How to upgrade the Active Directory in our environment from 2003 to 2008R2

Posted on 2011-02-10
Last Modified: 2012-05-11
Our topology consists of 7 Servers.

1 - Server 2003 SP2, GC/DC
1 - Server 2003 SP2, DC
1 - Server 2003 R2, DC, Exchange Server
1 - Server 2003 R2, Member Server
1 - Server 2003 SP2, File Server
1 - Server 2008 R2, Terminal Server
1 - Server 2008 R2, File Server

Our current forest level is 2000, and the domain level is 2003.  Is it save to say that I can just put a 2008 R2 cd in the GC/DC and run the forest prep and ad prep commands to upgrade the levels?  If there is anything else that we need to be aware of so we dont break the domain, that would be appreciated. Thanks.
Question by:jhuntin
LVL 95

Accepted Solution

Lee W, MVP earned 334 total points
ID: 34867436
Dependas.  Are you UPGRADING the domain to AD 2008 native mode or do you just want to add a 2008 R2 DC?  If you upgrade AD, then your 2003 DCs will no longer replicate with AD.  If you just prep the domain and add a 2008 R2 DC, that's fine.

I would, of course, run some diags first - DCDIAG and such to verify the AD is healthy.

Author Comment

ID: 34867534
I want to eventually turn the 2003 GC/DC to a 2008 R2 GC/DC but at this point i just wanted to upgrade the domain to support DFS that I am trying to get working on the two 2008 servers.  I cant get them to work properly together because I dont think the AD is supporting it.

Author Comment

ID: 34867828
Also, my forest level is 2000. Should I move that to 2003 right now?
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 334 total points
ID: 34867854
If you're looking to support DFS-R you need 2003 R2 or later.

If you have no 2000 DCs and don't plan on ever making them, then I'd make the domain 2003 native.

Note you CANNOT upgrade 2003 DCs to 2008 R2 as there is no 32 to 64 bit upgrade path.  You CAN MIGRATE - but a Migration is NOT an upgrade.

Author Comment

ID: 34867879
Ok, so what would you say is the best way to migrate that 2003 GC/DC to to 2008? I can migrate the roles to a new 2008 GC/DC box, but I need to eventually get the 2008 box to work at the same IP address that the decomissioned 2003 box was at.  Also, what do should I be concerned with on the other DC's that are 2003 and 2003 R2 for the exchange server? Can those be DC's with the newly 2008?
LVL 95

Expert Comment

by:Lee W, MVP
ID: 34867923
> but I need to eventually get the 2008 box to work at the same IP
> address that the decomissioned 2003 box was at
Why?  Why do you need to keep the same IPs?  

So long as the mode of the domain is not higher than an existing DC, all DCs should be able to communicate with each other, assuming you have everything setup properly.

Author Comment

ID: 34867947
Well all of the workstations that are on the network are pointed to that DNS server which is the GC/DC for authentication. So it would be necessary I suppose in order for them to authenticate, right?
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 166 total points
ID: 34872320
LVL 74

Expert Comment

by:Glen Knight
ID: 35339979
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
schema master 5 27
non-domain members are not prompted for credentials 18 43
Cannot Change Local DNS 9 44
TLS/SSL Diable 3DES ciper suites 4 30
This article runs through the process of deploying a single EXE application selectively to a group of user.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question