. If you don't use split DNS (so that the certificate name resolves to the internal IP address of the Exchange server when you are on the LAN) then the Outlook clients have to be reconfigured or operate two profiles when the users move from inside to outside of the network.

Considering the upheaval that is required on your site to make this change to the "ideal" scenario which brings no technical benefit to the operation of the company, it isn't something I would even consider. I would have a hard time justifying the change and the disruption it would cause, particularly as the "problems" can be resolved in about two minutes with some careful DNS reconfiguration. I would leave everything alone, do a standard swing migration and then make the few DNS changes to get everything to work internally and externally.

Put your business hat on for a moment. Think about this is in money terms. How long can your company afford to be down? In the example I gave above, we got the job done in a three day weekend, but the company wasn't fully functioning for a full week. Fortunately it was a charitable org and we timed it so that there were less people on the network and the financial hit wasn't that great. Can your company afford a week of disruption, when you can retain the existing domain, do a swing migration and cause zero impact (and I do mean zero impact - it is possible to a swing migration of Exchange and the users don't even notice).

Technical ideals are fine, but the business needs to operate to pay your salary. If your technical ideal is going to cause problems without any business benefit, then you have to drop the idea right now.

Simon.
0
 

Author Comment

by:WorkSupport
ID: 17847824
Hi Simon & Red,
Thanks for that, and point taken on Microsoft's recommendations.
I saw in one previous topic Simon you had a link to doing this swing migration but it appears to have expired, do you know of a good document that runs through it?

Cheers,
Glen.
0
 

Author Comment

by:WorkSupport
ID: 17847962
Have found your site and document Simon.  My issue is that the existing server is Windows 2000 SP4/Exchange 2000 SP3, BOTH in MIXED MODE and the server is the Domain Controller.
I want to bring in a Windows Server 2003/Exchange 2003 as the new domain controller, if following your instructions for Swing Migration will that still work ok?
Am I able to demote the original domain controller after following the instructions? Probably have to uninstall Exchange first??

As for the comment of 'If you do install Exchange on to a domain controller make sure it is a global catalog as Exchange will not look to any other server for domain information', how do i check this on the existing domain controller?? All of this was in place when I started at my current work.

Glen.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 104

Expert Comment

by:Sembee
ID: 17849381
If the current deployment is working with Exchange on a domain controller then don't touch it.
If you are going to put Exchange on to a domain controller then do all the domain controller changes first, before installing Exchange. Do not touch the existing Exchange server, such as demoting it to a member server or anything like that.

Therefore DCPROMO the new machine, then make it a global catalog. Then install Exchange and follow my instructions for migrating the data. Only once all the data is across and all the clients have been moved do you start to look at taking the existing server down.

Simon.
0
 

Author Comment

by:WorkSupport
ID: 17853328
Thanks Simon. I read through some documents last night and thought that would be the best way to go about it.
Do I need to take the Exchange 2000 server to Native mode instead of mixed?? What do I then need to do in regards to when installing Exchange on the new server (as in mixed or native?)

And in regards to the existing controller, if all users could log on and get mail during next week do you think I would be ok to:
0
 

Author Comment

by:WorkSupport
ID: 17853358
Addition to the last comment (hit enter at the wrong time!):
And in regards to the existing controller, if all users could log on and get mail during next week do you think I would be ok to do the following, say the next weekend (11/12th Nov) just to be safe?:
   1. Uninstall Ms Exchange
   2. demote the server from a domain controller
   3. Physically remove server from network
Points 1&2 would be done whilst still on the network - correct?

And also, when make the global catalogue do I also transfer the FSMO roles then (I would have thought so)?

Glen.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 17853416
Exchange mode doesn't really matter. If you have no Exchange 5.5 servers then you could go to native, but you may as well wait until the migration is complete.

Once you are sure that all users have logged in at least once and their mailboxes have moved and you have removed all the replicas and data from the old server, then follow the procedure for the removal of Exchange. It is in my article and the ms kb articles on the process. It is important that the removal of Exchange is done while the server is on the network so that the server is removed from the Exchange org correctly.

(For anyone reading this question later - my article is at http://www.amset.info/exchange/migration.asp).

The FSMO role move can be done at any time. If you haven't done it by the time you come to do the dcpromo on the old server, Windows will attempt to do it for you then.
Again, dcpromo when on the LAN so that the machine is removed correctly.

Simon.
0
 

Author Comment

by:WorkSupport
ID: 17853504
Thanks again for your help Simon. I am doing this in a test situation today and tomorrow and then all going well, will do the Live system on Saturday/Sunday.
0
 

Author Comment

by:WorkSupport
ID: 17874502
Hi Simon,

One more query which I am struggling to find an answer for, what point do I shift DNS from the existing domain controller to the new one?? And what is the best process for doing that??

Everything else to this point is looking good following your instructions.

Cheers,
Glen.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17880711
As long as the replication of DNS information is working correctly between the machines you can make the change whenever you like.

Simon.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Learn about cloud computing and its benefits for small business owners.
This video discusses moving either the default database or any database to a new volume.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now