• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 370
  • Last Modified:

active directory upgrade

it has come time for me to upgrade my windows 2000 active directory to windows 2003
all of my servers are now running 2003 except my 2 domain controllers
im also running exchange 2003 on 2003 server
i cannot upgrade the 2 domain controllers because there is not enough free space on the partitions
what is the best way to upgrade the domain controllers?
4 Solutions
If you cannot upgrade your existing DCs in-place, you can configure a 2003 member server as a 2003 domain controller to upgrade your AD to Windows Server 2003. Once you've done this, you can take your original DCs offline to do a full re-install or to retire the hardware if it has reached the end of its lifecycle.

The steps needed to upgrade 2000 AD to 2003 AD are detailed here: http://support.microsoft.com/kb/325379

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server 2003 - Networking
Hypercat (Deb)Commented:
Perhaps it's time to upgrade your hardware as well?  If you are in a position to do that, the easiest migration would be to purchase a brand new server, install Win2K3 on it, run the forest and domain prep tools to upgrade the domain, and then dcpromo the new server.  This would then be the first new Win2K3 domain controller.  Then, you're free to either wipe and reinstall the other DCs, one by one, or replace them with new hardware also.  Here's one article I've found useful in upgrades and migrations:


Although this talks about a direct upgrade rather than the scenario I just described it has some good advice.  Look particularly at the beginning steps where it talks about making sure your current AD domain is healthy, and about Exchange 2000/2003 in a Win2K domain and how to handle the upgrading process.
dano992Author Commented:
if i undersatnd you correctly
i install windows 2003 server on a new box
i run domain/prep and forest/prep on my 2000 domain controllers
then i run dcpromo on my new 2003 server ,and its now my primary domain controler
then i can just add a second dc
and just take the old 2000 dc off-line
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

I don't in place upgrade servers anyway, so I would be looking at new machines.
If the servers you have are up to Windows 2003, then I would be looking to build a temporary DC, then DCPROMO out one of the old servers, drop in to a workgroup wipe and rebuild. After patching and updating, DCPROMO back in as a domain controller. Wait 48 hours then repeat for the other one. Again wait 48 hours and remove the temporary machine.

Having Exchange 2003 involved will not be a problem. There are some issues in certain circumstances with Exchange 2000, but those don't apply to 2003.

Hypercat (Deb)Commented:
Dano922 - yes, that's it exactly. You have to run the Windows 2003 version of domain prep, though, not the Windows 2000 version. IOW, you are running it on your Win2K DC, but you are running adprep/forestprep from the Win2K3 CD.  Running dcpromo alone actually won't make it your primary domain controller - you still have to move all of the FSMO roles to that server manually, IIRC.  BTW, when you put the Windows 2003 CD in the new machine to install it, the first thing that comes up is a wizard/checklist that walks you through installing and upgrading your domain.  It's very good and pretty easy to follow.
dano992Author Commented:
thanks hyper,
what happens to the 2000 domain controllers after i run the /prep tools
and i dcpromo the new 2003 box
do they still have a function in the domain or are they just drift wood at this point
Hypercat (Deb)Commented:
More like boat anchors actually ;-) They can continue to function temporarily but I really recommend that you move all the DC functions to one or two new Win2K3 DCs and then remove the old 2000 DCs completely.  Then, you can upgrade your domain to Windows 2003 native (instead of mixed), which has some advantages in increased security and stability.
>>do they still have a function in the domain or are they just drift wood at this point
at that point your domain would actuall be in '2000 native mode' yes native mode since you still have 2000 DCs in your network.

the link below clearly explains domain functional levels and how to change them.

>>and its now my primary domain controler
in windows 2000/2003 domains there is no such thing as a PDC or BDC, those are obsolete NT4 terms.
Forced accept.

EE Admin
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

7 new features that'll make your work life better

It’s our mission to create a product that solves the huge challenges you face at work every day. In case you missed it, here are 7 delightful things we've added recently to monday to make it even more awesome.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now