Solved

upgrading from windows 2003 R2 to windows 2008

Posted on 2008-06-24
7
1,016 Views
Last Modified: 2008-08-11
Hi
I have 2 windows 2003 R2 DCs + 2 Exchange 2003 SP2 BE, FE on windows 2003 also. everything is working very well
I have windows 2008 license and media but I am worry about the migration. shall I go ahead or just keep my system as it is. if you recommend the upgradation so what is the main ben benefits I will get from that also what is the drawback of that.

waiting for your recomendations

Thanks
0
Comment
Question by:Ahmed Abdel Salam
7 Comments
 
LVL 6

Expert Comment

by:JapyDooge
ID: 21854590
If it's working very well and you don't need any new functions, i would keep it as how it is now.

Windows Server 2008 is a very new product and has a big change there are lots of bugs leftover. You better wait before putting it in production (or test it on a spare server to see if it works for you and with your current software).

At least you should consult every company that provides you software if it guaranteed works on Windows Server 2008.
0
 
LVL 13

Accepted Solution

by:
TheCapedPlodder earned 250 total points
ID: 21854645
There are some excellent advantages to using Windows Server 2008 especially with respect to Active Directory e.g. Read only Domain Controllers for branch offices, server core so no GUI clogging up performance, role based functionality so no unwanted services or ports opened so it's more secure etc.

That said if your current environment works well I'd be very careful about making too much change too quickly.  At the present time unless you have a pressing need to upgrade to Exchange 2007 I would leave your Exchange servers well alone.

In your position I'd start as follows:

i. Acquire some spare tin and install Server 2008.  Play with it extensively and get to know it well.  Re-install it a few times and get the hang of things.  Install it with GUI first and then try out server core for a while.

ii.  Once you're sure Server 2008 is ready for you and as important you are ready for it then buy some new time and build your first 2008 member server.

iii.  Run Domain Prep and Forest Prep to ready your domain for it's first 2008 DC and then promote the new 2008 server to be a DC.

iv. Once you're sure it's behaving itself consider moving GC, DNS, DHCP, FSMO roles etc. in a phased manner and once you're really satisfied consider rebuilding your current DC's to 2008 and raising the functional level to 2008 Native Mode.

This would be a background project over the course of a few weeks or months.  As always ensure your servers are fully patched and running the latest hot-fixes and service packs.

I'll reiterate that I'd leave Exchange well alone for the time being.

I'm using 2008 heavily but we're in an enormous computing environment of over 500 servers.  I'm very impressed but we haven't yet looked at 2008 for DC functionality but that will be coming soon.

Cheers,

TCP
0
 
LVL 58

Assisted Solution

by:tigermatt
tigermatt earned 250 total points
ID: 21854728
Windows Server 2008 has a LOT of advantages and benefits over the older Windows Server 2003. It has a completely reworked OS core, which means it is a lot more secure (with UAC and lots of other new features), and obviously an upgrade now would stand you in good position for probably the next 5 years, at least.

The only thing you need to be careful of is that all your applications are still going to work after the upgrade. If you intend on running Exchange on your new 2008 servers, you MUST upgrade to Exchange 2007 SP1. You can keep your Exchange Servers running on Server 2003, and just introduce new Server 2008 DCs, if you don't want to upgrade Exchange at this stage.

The standard procedure for adding 2008 DCs to your domain is as below:

--
Install Windows Server 2008 onto the new server which is intended to be promoted as a Domain Controller. Ensure the new server is assigned a routable static IP address on your IP subnet. Ensure the IP address is not included in any of your existing DHCP scopes. The only DNS server entry at this stage should be the IP address of one of the Domain Controllers which is running the DNS server service on your network.

After installation, join the new machine to the existing domain as a member server. This procedure is exactly the same as joining a workstation to the domain.

Since you are upgrading the Operating System on the new Domain Controller, you will need to add some values to the existing Active Directory schema, in order for the new server to become a Domain Controller. Windows Server 2008 supports more functionality than before, so a schema upgrade for the domain and forest is required to facilitate this and make this new feature set fully functional on the domain. To make the necessary changes, you must be logged on as the built-in Administrator user account, or a user with Domain, Schema and Enterprise Admin privileges.

