windows 2000 DC migrate to 2003? need help bringing up new server

Posted on 2007-10-03
Last Modified: 2010-03-17
Here is my scenario.
i have a windows 2000 sp4 DC.
thats it. i do not have a secondary server.
on that DC i have dns, dhcp and print services.
I want to bring up a new 2003 server make it a DC and basically transfer over all of the dns, dhcp settings from the 2000dc (i am going to put all the printers on a different server completely, if anyone can help me do this without adding each printer again it would be greatly appreciated).
What do i need to do to bring up a 2003 dc, bring all that stuff over.. then get rid of the 2000 DC and bring up another 2003 DC so i have primary and a secondary DC.
I am not too familiar with the activer directory structure and I know there is some stuff I have to do with the global catalogs and master browsers.  

i think i have to bring up the 1st 2003 server as a secondary dc, until i promote it to a primary? but then how do i get rid of the 2000DC which is primary now?

Any detailed help would be greatly appreciated.
thank you
Question by:yalemort
    LVL 95

    Expert Comment

    by:Lee W, MVP
    No such thing as a Primary or Secondary - these terms last applied to Windows NT 4.0 - 11 years ago.

    Everything is a DC and there are Global Catalogs and 5 FSMO Roles which COULD be distributed over 5 servers, in which case, which ONE would be best considered Primary?  None... that's why they are all DCs.

    Rather than retype what many other experts and companies have published (which would be plagiarism anyway),  I'll simply suggest you review these links.  And keep in mind, things are a little different now with R2 - but there's a few links that talk about that as well:

     Here are some links that should get you going for upgrading a 2000 domain to 2003:

    Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003 Domain;en-us;555040

    How to upgrade Windows 2000 domain controllers to Windows Server 2003

    [If using R2 release of Windows 2003] Extending Your Active Directory Schema for New Features in Windows Server 2003 R2

    Hotfixes to install before you run adprep /Forestprep on a Windows 2000 domain controller to prepare the Forest and domains for the addition of Windows Server 2003-based domain controllers | Windows | How To Upgrade Windows 2000 Domain to Windows 2003 Server
    Quote from the top of this article: "Several glossy Microsoft presenters have stated that all you need to do to complete a Windows 2003 Domain upgrade is run ADPREP and then upgrade away.  This may work for very small / simple environments but it is definitely not good advice for most companies.  After upgrading five servers in two unrelated domains and installing many fresh copies of 2003 I can say that I personally would not skip a single step in the process I have developed below."

    Windows Server 2003 Upgrade Assistance Center

    Here are some links that should help you in replacing existing domain controllers and/or transferring services and Active Directory functions to another/new system:

    How can I transfer some or all of the FSMO Roles from one DC to another?

    How To Create or Move a Global Catalog in Windows 2000

    How to move a DHCP database from a computer that is running Windows NT Server 4.0, Windows 2000, or Windows Server 2003 to a computer that is running Windows Server 2003

    How can I move a DHCP database from one server to another?

    How can I move DNS from one Windows 2000 Server to another Windows 2000 Server?
    (Two Related if going 2000 to 2003 - read both before moving)

    Exchange Considerations:
    [If you run Exchange 2000] Windows Server 2003 adprep /forestprep Command Causes Mangled Attributes in Windows 2000 Forests That Contain Exchange 2000 Servers


    Author Comment

    i dont really want to do an upgrade, as i heard its not the best practice to do it.
    can i bring up a new server, replicate everything over and then demote the old server and install from scratch server 2003?
    thats what im kind of looking to do. please let me know if this is not a good idea. i know it may be a little bit more work.

    Author Comment

    alsi i have an exchange 2003 server on the network which is integrated into the active directory.
    LVL 95

    Expert Comment

    by:Lee W, MVP
    You are NOT upgrading the server - you are UPGRADING THE DOMAIN.  

    Author Comment

    leew, all of these articles talk about upgrading the machine that has the dc role on it. i want to leave that intact until i have a new server running 2003 corectly.
    LVL 95

    Accepted Solution

    I apologize for not being clear, but you should also try not to think too literally on this.

    Whether you upgrade a DC OR add a new DC running 2003 or 2003 R2, you ARE upgrading the domain.  The proces is essentially the same for upgrading the domain in either case, you need to follow the directions in the 3rd link I posted - it's description reads:
    "Several new features in Windows Server 2003 R2 use Active Directory in a new way. As a result, before one of these features can be installed in a forest, the Active Directory schema of the forest must be extended to include the objects that are required by the new features. The schema must also be extended before a domain controller running Windows Server 2003 R2 is added to a forest, either by upgrade or installation of Active Directory. This document explains when the schema must be extended and how to do it."

    There's nothing you should need to do with the Master Browser.  

    Also, the FIRST link is titled "Common Mistakes When Upgrading a Windows 2000 *Domain* To a Windows 2003 *Domain*" (Note - it says "DOMAIN" and NOT "SERVER").  Read through the article.  

    Also, UNDERSTAND what you're doing and why.  Microsoft Virtual PC is FREE - so is VMWare - install one of them and setup a VIRTUAL test network and do this a couple of times on an unimportant TEST network so that if I've forgotten to tell you something or your forgot to ask something, it won't matter - it's a TEST network.

    LVL 1

    Expert Comment

    Forced accept.

    EE Admin

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    Suggested Solutions

    If you have a multi-homed DNS setup in windows, you can have issues with connectivity to the server that hosts the DNS services (or even member servers of your domain if this same DNS server is a DC). This is because windows registers all of its IPs…
    [b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now