?
Solved

Migration from Windows 2000 to 2003 and replacment of old server to new.

Posted on 2007-10-13
1
Medium Priority
?
225 Views
Last Modified: 2013-12-05
I have a client that has an old Windows 2000 Enterprise Server that I'm going to be replacing with a new Microsoft Windows 2003 Enterprise Server and need help performing the migration on the PDC.  The server has Active Directory Services and files on it.  I'm concerned more with the migration of ADS because of all the groups and policies.  

I'm not sure the order or procedures for a new server including the migration process.  Do demote the existing server and promote the new server and run the Active Directory Migration tool on the new server?  What are the procedures?
0
Comment
Question by:mpatryn
1 Comment
 
LVL 70

Accepted Solution

by:
KCTS earned 2000 total points
ID: 20071432
The general procedure is:

Install Windows 2003 on the new machine

Assign the new computer an IP address and subnet mask on the existing network
Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

Inserth the 2003 CD in the 2000 machine and run adprep /forestprep and adprep /domainprep adprep is in the i386 folder on the CD  (If the new Windows 2003 server is the R2 version then you need to run Adprep  from CD2 of the R2 disks on the existing Domain controller. Adprep is in the \CMPNENTS\R2\ folder on CD2)

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line Select Additional Domain Controller in an existing Domain

Once Active Directory is installed then to make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

Make sure the new DC is also a DNS server, install DNS. Assuming that you were using Active Directory Integrated DNS on the first Domain Controller, DNS will have replicated to the new domain controller along with Active Directory.

If you are using DHCP you should spread this across the domain controllers, In a simple single domain this is easiest done by Setting up DHCP on the second Domain controller and using a scope on the same network that does not overlap with the existing scope on the other Domain Controller. Dont forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set to one domain controller, and the Alternate DNS to the other, that way if one of the DNS Servers fails, the clients will automatically use the other,

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and DHCP. You now need to transfer the FSMO roles  - see http://www.petri.co.il/transferring_fsmo_roles.htm

You are now reasy to remove the old DC (or you can leave it running to provide resilliance)

If this is a domain controller then first make sure that you have:-

If the DC is running DHCP:  Install DHCP on the new DC, set up the scope and authorise it. remove DHCP from the old DC.

DNS: Make sure that all of your clients are set to use the new DC as their Preferred DNS server (either by static entries or DHCP options)

Power down to old DC and make sure that all is well, once satisfied power on the old DC again, then run DCPROMO for remove it's domain controller status. If you want to remove the machine from the domain then you can do so one it's DC role has been removed
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question