Link to home
Create AccountLog in
Avatar of sfaexpert
sfaexpert

asked on

Migration of 2003 AD to 2008 AD: Final Steps.

I cannot access other machines in my network. It seems that the only logon server is the old domain controller. When it is on the network, everything is fine. When I disconnect it, I get login prompts for any server I want to access.

With the old DC unplugged, I can ping a machine by IP and Name. I can also do a NSLOOKUP on the machine. I can also access the Internet.

I am migrating a Windows 2003 AD to Windows 2008 R2. The steps I followed can be found in https://www.experts-exchange.com/questions/23890010/Migration-2003-server-DC-to-2008-Server-DC.html.

The stage I am at is that I have disconnected my 2003AD in order to make sure all settings have come over and that I am completely functional with the new DC. I have not yet run DCPROMO on the old DC.

The new 2008 server had the AD, DNS, and DHCP roles installed. DHCP seems to be working as workstations are being assigned IP addresses from the new range.
ASKER CERTIFIED SOLUTION
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
What type of DNS are you running. If you run AD integrated DNS then the DNS for your old and new DC will
be synchronized. You will still need to  change your static dns ip to the new dns. DNS is one of the key points for good AD.
Avatar of sfaexpert
sfaexpert

ASKER

Here are answers to all:

Scope options for DHCP: 003: router address; 006: static IP address of new db + IP DNS server addresses; 015: DNS Domain name. When I go to a workstation and ipconfig /all, I get the settings I want and expect (default gateway, DHCP server, DNS servers)

DNS is AD integrated.

I have not yet demoted my old DC. I have just been unplugging the network cable to test. I am ready to dcpromo the old once these tests are done sucessfully.

Symptoms:

If I click start | Run \\memberserver with the old DC plugged in, I can access
If I click start | Run \\memberserver without the old DC plugged in, I get a Windows Security dialog box prompting me for credentials.

I feel like something is still pointing back to the old DC as the only logon server.
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Yes, when I run "netdom query fmso" at a command prompt, all 5 roles point to my new server.
Is your new DC (Windows Server 2008) configured as Global Catalog ?

Krzysztof
Yes, it is.
The migration was bad, not the advice!
I cannot close this out: appears I am in a loop!
Thank you for your efforts, experts. The migration was so horrible that I ditched it.
hi
i suggest you to use sbsmigration.com and start over if you can this is a risk free way to migrate and at any time it mess up it will not impact anything