Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1058
  • Last Modified:

Migrate from Windows server 2000 standard to Windows server 2008 standard

Is there a way to Migrate from Windows server 2000 standard to Windows server 2008 standard?
0
Murrdog
Asked:
Murrdog
  • 10
  • 10
3 Solutions
 
Krzysztof PytkoActive Directory EngineerCommented:
Direct upgrade is not possible. Beside this, I would strongly suggest to do clean install of 2008 and migrate data/roles to the new one.

What roles do you have on you 2000 box?

Regards,
Krzysztof
0
 
MurrdogAuthor Commented:
All FSMO roles are currently on 2000 box. I have a new server that I will be installing server 2008 on.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
OK, then you can install additional DC on new server and then transfer all of your FSMO roles to the new box. After that modify a little bit DNS server, DHCP server and you can simply demote 2000 (if you wish).

The first necessary step is that you have to raise your Domain Functional Level to at least Windows 2000 mode (mixed mode is not supported in 2008 domain).

Then you need to prepare your schema for new versions by running from 2008 DVD adprep command.

If you have 2008 32 bit then use on

Schema Master -> adprep /forestprep /rodcprep
Infratsructure Master -> adprep /domainprep /gpprep

If you have 64 bit of 2008 Server or R2 then use on

Schema Master -> adprep32 /forestprep /rodcprep
Infratsructure Master -> adprep32 /domainprep /gpprep

To localize your FSMO roles (probably as you said, all of them are on that 2000 box) type on a DC in command-line

netdom query fsmo

and check which DC holds them.

This is very good article about adding new 2008 DC to existing domain
http://www.petri.co.il/windows-server-2008-adprep.htm

During domain controller promotion, set it as Global Catalog and DNS server.

After all, you can transfer FSMO roles from 2000 to 2008 using this MS article at
http://support.microsoft.com/kb/324801 (that's from 2003 but it's the same in 2008)

After all, migrate DHCP server (if exists) from 2000 to 2008
http://support.microsoft.com/kb/325473

Update DHCP server's option/scope's option (depends which you are using) 006 (remove 2000 DNS IP address and put there 2008)

Wait until AD replication occur, shut down you 2000 DC for few days and check if everything works fine. If so, demote 2000 DC by running on it dcpromo once again.

After that, open DNS management console on 2008 DC and change DNS zone(s) replication scope from "To all domain controllers in a domain" to "To all domain controllers with DNS role in a domain"

Krzysztof
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
MurrdogAuthor Commented:
iSiek,

thanks for the quick response. I am going to need a little bit of time to register all the information you included in your last post. Have you done this migration before using the steps you posted? If so, how did it go, please tell me about your experience. I will be performing this on the weekend and I would like to be as informed as possible. Thanks
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Hi Murrdog,

yes I did it before. I would try to prepare step-by-step guide for you for reference (if you wish), but I need few hours for that :]
This works smoothly and it's not very complicated. You shouldn't notice anything wrong and this is possible to do during business hours :) but of course it's better to do after business hours ;) Before you start do System State Backup of your existing 2000 DC

Krzysztof

0
 
MurrdogAuthor Commented:
iSiek,

Currently I have 35 desktops (most of them are XP Pro) and 35 users. And the one old 2000 server. All of the users connect to a remote hosted terminal server after they have logged on and that is where they access there outlook client for email. No email is stored on the local computers or the 2000 server.

old server: windows 2000 standard
new server: windows 2008 standard 32bit

I guess a honest and sincere question that comes to mind is, knowing I have 35 users and desktops is;

1) Would it be less time and a more stable results for me to build the new server with new a domain name, assign a new IP to the new server, copy the old server's shares to the new server; disconnect  and join all the computers to the new domain, copy over old local profile information like My docs, desktop, and favorites to new local profile that will be created when user logs on to new domain?


Thanks iSiek I truly thank you for your expertise in this area.