Insert the Windows Server 2008 media into your current server which is holding the Schema Master Operations Role (FSMO role). Open a command prompt and browse to sources\adprep folder within the Windows Server 2008 DVD media. Execute the command adprep /forestprep. Once complete, you must wait for the changes to be replicated to all domain controllers in the domain and forest before you can continue.

Next, execute adprep /domainprep . You must be logged on as a Domain Admin user for these steps to work correctly. Once these commands have run and replication has taken place your Active Directory schema will have been extended to support Windows Server 2008 as a Domain Controller.

The next step is to promote the new server as a Domain Controller for the domain. Enter dcpromo at a command prompt and follow the wizard. When prompted, select the option for an additional domain controller in an existing domain. After the wizard completes, the new server will be acting as a Domain Controller for your domain. It is necessary at this point to restart the server for these changes to be applied.

In a single-domain Active Directory forest, all servers should also be Global Catalog servers. The Global Catalog is a required component of Active Directory which is used during logins to establish universal group membership for a user account. To promote the new server as a Global Catalog, open Active Directory Sites and Services from the Administrative Tools container within Control Panel or on the Start Menu. Double-click Sites, then Servers, followed by the name of the new server. Next, right-click "NTDS Settings" and select Properties. On the General tab, check the Global Catalog checkbox. Restart the new Domain Controller for changes to take effect.

If you wish the new server to become the holder of one or more Operations (FSMO) roles, you will need to transfer these roles to the new server. In a single-domain environment, you gain no benefits from spreading FSMO roles between Domain Controllers

The current FSMO role configuration for your network can be found by running the command "netdom query fsmo" at a command prompt on a Domain Controller.

To transfer one or more of these FSMO roles to the new domain controller, follow the information detailed in the following Microsoft Support article: http://support.microsoft.com/kb/324801. Please ensure any other information you follow is information regarding the TRANSFER of FSMO roles. Seizing FSMO roles is an emergency operation which should not be performed during this procedure.

DNS is a critical component of your Active Directory network. The easiest way to install the DNS role onto the new server is to follow the instructions outlined at http://technet2.microsoft.com/WindowsServer2008/en/library/3cf4d1b1-7a6e-4438-bf4f-22d9468c17321033.mspx You should be already using Active Directory-integrated DNS zones, which is the easiest method of allowing DNS replication to occur - DNS information is stored in Active Directory and replicates with Domain Controller replication traffic. To check if your DNS zones are AD-integrated (and convert them if not), please follow http://support.microsoft.com/kb/227844.

You probably want to enable DNS forwarding in the DNS console on the server, too. This forwards lookups for external domains to a DNS server at your ISP, which allows the server to effectively resolve DNS for external domains. More information on forwarders can be found at http://technet2.microsoft.com/WindowsServer/en/Library/ee992253-235e-4fd4-b4da-7e57e70ad3821033.mspx.

To move DHCP to the new server, you will need to first install the role. To install the role in Windows Server 2008, check the DHCP Server role option within the Add Roles wizard in the Server Manager. To correctly configure DHCP after the role is installed on your new server, you will need to ensure you configure it to distribute IP addresses which are in a different range to the IP scope defined on the other DHCP servers. You should also ensure the correct DNS and WINS servers are entered into the scope options. Remember that the only DNS servers which should be configured on workstations are the Domain Controllers which are also acting as DNS servers - no ISP DNS server should ever be set through DHCP.

-tigermatt
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 6

Author Comment

by:Ahmed Abdel Salam
ID: 21854946
Thanks  all for replies,
I have already add one normal PC as a DC member with win 2008 server, but for some how it is failed to be working fine (driver and H/W issues) so I removed it from the domain completly. but now I have prepared my domain by adprep /forestprep from win2008 CD, is this is effecting the current 2003 enviroment incase I don't have any 2008 DC right now ??
 
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21854974
ADPREP merely extends the schema in readiness for the first 2008 DC, it has no negative effect on the 2003 servers.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21855371
Yes, the extension to the schema will not affect your Domain Controllers because the functional level of the domain and forest is still at a level which supports Windows Server 2003 Domain Controllers (probably Server 2000 or Server 2003).
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21859048
Thanks!
:-)

-tigermatt
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question