Solved

What is the best way to re assign users file/folder permissions and mapped drives to new DC/fileserver?

Posted on 2011-02-15
13
641 Views
Last Modified: 2012-06-27
Hello,

Im working on a big project.

Current Environment
DC:
fileserver.rapa.local (Old backup DC - win2k3)
FILESERVER2.rapa.local (New DC - win2k8 R2 Enterprise)
Starvasc.rapa.local (Child domain of rapa.local - win2k3)

All Forest/domain functioning levels are 2003.

I'm currently moving into a Virtual Infrustructor which is setup like this:
ESX/i
VM#1 vCenter
VM#2 AD, DNS, DHCP (note: Dhcp is only for my headquarters)
VM#3 New Fileserver

I have other ESX/i servers and VMs, but i'll leave them out for this discussion.

I have successfully launch all ESX/i HOST servers and VMs. My goal is to have one of my VMs running win2k8 R2 Enterprise as a primary DC with secondary DC being my old win2k3 server. I also want to transfer all my data from Fileserver to new VM#3 Fileserver without  losing all permissions and connection to FS ip address.

What I did in the beginning of this project

I ran commands (adprep32 /forestprep,adprep32 /domainprep /gpprep and adprep /rodcprep)  on our old box (win2k3) to prepare old domain's schema for the new server's OS with new features physical servers.

ALL COMPLETED SUCCESSFULLY

I join my new VM server, which is going to be new DC to the domain and began the DCPROMO cmd.

I selected Existing Forest

Name of domain in the forest where you plan to install this domain - I seleted rapa.local

Specified the account credentials to use to perform the install -
My current logged on credentials

I got to the part where I select DNS and global catalog and hit next. What happen is that I got the next screen which provided addtional information stating:

There is currently 1 DNS server that is registered as an authoritative name server for this domain.

A domain controller running Windows Server 2008 or Windows Server 2008 R2 could not be located in this domain. To install a read-only domain controller, the domain must have a domain controller running Windows Server 2008 or Windows Server 2008 R2.

I hit next as RODC is not in the plans.

I got a popup stating:
A delegation for this DNS cannot be created because the authoritative parent zone cannot be found or it does not run Windows DNS server. If you are intergrating with an existing DNS infrustructure, you should manually create a delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain "rapa.local" Otherwise, no action is required.

This server will be the primary DC once I get it up and running. The old server will be a backup/second DC.

I HIT NEXT and WENT FORWARD SUCCESSFULLY.

I transferred all FSMO by following this link
http://support.microsoft.com/kb/324801

ALL COMPLETED SUCCESSFULLY.

I have not transferred my DHCP yet. I'm waiting until my practice can go down for a few minutes.

I'm trying to figure out how I can test my new domain controller and see if it's all working up to this point? I would not like to find out any issues once I transferred DHCP and fully commit this server. I'm also trying to put a plan together on how I'm going to remap all useres to new fileserver's ip address once I transfer all data to new Fileserve and how do I transfer over all the permissions that were assigned to old Fileserver share data directory?

How can I accomplish these task the most safe and effient way that will save me time?
Thanks,

nimdatx
0
Comment
Question by:nimdatx
  • 5
  • 5
  • 3
13 Comments
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 300 total points
ID: 34898822
First you would run dcdiag after making server a DC to check for any issues.

You can then use Robocopy to move files with permissions to new server.

The best test is dcdiag to check for any errors. Once you have new DC with Global Catalog and FSMO roles.
0
 
LVL 1

Author Comment

by:nimdatx
ID: 34899460
ok. I downloaded the resource kit, how do I move my data from my Server 2003 DC1 to my server 2008 ESX host 1 with VM3 (fileserver)?

 Data on win2k3
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 200 total points
ID: 34900927
You can use a Robocopy GUI to make it easier than trying to figure out the command line switches


http://www.mytechguide.org/2009/10/13/microsoft-robocopy-gui/
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 1

Author Comment

by:nimdatx
ID: 34900963
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 200 total points
ID: 34901018
Robocopy most likely would be less complicated
0
 
LVL 1

Author Comment

by:nimdatx
ID: 34901105
Will robocopy transfer over all shared folder/file permissions? Once I move all my data to my new Fileserver (VM), can I just change the ip address on New fileserver to what I had assign to old fileserver, so all my users mapped drives will be saved?
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 200 total points
ID: 34901460
Yes

"Microsoft Robocopy is an advanced copy tool with features like automatic resume of file transfer on error or during network disruption, recover from terminated file copying, selective copying based on new or updated criteria. Robocopy can also keep intact all the file properties including date and time, security access control lists (ACLs) and more while copying the file."
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34901946
You can change the IP address. Is this a Domain Controller as well?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 300 total points
ID: 34901965
Since this is a domain controller you would have to run ipconfig /flushdns, ipconfig /registerdns, and dcdiag /fix after to change password of DC. If you are going to change name of DC there are extra steps

http://www.petri.co.il/rename-windows-server-2008-domain-controllers.htm
0
 
LVL 1

Author Comment

by:nimdatx
ID: 34907067
So changing the IP address on my new DC (win2k8) to be my old DC IP address (win2k3) will be ok?

I don't have to do anything else but just change the IP Address? Note: I will still have old DC in production as a backup.

I don't see why I need to change computer name.

dcdiag /fix after to change password of DC <---- I didnt understand why I would need to change password or if you meant IP Address?

Thanks,

nimdatx
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34907877
dcdiag /fix doesn't change password it updates all DNS records. Sorry this was a mistype

If you are running your shares by name then you would need to change the name.

If you have the old DC is production then make sure you have all DNS records removed off that DC and run the same commands after changing IP address.
0
 
LVL 1

Author Comment

by:nimdatx
ID: 34908488
Is this a typical solution or is there a better way to remap all users to the fileserver shares. I'm looking for a safe solution. What would you do?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34908843
Depends on programs that rely on the network drive. Usually I just remap the users to the new share drive with a login script.

If the name is required and IP address then I change the IP address and name of the server once data is moved over.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When converting a physical machine to a virtual machine using VMware vCenter Converter Standalone or vCenter Converter Enterprise, if an adapter type is not selected during the initial customization the resulting virtual machine may contain an IDE d…
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question