compdigit44
asked on
Adding a Windows 2008 DC to a Windows 2000 Domain
Right now I have a windows 2000 domain with 2 windows 2000 DC's. These DC's are old and are slowly dying. Anyway, I just got two new servers and want to do the following:
- install these new servers with win2k8 and install AD services on them and offload the server rolls to these server before my old server totally fail.
- I very soon I would like to take my current domain structure where all of the AD user accounts reside in the child domain and the parernt domain is just a name space that does host the master DHCP server for the domain and move into one name space only which would be the name of the parent.
1) What problem would I run into by setting up a win2k8 DC in a win2k domain
2) What local GP's on these server would I need to relax?
3) How would this affect my future domain restructure?
- install these new servers with win2k8 and install AD services on them and offload the server rolls to these server before my old server totally fail.
- I very soon I would like to take my current domain structure where all of the AD user accounts reside in the child domain and the parernt domain is just a name space that does host the master DHCP server for the domain and move into one name space only which would be the name of the parent.
1) What problem would I run into by setting up a win2k8 DC in a win2k domain
2) What local GP's on these server would I need to relax?
3) How would this affect my future domain restructure?
Just to add make sure your forest level is at least 2000 native.
ASKER
Ok I just checked my root domain and the "domain leve is Windows 2000 Native" and the Forest level is: Windows 2000" so I think I'm good to go correct???
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Again...
BTW...
Are there any local Group Policies on these Windows 2008 server that I should disable / relax befoer I make them member servers then DC's in my Windows 2000 domain? please note I have some old network devices that stilll use NTLM authentication...
BTW...
Are there any local Group Policies on these Windows 2008 server that I should disable / relax befoer I make them member servers then DC's in my Windows 2000 domain? please note I have some old network devices that stilll use NTLM authentication...
No, there isn't any that I have ran into at all.
We haven't run into any issues but for full disclosure all the old stuff is gone now (from my environment). I'll let you know if I find any info on that.
Thanks
Mike
Thanks
Mike
ASKER
thanks please let me know if you find anything..
How everything going?
You would need to prep your forest and domain for Windows 2008 (adprep /forestprep & /domainprep gpprep
http://technet.microsoft.c
Once you do that you can promote the boxes to be DCs. Hopefully you are running active directory integrated DNS and then you can just install DNS on the 2008 boxes and DNS will replicate too. You should also make the 2008 DCs GCs.
Shouldn't need to relax any GP's
As far as the future to consolidate all the objects into the parent or a new domain would require a migration. You can use a migration tool like ADMT from Microsoft or a third party migration tool.
Are you planning to migrate all your objects into the child into the parent or creating a new forest with the same name as the parent.
One other thing to take into consideration for the future is that Windows 2008 R2 will only be released as a 64 bit version http://blogs.technet.com/w
You may want to go with 64 bit now on the 2008 boxes so you can easily add R2 when it is released later this year (or early next if delayed)
Thanks
Mike