Solved

Migrate from Windows SBS 2003 to Windows Server 2008

Posted on 2009-04-14
6
828 Views
Last Modified: 2012-06-28
We are going to migrate from SBS 2003 to Windows 2008 Server. In out domain today the SBS 2003 is domain server and then we have a Windows server 2003 as the dc number two. We are also planning to migrate Exchange in the SBS Server to Exhange 2007.We are expanding and the number of users will be round 100 in the near future. What is the best way to migrate to Windows 2008 Server?  Is it possible to use the second dc, the 2003 Server, and set up a new domain with the same domain name, join the new 2008 Server to it and let the new server become the new pdc?  If this is possible, then continue with taking down the SBS 2003 and put in the new 2008 Server in the old domain. Is this possible or not?
0
Comment
Question by:SommelierRHS
6 Comments
 
LVL 4

Expert Comment

by:mansmanf
ID: 24137915
From my experience I would completely set up the new domain and server from the scratch.
Use another domainname, connect the old shares and move the data.
Create the shares with exactly the same names.
You could rename the new domain (after all essential data has been copied) to the old name.
Remove the old DC from the network and rename the server to the old name. Also use the old IP, if possible.
This procedure would save you from fixing broken links or shortcuts on the client workstations/notebooks later. But you have to re-join all clients to the new domain manually.

Unfortunately SBS can not be trusted to another (new) domain for migration...

There are some MS migration utilites available, check out also MS documentation (e.g. Technet etc.)
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24138063

Hey,

Have you purchased your licenses for the new software yet? If you haven't, I'd strongly recommend you consider moving to EBS. It is a managed environment, like SBS, but has support for more users as roles are spread across 3 servers. It would be ideal for a network of 100 users.

If you have purchased your licenses, the procedure you are looking to follow is at the end of this message. It's very simple, and will enable you to keep the current domain environment, but simply upgrade it in order to remove the SBS Server. I would not agree with the previous poster in that setting up a new domain from scratch is easier in many cases; it is in some, but not all. The only added complexity in migrating off an SBS is you need to be careful when roles are transferred and only transfer some just before the SBS is about to be demoted from the network.

-Matt

--

Install Windows Server 2008 onto the new server which is intended to be promoted as a Domain Controller. Ensure the new server is assigned a routable static IP address on your IP subnet. Ensure the IP address is not included in any of your existing DHCP scopes. The only DNS server entry at this stage should be the IP address of the existing domain controller on your network.

After installation, join the new machine to the existing domain as a member server. This procedure is exactly the same as joining a workstation to the domain.

Since you are upgrading the Operating System on the new Domain Controller, you will need to add some values to the existing Active Directory schema, in order for the new server to become a Domain Controller. Windows Server 2008 supports more functionality than before, so a schema upgrade for the domain and forest is required to facilitate this and make this new feature set fully functional on the domain. To make the necessary changes, you must be logged on as the built-in Administrator user account, or a user with Domain, Schema and Enterprise Admin privileges.

Insert the Windows Server 2008 media into your current SBS server . Open a command prompt and browse to sources\adprep folder within the Windows Server 2008 DVD media. Execute the command adprep /forestprep.

Next, execute adprep /domainprep . You must be logged on as a Domain Admin user for these steps to work correctly. Once these commands have run your Active Directory schema will have been extended to support Windows Server 2008 as a Domain Controller.

The next step is to promote the new server as a Domain Controller for the domain. Enter dcpromo at a command prompt and follow the wizard. When prompted, select the option for an additional domain controller in an existing domain. After the wizard completes, the new server will be acting as a Domain Controller for your domain. It is necessary at this point to restart the server for these changes to be applied.

In a single-domain Active Directory forest, all servers should also be Global Catalog servers. The Global Catalog is a required component of Active Directory which is used during logins to establish universal group membership for a user account. To promote the new server as a Global Catalog, open Active Directory Sites and Services from the Administrative Tools container within Control Panel or on the Start Menu. Double-click Sites, then Servers, followed by the name of the new server. Next, right-click "NTDS Settings" and select Properties. On the General tab, check the Global Catalog checkbox. Restart the new Domain Controller for changes to take effect.

DNS is a critical component of your Active Directory network. The easiest way to install the DNS role onto the new server is to follow the instructions outlined at http://technet2.microsoft.com/WindowsServer2008/en/library/3cf4d1b1-7a6e-4438-bf4f-22d9468c17321033.mspx You should be already using Active Directory-integrated DNS zones, which is the easiest method of allowing DNS replication to occur - DNS information is stored in Active Directory and replicates with Domain Controller replication traffic. To check if your DNS zones are AD-integrated (and convert them if not), please follow http://support.microsoft.com/kb/227844.

