Solved

What is the best way to re assign users file/folder permissions and mapped drives to new DC/fileserver?

Posted on 2011-02-15
13
638 Views
Last Modified: 2012-06-27
Hello,

Im working on a big project.

Current Environment
DC:
fileserver.rapa.local (Old backup DC - win2k3)
FILESERVER2.rapa.local (New DC - win2k8 R2 Enterprise)
Starvasc.rapa.local (Child domain of rapa.local - win2k3)

All Forest/domain functioning levels are 2003.

I'm currently moving into a Virtual Infrustructor which is setup like this:
ESX/i
VM#1 vCenter
VM#2 AD, DNS, DHCP (note: Dhcp is only for my headquarters)
VM#3 New Fileserver

I have other ESX/i servers and VMs, but i'll leave them out for this discussion.

I have successfully launch all ESX/i HOST servers and VMs. My goal is to have one of my VMs running win2k8 R2 Enterprise as a primary DC with secondary DC being my old win2k3 server. I also want to transfer all my data from Fileserver to new VM#3 Fileserver without  losing all permissions and connection to FS ip address.

What I did in the beginning of this project

I ran commands (adprep32 /forestprep,adprep32 /domainprep /gpprep and adprep /rodcprep)  on our old box (win2k3) to prepare old domain's schema for the new server's OS with new features physical servers.

ALL COMPLETED SUCCESSFULLY

I join my new VM server, which is going to be new DC to the domain and began the DCPROMO cmd.

I selected Existing Forest

Name of domain in the forest where you plan to install this domain - I seleted rapa.local

Specified the account credentials to use to perform the install -
My current logged on credentials

I got to the part where I select DNS and global catalog and hit next. What happen is that I got the next screen which provided addtional information stating:

There is currently 1 DNS server that is registered as an authoritative name server for this domain.

A domain controller running Windows Server 2008 or Windows Server 2008 R2 could not be located in this domain. To install a read-only domain controller, the domain must have a domain controller running Windows Server 2008 or Windows Server 2008 R2.

I hit next as RODC is not in the plans.

I got a popup stating:
A delegation for this DNS cannot be created because the authoritative parent zone cannot be found or it does not run Windows DNS server. If you are intergrating with an existing DNS infrustructure, you should manually create a delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain "rapa.local" Otherwise, no action is required.

This server will be the primary DC once I get it up and running. The old server will be a backup/second DC.

I HIT NEXT and WENT FORWARD SUCCESSFULLY.

I transferred all FSMO by following this link
http://support.microsoft.com/kb/324801

ALL COMPLETED SUCCESSFULLY.

I have not transferred my DHCP yet. I'm waiting until my practice can go down for a few minutes.

I'm trying to figure out how I can test my new domain controller and see if it's all working up to this point? I would not like to find out any issues once I transferred DHCP and fully commit this server. I'm also trying to put a plan together on how I'm going to remap all useres to new fileserver's ip address once I transfer all data to new Fileserve and how do I transfer over all the permissions that were assigned to old Fileserver share data directory?

How can I accomplish these task the most safe and effient way that will save me time?
Thanks,

nimdatx
0
Comment
Question by:nimdatx
  • 5
  • 5
  • 3
13 Comments
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 300 total points
ID: 34898822
First you would run dcdiag after making server a DC to check for any issues.

You can then use Robocopy to move files with permissions to new server.

The best test is dcdiag to check for any errors. Once you have new DC with Global Catalog and FSMO roles.
0
 
LVL 1

Author Comment

by:nimdatx
ID: 34899460
ok. I downloaded the resource kit, how do I move my data from my Server 2003 DC1 to my server 2008 ESX host 1 with VM3 (fileserver)?

 Data on win2k3
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 200 total points
ID: 34900927
You can use a Robocopy GUI to make it easier than trying to figure out the command line switches


http://www.mytechguide.org/2009/10/13/microsoft-robocopy-gui/
0
 
LVL 1

Author Comment

by:nimdatx
ID: 34900963
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 200 total points
ID: 34901018
Robocopy most likely would be less complicated
0
 
LVL 1

Author Comment

by:nimdatx
ID: 34901105
Will robocopy transfer over all shared folder/file permissions? Once I move all my data to my new Fileserver (VM), can I just change the ip address on New fileserver to what I had assign to old fileserver, so all my users mapped drives will be saved?
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 200 total points
ID: 34901460
Yes

"Microsoft Robocopy is an advanced copy tool with features like automatic resume of file transfer on error or during network disruption, recover from terminated file copying, selective copying based on new or updated criteria. Robocopy can also keep intact all the file properties including date and time, security access control lists (ACLs) and more while copying the file."
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34901946
You can change the IP address. Is this a Domain Controller as well?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 300 total points
ID: 34901965
Since this is a domain controller you would have to run ipconfig /flushdns, ipconfig /registerdns, and dcdiag /fix after to change password of DC. If you are going to change name of DC there are extra steps

http://www.petri.co.il/rename-windows-server-2008-domain-controllers.htm
0
 
LVL 1

Author Comment

by:nimdatx
ID: 34907067
So changing the IP address on my new DC (win2k8) to be my old DC IP address (win2k3) will be ok?

I don't have to do anything else but just change the IP Address? Note: I will still have old DC in production as a backup.

I don't see why I need to change computer name.

dcdiag /fix after to change password of DC <---- I didnt understand why I would need to change password or if you meant IP Address?

Thanks,

nimdatx
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34907877
dcdiag /fix doesn't change password it updates all DNS records. Sorry this was a mistype

If you are running your shares by name then you would need to change the name.

If you have the old DC is production then make sure you have all DNS records removed off that DC and run the same commands after changing IP address.
0
 
LVL 1

Author Comment

by:nimdatx
ID: 34908488
Is this a typical solution or is there a better way to remap all users to the fileserver shares. I'm looking for a safe solution. What would you do?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34908843
Depends on programs that rely on the network drive. Usually I just remap the users to the new share drive with a login script.

If the name is required and IP address then I change the IP address and name of the server once data is moved over.
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this article, I show you step by step with screenshots to assist you - HOW TO: Deploy and Install the VMware vCenter Server Appliance 6.5 (VCSA 6.5), with some helpful tips along the way.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now