What is the proper method of upgrading from Server 2003 to server 2008 in a 3-AD server setup?

I have three servers, one is our File and print share DC, one is our secondary DC, and the other is our exchange server.  I would like to upgrade to server 2008 from (all of them being) server 2003.  What is the best way to do it??  (Especially with Active Directory!)  Is it best to bring them all up to 2008 at the same time?  Or is it best to bring one up, another one the next week and the third one a week after that??  What's the proper/recommended way to complete this?
LVL 1
GFCUAsked:
Who is Participating?
 
tigermattCommented:
I would do this one server at a time, you can iron out any minor issues that way before doing the next one.

First of all you need to ADPrep /domainprep and ADPrep /forestprep the domain for Server 2008 DCs. You can find ADPrep in the Sources folder on the Server 2008 DVD - the ADPrep command should be run on your existing DC holding the schema master FSMO role.

Then to transfer the first DC over:
Install Windows Server to the new server. Make the new server a member server in your domain with a static IP address. The only DNS server configured at this stage should be the IP of one of your other Domain Controllers. Use dcpromo to promote the server as an additional domain controller in the existing domain.

Ensure DHCP, DNS and Global Catalog roles are moved across to one or more of your new servers. If you are using AD-integrated DNS (which you should) this is as simple as installing the DNS server on the new server (DNS information will replicate with AD) and the DHCP configuration simply needs to be copied from one server or the other. Make sure the DNS server addresses in DHCP AND any statically assigned devices point to one new server for primary, and the other new server for secondary DNS if you install DNS onto it.
For DHCP if you spread it around multiple servers, it is as simple as setting IP scopes on the correct subnet which DON'T overlap (otherwise both servers will give out the same addresses and you will have IP conflicts)

Make sure all the FSMO roles are removed from the first server and transferred to one of the other servers. If you are a single-domain environment, there are no performance or functionality gains from spreading FSMO roles around between servers. They COULD be spread around - it is up to you, but it is recommended they are consolidated onto one server. FSMO transfer guide here: http://support.microsoft.com/kb/324801 and you may like this one: http://www.petri.co.il/transferring_fsmo_roles.htm.
Note you can test if the current server has any FSMO roles by running (at a command prompt)
netdom query fsmo
and examining the output of server FQDNs.
If you see anything about SEIZING FSMO roles, DO NOT undertake this procedure, in this case you can TRANSFER the roles which is a less painful procedure.

For DNS, you should have all zones Active Directory integrated, which means the DNS information is stored in Active Directory and transferred with existing DC-to-DC replication. This eliminates the need for zone transfers. To convert to AD-integrated DNS (or ensure you have this configuration), check out http://support.microsoft.com/kb/198437.

For the Global Catalog role, you can ensure at least one other server is a GC by following http://support.microsoft.com/kb/313994. More information on the Global Catalog role (including why it is needed for user and computer logons) can be found at http://support.microsoft.com/kb/216970.

As a test, shut down the existing DC and make sure all Active Directory and client workstations are functioning properly. If they are, you should be safe to go ahead and run DCPROMO to demote the DC to member server.

Make sure then replicate any data and shares off the server if you intend on completely removing it from your network.

It's then just a case of using dcpromo to remove the second DC from the network, rebuild it and follow the similar procedure to make it an additional DC. This time you'll only need to install DNS, make it a Global Catalog and possibly a DHCP server.

Exchange cannot have an in-place transition, you'll need a temporary server to move Exchange to whilst the current server is rebuilt to Server 2008, then you can move Exchange back.

If you could, a test in a virtual lab test environment (not on the live servers!) wouldn't go amiss before you actually do the work. Also note that the DNS, DHCP and many other roles are installed by using the Add Roles feature in Server Manager - part of Server 2008.

-tigermatt
0
 
GFCUAuthor Commented:
This is a project that is obviously going to take some time.  My estimated timeline for completion of this project is by the end of the year.  So as you could imagine this will probably be an ongoing question.  You have provided me with some very valuable information and I will be sure to use it.  I'm sure that I will have more questions through out the process.  I do have a test system that I will experiment on first, prior to the live system installs.  Thank you very much and I'll be sure to re-post as questions arise which I'm most definantly sure that they will!  Thank you very much tigermatt!  I'll let ya know.......
0
 
tigermattCommented:
That's fine, you can either close this now and then ask another question later on, or keep asking the questions here. Don't forget that after 21 days with no comments this must be reviewed by a Cleanup Volunteer (probably me, funnily enough!) and they will have to recommend what action will be taken with it.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
GFCUAuthor Commented:
Hey I have a related question.  Right now everything is 2003, including Exchange.  Is it compatible to run Server '08 with exchange '03?  Or do we have to upgrade to Exchange Server 2007 too??  But then that's only offered in x64 bit edition and were all x86 here.
0
 
tigermattCommented:
Exchange gets a bit confusing actually. If you actually want to install Exchange on a Windows Server 2008 machine, the only supported version is Exchange 2007 Service Pack 1. Obviously, that would require a 64-bit installation of the server too in order to run Exchange.

You CAN run Exchange 2003/2007 on a Windows Server 2003 server, and have it access Windows Server 2008 domain controllers. But just installing Exchange to the 2008 server, you must use Exchange 2007 SP1 and no earlier.
0
 
GFCUAuthor Commented:
wow, okay.  Well that puts a different spin on things.  Alright, thanks for the info.  

Can you install exchange 07 without sp1 and then install sp1 later?  I'm not sure if the exchange 07 version that I have has sp1 included.
0
 
GFCUAuthor Commented:
Closing this question for now.  
0
 
tigermattCommented:
Cheers

Sorry I didn't get back to you - no, you must install Exchange 2007 with Service Pack 1 - it cannot be upgraded after.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.