0
 
Krzysztof PytkoActive Directory EngineerCommented:
Murrdog,

in this case the best and the most simple way is to add additional DC into your existing domain environment and after all demote 2000 DC. As I understood, old 2000 is only DC, right?

And if you have Exchange it's less work with adding additional DC into existing domain instead of migrating it to the new domain (Exchange requires some steps and has requirements to allow migration).

Of course you can set up completely new forest, create forests trust and use ADMT to migrate your old domain into new one (with SID history for resources access). Then if your Exchange is 2003 with SP1 at least you can migrate it also. But this is a lot of work and it takes much time.

Krzysztof
0
 
MurrdogAuthor Commented:
thanks iSiek,

Right the old 2000 server is the only DC. I do not have to migrate exchange over it is managed by a different organization.

As you had wrote 'in this case the best and the most simple way is to add additional DC into your existing domain environment and after all demote 2000 DC". iSiek, Would you be so kind to prepare a detailed step by step document to go through this process.

thank you very much.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Yes, of course. I've almost finished that document. Now I'm at home and have no access to my test lab but tomorrow morning I will post redy PDF solution for you :)

Krzysztof
0
 
MurrdogAuthor Commented:
Thanks you are awesome!
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Come on, I'm ashamed ;)
For now, doc has over 55 pages :P but covers almost all aspects for your scenario :]

I'm glad I can help

Krzysztof
0
 
Krzysztof PytkoActive Directory EngineerCommented:
OK, the guide is done! :)
I hope it would be helpful for you :]

Please review it and tell me if there is something more to explain.

Wish you luck.

Krzysztof
First2008DCin2000Domain.pdf
0
 
MurrdogAuthor Commented:
Thank you very much! I will go through it and let you know if I have any questions.
0
 
MurrdogAuthor Commented:
Hi iSiek,

2000 server IP: 10.10.1.10
temp IP address for 2008 server: 10.10.1.12

what if I want to keep the same server name and IP address from the old server on the new server? Can this be done? What stage in the steps you provided would you recommend that I change the new servers name and IP address. I am just thinking it would prevent me from changing logon script server name info and from having to run around to users computers to edit old server name shortcuts some users have put  on their desktops.

thanks,

0
 
MurrdogAuthor Commented:
Hi iSiek,

what do you think of my last post? Can I preserve the old server name and IP and use it on the new server? If it is a painful process or it can't be done in the guide you provide pleaes let me know as soon as you can.

thanks again for all you help.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Hi Murrdog,

yes it's possible but requires few additional steps. Join your new DC with new name and after you demote your old box use NETDOM command to rename you DC. Follow with this article at
http://www.petri.co.il/rename-windows-server-2008-domain-controllers.htm

Before you start DC rename, do System State Backup (using WBAdmin; just in case, you know ;) )

Krzysztof
0
 
MurrdogAuthor Commented:
I've ran into a problem. When I run DCPROMO on my 2008 server and enter in the domain name and administrator credentials. I keep getting can't find "domain name does not exist" error message. Here is the message I get "Dns 2000 do not include delegation to its child zone". How do I fix this so I can keep moving forward? Thanks
 
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Hm, could you post here

ipconfig /all

from both servers, please?
Could you run also on your 2000 DC

dcdiag /v >c:\dcdiag.txt
repadmin /showreps >c:\repl.txt

and attach these files here, please?

Krzysztof
0
 
MurrdogAuthor Commented:
I figured out the DNS problem. Enabled Netbios over TCP/IP on the 2000 server in its TCP/IP nic card WINS properties and that fixed the problem.
Thank you so much for all your help. Your document was very useful.
Thanks
0
 
Krzysztof PytkoActive Directory EngineerCommented:
You're welcome :)

I'm glad that you fixed this problem and I could help somehow :)

Krzysztof
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 10
  • 10
Tackle projects and never again get stuck behind a technical roadblock.
Join Now