Improve company productivity with a Business Account.Sign Up

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 422
  • Last Modified:

How to migrate domain computers and users accounts

I plan to replace a Win2003 Std SBS R2 SP2 server-computer (old box).
The server is the sole domain controller in a network with 3 other Win 2003 member servers and 50+ XP Pro workstations.
The replacement server computer (new box) is spanking new.
I have dismissed the idea of simply restoring a backup image of the old box to the new box.
The old box is a few years and contains a fair amount of quirky stuffs. No sense in replicating the instability into a new box. The new box has now been clean installed with a fresh OS. No configuration has been done yet, except that the new box has the same domain\name as the old. Question;
1) Are there ways to safely replicate computer and user accounts from the old to the new box?
Exchange mail store need not be included. The new box can start of fresh with empty user mail-boxes.

I have briefly looked at MS ADMT tool. But found that it will migrate more than just computer and user accounts. Besides, I have no experience with using it.
I have also thought of trying a Win 2003 backup of the old box system settings and restore to the new box. But with different disk/folder structure of the new box, this could also spell trouble.

As you can see, I need the advice of Experts who may have done the above before.

1 Solution
Lee W, MVPTechnology and Business Process AdvisorCommented:
It's rare that an Active Directory is actually corrupt and shouldn't be upgraded/migrated.  I would suggest a swing migration (I've never liked using ADMT) because you're too big to start clean without causing yourself weeks, if not months of headaches migrating users.

I would suggest determining what is wrong with AD, fixing it, migrating to the new server.
I agree somewhat with Leew. At the 50 user/pc mark though, it may be a great time to analyze if AD and the overall structure could use a refresh. Did you inherit this organization from someone that knew what they were doing or is it hodge podged? There are a number of different methods you could use to migrate things over (permissions/security etc., but it will depend on what route you want to go)

You mention there are 3 other servers, what's running on these?
I personally would suggest using X Copy and migrating things over that way. You didn't state, but I can only assume that you are moving to a new server with 2003, but could be mistaken.

I really wouldn't recommend building a new '03 box simply because you will surely find yourself doing a similar move again in a year or two. (But that's completely up to you)

Anyways, I didn't want to pose too many questions, but I think there is a lot of info that we will need to better help you with this.
I agree with @leew, swing migration or SBS migration is the way to go.  At least run the IT Environment Health Wizard or SBS Best Practices Analyzer to make sure AD is clean, and do a migration.  Any replication based method will be easier b/c you won't have to rejoin all of the desktops to a new domain.
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

garychuAuthor Commented:
Thanks, experts for the speedy response.
1) I did not think that there is anything wrong with the AD in the existing server.
It's just that the existing server is not very stable. Could be the results of previous failed patches, updates, malwares etc. Time consuming to track down and fix periodical errors - also beyond my capabilities.

2) Two of the 3 other member servers run Win2003 Std SP2. Both are dedicated application servers. The remaining one runs Win2000 SP4 and is used as a terminal server for remote workers.

3) The new server box has been installed with Win2003 Std SBS R2 SP2. It is a clean, fresh installation.

It is quite a busy network. The key point is I do not relish the idea of rejoining some 50+ desktops (and 70+ users) to a new DC. Any means of migrating over computers/users accounts (and their related permissions etc) would be a big help.
Advantage I thought of using a new box offline is I could check for a successful migration, rolling back if necessary. Without disrupting the network. Just replace the old box with the new box when ready with minimal configuration. Am I being naive?

My knowledge of SBS swing migration is limited to a conceptual level only.
I have heard some horror stories. Some of which required Jeff Middleton's personal intervention to resolve!
Can you please help point me to some resources which cover actual implementation steps in detail?

Below is a link that shows more of a typical swing type scenario. They have packages that include suppport and offer a SBS 2003 to SBS2003 swing for what I feel is a pretty reasonable fee. You might look it over and see if you feel it would be beneficial. Conceptually swings aren't all that difficult, but there will likely be a couple items you may have trouble with performing your first one and I think that'd be well worth your money.

You can learn more about it at:

Please let me know if I can be of further help or also answer any other questions you might have.
garychuAuthor Commented:
Looks to be the way to go.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now