Solved

What is the proper method of upgrading from Server 2003 to server 2008 in a 3-AD server setup?

Posted on 2008-06-12
8
224 Views
Last Modified: 2010-04-20
I have three servers, one is our File and print share DC, one is our secondary DC, and the other is our exchange server.  I would like to upgrade to server 2008 from (all of them being) server 2003.  What is the best way to do it??  (Especially with Active Directory!)  Is it best to bring them all up to 2008 at the same time?  Or is it best to bring one up, another one the next week and the third one a week after that??  What's the proper/recommended way to complete this?
0
Comment
Question by:GFCU
  • 4
  • 4
8 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 250 total points
ID: 21773112
I would do this one server at a time, you can iron out any minor issues that way before doing the next one.

First of all you need to ADPrep /domainprep and ADPrep /forestprep the domain for Server 2008 DCs. You can find ADPrep in the Sources folder on the Server 2008 DVD - the ADPrep command should be run on your existing DC holding the schema master FSMO role.

Then to transfer the first DC over:
Install Windows Server to the new server. Make the new server a member server in your domain with a static IP address. The only DNS server configured at this stage should be the IP of one of your other Domain Controllers. Use dcpromo to promote the server as an additional domain controller in the existing domain.

Ensure DHCP, DNS and Global Catalog roles are moved across to one or more of your new servers. If you are using AD-integrated DNS (which you should) this is as simple as installing the DNS server on the new server (DNS information will replicate with AD) and the DHCP configuration simply needs to be copied from one server or the other. Make sure the DNS server addresses in DHCP AND any statically assigned devices point to one new server for primary, and the other new server for secondary DNS if you install DNS onto it.
For DHCP if you spread it around multiple servers, it is as simple as setting IP scopes on the correct subnet which DON'T overlap (otherwise both servers will give out the same addresses and you will have IP conflicts)

Make sure all the FSMO roles are removed from the first server and transferred to one of the other servers. If you are a single-domain environment, there are no performance or functionality gains from spreading FSMO roles around between servers. They COULD be spread around - it is up to you, but it is recommended they are consolidated onto one server. FSMO transfer guide here: http://support.microsoft.com/kb/324801 and you may like this one: http://www.petri.co.il/transferring_fsmo_roles.htm.
Note you can test if the current server has any FSMO roles by running (at a command prompt)
netdom query fsmo
and examining the output of server FQDNs.
If you see anything about SEIZING FSMO roles, DO NOT undertake this procedure, in this case you can TRANSFER the roles which is a less painful procedure.

For DNS, you should have all zones Active Directory integrated, which means the DNS information is stored in Active Directory and transferred with existing DC-to-DC replication. This eliminates the need for zone transfers. To convert to AD-integrated DNS (or ensure you have this configuration), check out http://support.microsoft.com/kb/198437.

For the Global Catalog role, you can ensure at least one other server is a GC by following http://support.microsoft.com/kb/313994. More information on the Global Catalog role (including why it is needed for user and computer logons) can be found at http://support.microsoft.com/kb/216970.

As a test, shut down the existing DC and make sure all Active Directory and client workstations are functioning properly. If they are, you should be safe to go ahead and run DCPROMO to demote the DC to member server.

Make sure then replicate any data and shares off the server if you intend on completely removing it from your network.

It's then just a case of using dcpromo to remove the second DC from the network, rebuild it and follow the similar procedure to make it an additional DC. This time you'll only need to install DNS, make it a Global Catalog and possibly a DHCP server.

Exchange cannot have an in-place transition, you'll need a temporary server to move Exchange to whilst the current server is rebuilt to Server 2008, then you can move Exchange back.

If you could, a test in a virtual lab test environment (not on the live servers!) wouldn't go amiss before you actually do the work. Also note that the DNS, DHCP and many other roles are installed by using the Add Roles feature in Server Manager - part of Server 2008.

-tigermatt
0
 
LVL 1

Author Comment

by:GFCU
ID: 21815087
This is a project that is obviously going to take some time.  My estimated timeline for completion of this project is by the end of the year.  So as you could imagine this will probably be an ongoing question.  You have provided me with some very valuable information and I will be sure to use it.  I'm sure that I will have more questions through out the process.  I do have a test system that I will experiment on first, prior to the live system installs.  Thank you very much and I'll be sure to re-post as questions arise which I'm most definantly sure that they will!  Thank you very much tigermatt!  I'll let ya know.......
0
 
LVL 58

Assisted Solution

by:tigermatt
tigermatt earned 250 total points
ID: 21815264
That's fine, you can either close this now and then ask another question later on, or keep asking the questions here. Don't forget that after 21 days with no comments this must be reviewed by a Cleanup Volunteer (probably me, funnily enough!) and they will have to recommend what action will be taken with it.
0
 
LVL 1

Author Comment

by:GFCU
ID: 21816141
Hey I have a related question.  Right now everything is 2003, including Exchange.  Is it compatible to run Server '08 with exchange '03?  Or do we have to upgrade to Exchange Server 2007 too??  But then that's only offered in x64 bit edition and were all x86 here.
0
 
LVL 58

Assisted Solution

by:tigermatt
tigermatt earned 250 total points
ID: 21816333
Exchange gets a bit confusing actually. If you actually want to install Exchange on a Windows Server 2008 machine, the only supported version is Exchange 2007 Service Pack 1. Obviously, that would require a 64-bit installation of the server too in order to run Exchange.

You CAN run Exchange 2003/2007 on a Windows Server 2003 server, and have it access Windows Server 2008 domain controllers. But just installing Exchange to the 2008 server, you must use Exchange 2007 SP1 and no earlier.
0
 
LVL 1

Author Comment

by:GFCU
ID: 21816530
wow, okay.  Well that puts a different spin on things.  Alright, thanks for the info.  

Can you install exchange 07 without sp1 and then install sp1 later?  I'm not sure if the exchange 07 version that I have has sp1 included.
0
 
LVL 1

Author Comment

by:GFCU
ID: 21865867
Closing this question for now.  
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21868172
Cheers

Sorry I didn't get back to you - no, you must install Exchange 2007 with Service Pack 1 - it cannot be upgraded after.
0

Join & Write a Comment

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now