We help IT Professionals succeed at work.

Moving active directory to new server

1,022 Views
Last Modified: 2013-12-05
hi
i am a helpdesk technician and recently i was assigned the task to move the win 2003 AD from one server to a newer one

i will follow these steps:

Install Windows 2003 on the new machine
Assign the new computer an IP address and subnet mask on the existing network
Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain
Join the new server in domain as member server
DCPROMO to promote new server to DC
make new server a global catalog server
i am using integreted DNs so it will be replicated
Move  FSMO roles
DCPROMO demote old server

i have a couple of objectives  here that i dont know how to reach :
i want the new server to have the same DNS name and the same IP address of the old one
we are using roaming profiles and the folder for the roming profiles is in a partition on the old server ( the DC) how can i export the roaming profile folder to the new one without having troubles with paths and everything

thanks in advance


Comment
Watch Question

Commented:
That I am aware of you can not rename a server once its promoted to a DC(you may be able to fudge this with dns record pointers but using the word fudge in a configuration for active directory DC's is REALLY REALLY bad.), the IP you can change after the transistion/old server is offline.  


http://www.ss64.com/nt/robocopy.html
As for the folders you can use robocopy to duplicate the directory structure on the new server then recreate the shares/permissions.

You can use xcalcs.exe to export the share permissions for recreating
http://www.ss64.com/nt/xcalcs.html
xcacls.exe \\server\share1 >> text-file


Something to consider, prior to demoting the old server just simply turn it off and make sure everything functions without it being online once all is well turn it back on and then demote.


zf

Commented:
Ok well, 2000 dc's you could'nt but

http://technet.microsoft.com/en-us/library/cc785970.aspx

2003 servers it appears you can.


sorry for my mistake.


zf

Commented:
Given the complexity of the process and requirment of it being perfect I might also suggest setting up an isolated test domain 1 dc, 1 member server to promote and 1/more client pcs with a few shares and dummy accounts trying to closly resemble what you haveand do a practice run if time and hardware permit.  Might be cheaper then a live domain gone a foul.



zf

Commented:
If you have/get the software(vmware workstation or other) and one or two pc's with decent hardware you can set up your testing environment using virtual machines (this is what I do)

www.vmware.com

zf

Author

Commented:
hi
thanks for the link on how to rename a DC that is very useful
it will help me a lot

but is there any other tool i can use to copy all the folders structure along with the permissions
this could help a lot instead of copying all directories with robocopy and applying permissions with xcalcs

sw

Commented:
I am not sure if it will go from 03 to 03 but the File migration tool will if it can.

http://www.microsoft.com/windowsserver2003/upgrading/nt4/tooldocs/msfsc.mspx


aside from that one(and not sure if it supports 03 to 03) none that I know of.

zf

Commented:
Am seeing signs that it can but note* Ive never tried and didnt read anything from anyone who did, all say 'should'* that not working aside robo and xcalcs is the only other method I know of.


zf

Author

Commented:
excellent
it was really a helpful discussion
i wanted to go with an easy solution ( asking about one tool that can copy dir and permissions)
 : )
but i guess i will use robo and xcalcs
thanks a lot now i have the knowledge and the tools to go forward with this task

thanks

Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
tigermattSite Reliability Engineer
CERTIFIED EXPERT
Most Valuable Expert 2011

Commented:
For further information, it is possible to rename a DC after it is promoted to DC. It is quite common for people to want to keep the same server name and IP, and they therefore promote a new server to DC, demote the old and then rename the new server. A restart after the rename is necessary to facilitate the modification of records in DNS.

For copying the user profiles across, just use ROBOCOPY. This tool will allow you to copy the NTFS ACLs along with the files. For example, you would use the command

ROBOCOPY C:\ProfilesFolder \\newservertempname\C$\ProfilesShare /COPYALL /E /XJ

to copy the profiles across with all their security.

-tigermatt

Author

Commented:
thanks
it was very helpful

Commented:
Your very welcome,  thank you for the points.  Was not sure how to adress to close request so hope all is well. If your unsure how to do something or how stuff works here on EE just ask as most here are very willing to explain or atleast poit you in the right direction.  We were all new once :-)




Thanks again,


zf

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.