You probably want to enable DNS forwarding in the DNS console on the server, too. This forwards lookups for external domains to a DNS server at your ISP, which allows the server to effectively resolve DNS for external domains. More information on forwarders can be found at http://technet2.microsoft.com/WindowsServer/en/Library/ee992253-235e-4fd4-b4da-7e57e70ad3821033.mspx.

To move DHCP to the new server, you will need to first install the role. To install the role in Windows Server 2008, check the DHCP Server role option within the Add Roles wizard in the Server Manager. To correctly configure DHCP after the role is installed on your new server, you will need to ensure you configure it to distribute IP addresses which are in a different range to the IP scope defined on the other DHCP server. You should also ensure the correct DNS and WINS servers are entered into the scope options. Remember that the only DNS servers which should be configured on workstations are the Domain Controllers which are also acting as DNS servers - no ISP DNS server should ever be set through DHCP.

Once all of these steps have been completed, you should have successfully transferred all of the Active Directory roles to the new domain controller. At this stage, I would suggest you shut down the old domain controller and check to ensure all services on workstations and servers are working correctly - including logins. If they are, you have transferred Active Directory correctly.

The next step is to run the upgrade and transition to Exchange Server 2007 BEFORE you dcpromo the SBS. To do the transition, you should follow this excellent set of 3 articles specifically detailing an Exchange 2003 to 2007 migration. The first article is at http://www.msexchange.org/tutorials/Transitioning-Exchange-2000-2003-Exchange-Server-2007-Part1.html. In the 3rd article in the series, you will follow a procedure to decommission the 2003 Exchange installation on the SBS - this MUST be done before you dcpromo the SBS, even if Exchange holds none of the mailboxes or roles.

If everything now works with the SBS 2003 shut down, you should be safe to switch the old DC back on and transfer the FSMO roles. Once you do this, the SBS will be rendered next to useless, and must be taken off the network.To transfer the FSMO roles to the new domain controller, follow the information detailed in the following Microsoft Support article: http://support.microsoft.com/kb/324801. Please ensure any other information you follow is information regarding the TRANSFER of FSMO roles. Seizing FSMO roles is an emergency operation which should not be performed during this procedure. run dcpromo and demote it from its Domain Controller role.

You can then go ahead and dcpromo the SBS server out of the domain. This will remove the SBS as a Domain Controller, leaving it as a member server on the network. It will now need to be disconnected and formatted before being reintroduced.
0
 

Author Comment

by:SommelierRHS
ID: 24138636
So if I understand you correctly the best way to do it is to:
1. Set up a new domain with a new domain name, with the Windows Server 2008 alone as the dc
2. Connect the old shares and move data
3. Create the shares with exactly the same names
4. Use a migration tool to migrate the stuff in the old AD to the new AD
5. Remove the SBS 2003
6. Rename the new domain name to the old one
7. Rename the new server to the old server name
8. Set the ip on the new server to the old servers ip
9. Move all member servers to the new domain without fixing anything (just joining the domain)
10. Move all clients to the new domain without fixing anything (just joining the domain).

All steps are clear but number 3. Or is it simply a part of number 2, connecting and moving data?
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 24138684

>> Set up a new domain with a new domain name, with the Windows Server 2008 alone as the dc

Nope. If you follow my procedure, the easiest way is to install the Server 2008 as a DC in your current domain, which will allow everything to easily migrate across.

I'd suggest you go for this option; it will be easier and much less confusion for you in the long run. See my post above (http:#a24138063) for the full process.

-Matt
0
 

Author Closing Comment

by:SommelierRHS
ID: 31569881
Great, thank you tigermatt, I will go for your solution.
0
 
LVL 11

Expert Comment

by:manav08
ID: 26473220
Tigermatt,

You mention the following -

-----------------------------------------------------------------------------
You probably want to enable DNS forwarding in the DNS console on the server, too. This forwards lookups for external domains to a DNS server at your ISP, which allows the server to effectively resolve DNS for external domains. More information on forwarders can be found at http://technet2.microsoft.com/WindowsServer/en/Library/ee992253-235e-4fd4-b4da-7e57e70ad3821033.mspx.
-----------------------------------------------------------------------------

Dont you think that forwarders generate extra traffic since every query will then be forwarded to your ISPs DNS Server and their cache would be used. Aren't Root hints suffice. Please comment.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now