Link to home
Create AccountLog in
Avatar of skintwido
skintwido

asked on

Moving active directory to new server

hi
i am a helpdesk technician and recently i was assigned the task to move the win 2003 AD from one server to a newer one

i will follow these steps:

Install Windows 2003 on the new machine
Assign the new computer an IP address and subnet mask on the existing network
Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain
Join the new server in domain as member server
DCPROMO to promote new server to DC
make new server a global catalog server
i am using integreted DNs so it will be replicated
Move  FSMO roles
DCPROMO demote old server

i have a couple of objectives  here that i dont know how to reach :
i want the new server to have the same DNS name and the same IP address of the old one
we are using roaming profiles and the folder for the roming profiles is in a partition on the old server ( the DC) how can i export the roaming profile folder to the new one without having troubles with paths and everything

thanks in advance


Avatar of zoofan
zoofan
Flag of United States of America image

That I am aware of you can not rename a server once its promoted to a DC(you may be able to fudge this with dns record pointers but using the word fudge in a configuration for active directory DC's is REALLY REALLY bad.), the IP you can change after the transistion/old server is offline.  


http://www.ss64.com/nt/robocopy.html
As for the folders you can use robocopy to duplicate the directory structure on the new server then recreate the shares/permissions.

You can use xcalcs.exe to export the share permissions for recreating
http://www.ss64.com/nt/xcalcs.html
xcacls.exe \\server\share1 >> text-file


Something to consider, prior to demoting the old server just simply turn it off and make sure everything functions without it being online once all is well turn it back on and then demote.


zf
Ok well, 2000 dc's you could'nt but

http://technet.microsoft.com/en-us/library/cc785970.aspx

2003 servers it appears you can.


sorry for my mistake.


zf
Given the complexity of the process and requirment of it being perfect I might also suggest setting up an isolated test domain 1 dc, 1 member server to promote and 1/more client pcs with a few shares and dummy accounts trying to closly resemble what you haveand do a practice run if time and hardware permit.  Might be cheaper then a live domain gone a foul.



zf
If you have/get the software(vmware workstation or other) and one or two pc's with decent hardware you can set up your testing environment using virtual machines (this is what I do)

www.vmware.com

zf
Avatar of skintwido
skintwido

ASKER

hi
thanks for the link on how to rename a DC that is very useful
it will help me a lot

but is there any other tool i can use to copy all the folders structure along with the permissions
this could help a lot instead of copying all directories with robocopy and applying permissions with xcalcs

sw
I am not sure if it will go from 03 to 03 but the File migration tool will if it can.

http://www.microsoft.com/windowsserver2003/upgrading/nt4/tooldocs/msfsc.mspx


aside from that one(and not sure if it supports 03 to 03) none that I know of.

zf
Am seeing signs that it can but note* Ive never tried and didnt read anything from anyone who did, all say 'should'* that not working aside robo and xcalcs is the only other method I know of.


zf
excellent
it was really a helpful discussion
i wanted to go with an easy solution ( asking about one tool that can copy dir and permissions)
 : )
but i guess i will use robo and xcalcs
thanks a lot now i have the knowledge and the tools to go forward with this task

thanks

ASKER CERTIFIED SOLUTION
Avatar of zoofan
zoofan
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of tigermatt
For further information, it is possible to rename a DC after it is promoted to DC. It is quite common for people to want to keep the same server name and IP, and they therefore promote a new server to DC, demote the old and then rename the new server. A restart after the rename is necessary to facilitate the modification of records in DNS.

For copying the user profiles across, just use ROBOCOPY. This tool will allow you to copy the NTFS ACLs along with the files. For example, you would use the command

ROBOCOPY C:\ProfilesFolder \\newservertempname\C$\ProfilesShare /COPYALL /E /XJ

to copy the profiles across with all their security.

-tigermatt
thanks
it was very helpful
Your very welcome,  thank you for the points.  Was not sure how to adress to close request so hope all is well. If your unsure how to do something or how stuff works here on EE just ask as most here are very willing to explain or atleast poit you in the right direction.  We were all new once :-)




Thanks again,


zf