Solved

What is the best way to re assign users file/folder permissions and mapped drives to new DC/fileserver?

Posted on 2011-02-15
13
636 Views
Last Modified: 2012-06-27
Hello,

Im working on a big project.

Current Environment
DC:
fileserver.rapa.local (Old backup DC - win2k3)
FILESERVER2.rapa.local (New DC - win2k8 R2 Enterprise)
Starvasc.rapa.local (Child domain of rapa.local - win2k3)

All Forest/domain functioning levels are 2003.

I'm currently moving into a Virtual Infrustructor which is setup like this:
ESX/i
VM#1 vCenter
VM#2 AD, DNS, DHCP (note: Dhcp is only for my headquarters)
VM#3 New Fileserver

I have other ESX/i servers and VMs, but i'll leave them out for this discussion.

I have successfully launch all ESX/i HOST servers and VMs. My goal is to have one of my VMs running win2k8 R2 Enterprise as a primary DC with secondary DC being my old win2k3 server. I also want to transfer all my data from Fileserver to new VM#3 Fileserver without  losing all permissions and connection to FS ip address.

What I did in the beginning of this project

I ran commands (adprep32 /forestprep,adprep32 /domainprep /gpprep and adprep /rodcprep)  on our old box (win2k3) to prepare old domain's schema for the new server's OS with new features physical servers.

ALL COMPLETED SUCCESSFULLY

I join my new VM server, which is going to be new DC to the domain and began the DCPROMO cmd.

I selected Existing Forest

Name of domain in the forest where you plan to install this domain - I seleted rapa.local

Specified the account credentials to use to perform the install -
My current logged on credentials

I got to the part where I select DNS and global catalog and hit next. What happen is that I got the next screen which provided addtional information stating:

There is currently 1 DNS server that is registered as an authoritative name server for this domain.

A domain controller running Windows Server 2008 or Windows Server 2008 R2 could not be located in this domain. To install a read-only domain controller, the domain must have a domain controller running Windows Server 2008 or Windows Server 2008 R2.

I hit next as RODC is not in the plans.

I got a popup stating:
A delegation for this DNS cannot be created because the authoritative parent zone cannot be found or it does not run Windows DNS server. If you are intergrating with an existing DNS infrustructure, you should manually create a delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain "rapa.local" Otherwise, no action is required.

This server will be the primary DC once I get it up and running. The old server will be a backup/second DC.

I HIT NEXT and WENT FORWARD SUCCESSFULLY.

I transferred all FSMO by following this link
http://support.microsoft.com/kb/324801

ALL COMPLETED SUCCESSFULLY.

I have not transferred my DHCP yet. I'm waiting until my practice can go down for a few minutes.

I'm trying to figure out how I can test my new domain controller and see if it's all working up to this point? I would not like to find out any issues once I transferred DHCP and fully commit this server. I'm also trying to put a plan together on how I'm going to remap all useres to new fileserver's ip address once I transfer all data to new Fileserve and how do I transfer over all the permissions that were assigned to old Fileserver share data directory?

How can I accomplish these task the most safe and effient way that will save me time?
Thanks,

nimdatx
0
Comment
Question by:nimdatx
  • 5
  • 5
  • 3
13 Comments
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 300 total points
Comment Utility
First you would run dcdiag after making server a DC to check for any issues.

You can then use Robocopy to move files with permissions to new server.

The best test is dcdiag to check for any errors. Once you have new DC with Global Catalog and FSMO roles.
0
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
ok. I downloaded the resource kit, how do I move my data from my Server 2003 DC1 to my server 2008 ESX host 1 with VM3 (fileserver)?

 Data on win2k3
0
 
LVL 47

Assisted Solution

by:dstewartjr
dstewartjr earned 200 total points
Comment Utility
You can use a Robocopy GUI to make it easier than trying to figure out the command line switches


http://www.mytechguide.org/2009/10/13/microsoft-robocopy-gui/
0
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
0
 
LVL 47

Assisted Solution

by:dstewartjr
dstewartjr earned 200 total points
Comment Utility
Robocopy most likely would be less complicated
0
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
Will robocopy transfer over all shared folder/file permissions? Once I move all my data to my new Fileserver (VM), can I just change the ip address on New fileserver to what I had assign to old fileserver, so all my users mapped drives will be saved?
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 47

Assisted Solution

by:dstewartjr
dstewartjr earned 200 total points
Comment Utility
Yes

"Microsoft Robocopy is an advanced copy tool with features like automatic resume of file transfer on error or during network disruption, recover from terminated file copying, selective copying based on new or updated criteria. Robocopy can also keep intact all the file properties including date and time, security access control lists (ACLs) and more while copying the file."
0
 
LVL 59

Expert Comment

by:Darius Ghassem
Comment Utility
You can change the IP address. Is this a Domain Controller as well?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 300 total points
Comment Utility
Since this is a domain controller you would have to run ipconfig /flushdns, ipconfig /registerdns, and dcdiag /fix after to change password of DC. If you are going to change name of DC there are extra steps

http://www.petri.co.il/rename-windows-server-2008-domain-controllers.htm
0
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
So changing the IP address on my new DC (win2k8) to be my old DC IP address (win2k3) will be ok?

I don't have to do anything else but just change the IP Address? Note: I will still have old DC in production as a backup.

I don't see why I need to change computer name.

dcdiag /fix after to change password of DC <---- I didnt understand why I would need to change password or if you meant IP Address?

Thanks,

nimdatx
0
 
LVL 59

Expert Comment

by:Darius Ghassem
Comment Utility
dcdiag /fix doesn't change password it updates all DNS records. Sorry this was a mistype

If you are running your shares by name then you would need to change the name.

If you have the old DC is production then make sure you have all DNS records removed off that DC and run the same commands after changing IP address.
0
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
Is this a typical solution or is there a better way to remap all users to the fileserver shares. I'm looking for a safe solution. What would you do?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
Comment Utility
Depends on programs that rely on the network drive. Usually I just remap the users to the new share drive with a login script.

If the name is required and IP address then I change the IP address and name of the server once data is moved over.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Join & Write a Comment

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
HOW TO: Connect to the VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere (HTML5 Web) Host Client 6.5, and perform a simple configuration task of adding a new VMFS 6 datastore.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows you how to use a vSphere client to connect to your ESX host as the root user. Demonstrates the basic connection of bypassing certification set up. Demonstrates how to access the traditional view to begin managing your virtual mac…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now