?
Solved

How can I establish a two way trust between a SBS 2008 domain and a Windows server 2003

Posted on 2011-09-27
16
Medium Priority
?
929 Views
Last Modified: 2012-05-14
Both devices are on the same subnet. The Windows Server 2003 domain is the old domain which has a 2000 level.
Basically I need to then transfer all accounts from the old domain to the new one and migrate the mailboxes from a 5.5 exchange tot he new 2007 exchange on the new SBS2008 domain.
0
Comment
Question by:echepett
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
  • +2
16 Comments
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 36711050
No you can't do DOMAIN TRSUT in SBS.

You need to do a proper migration but you need to check if you can migrate from Exchange 5.5 into Exchange 2007.

Search for migrating Windows 2003 domain into SBS2008 there will be loads of post returned.

If you are not familiar with migration best way is to look at Swing migration (http://www.sbsmigration.com) - with an affordable price they provide you with tools to migrate Windows domain.
0
 
LVL 17

Expert Comment

by:Tony Massa
ID: 36711282
http://support.microsoft.com/kb/555073

Method B - Upgrade the current domain:
Obtain "Windows Small Business Server 2003 Transition Pack" and follow "Windows Small Business Server 2003 Transition Pack" installation instructions:
http://www.microsoft.com/WindowsServer2003/sbs/techinfo/overview/licensingfaq.mspx
Note: To migrate from SBS 2003 to Windows 2003 R2 Domain, you may need to upgrade the schema to R2.
0
 
LVL 17

Expert Comment

by:Tony Massa
ID: 36711404
Link to Transition Pack for SBS 2003 can't be found readily:

Here is more information:
http://tec-articles.blogspot.com/2008/01/migrate-from-sbs-2003-to-2003-standard.html


It looks like you can buy the software from online stores like Amazon, but I am wondering if SBS 2003 is no longer supported.  You may want to try upgrading to SBS 2008 first, meaning you would have to buy a new server (SBS 2003 is 32-bit, and 2008 is x64 only):
http://technet.microsoft.com/en-us/library/sbs-2008-2003-migration(WS.10).aspx
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:echepett
ID: 36711574
Dear all the problem is that I need to move from NON SBS Windows 2000 domain to a SBS 2008. There are just a little amount of users, so I have the option to re create all user on a new domain, the only thing important is that I need to be able to move the mailboxes from the old domain to the new one.
0
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 1000 total points
ID: 36711634
I am not sure why the transition pack is being discussed, as it is inappropriate for two reasons:

1) the transition pack was not a migration tool. It was meant to remove licensing restrictions from SBS. It is unnecessary in a migration scenario, ESPECIALLY if migrating to another version of SBS.

2) the transition pack only worked on SBS 2003. Nowhere do I see SBS 2003 mentioned In the original question, and anecdotally would say it is not, since SBS 2003 did not come with Exchange 5.5

What you want to do is install SBS 2008 in migration mode into your 2003 domain. Stock standard stuff there. That will get AD and DNS taken care of. You will then want to manually migrate DHCP and any other roles you need (file and print services and hosted files and printers being the most common.) finally, you will need to use outlook to export your exchange 5.5 mailboxes and public folders, then use outlook to import them into exchange 2007. Exchange 5.5 is just that old.

Run the SBS BPA when you are done. Mop up any remain g issues, and decommission your old server gracefully (uninstall exchange then dcpromo to demote) and you should be good to go. Make REGULAR backups and do so OFTEN during the process so you can fall back to the last successful step easily and you'll have a mostly pain free migration. I've done many.

-Cliff
0
 

Author Comment

by:echepett
ID: 36711763
Cliff this sounds like a good option I am going to further research that scenario.
Thanks!
0
 

Author Comment

by:echepett
ID: 36711991
Cliff, apologies for my mistake but looks like exchange version Microsoft Exchange Server 2003 SP2. Also to further more add clarification the current enviroment is
All servers are running Windows Server 2003 with domain level 2000
The roles are divided as follows:
Server 1: Exchange, DHC
Server 2: DC
Server 3: DNS
For what I read your option still seems to be the correct way to go, but would really appreciate if you could confirm or ammend based on this information? Kind Regards
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 36712117
If you are on exchange 2003, you can use the SBS migration docs (even thought you are not yet on SBS) and move the mailboxes via SBS wizard. Easier than export/import. But otherwise, same as above.

-Cliff
0
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 36715437
How many users are you talking about? I recommend building a new domain from scratch if you have about 10 users. Migration takes a fair bit of time especially if you haven't done before - Microsoft recommend a 7 days process for migration but usually experienced technician can do in a weekend.

As Cliff said you can use Outlook to export/import mailboxes, or you can use Exmerge (only handles mailbox of size LESS than 2Gb) which is free. One reason not to migrate is that if you have a corrupted AD migration will bring that across too. So if you want to go down the migration route sort out all your issues within your domain first.

If you start a new domain, before you copy the data across you may need to grant Everyone Full access before moving them.

Hope this helps.

PS. Transition pack is no longer available.
0
 

Author Comment

by:echepett
ID: 36891701
Ok after running all updated and promotin DC 2003 with no errors, moving exchange from mixed to native, i run the Exchange best practice analyser for migration to Exchange 2007, nbut I get 1 error, which states" Active Directory domain Dc..blabla. Does not contain at least one domain controller running Windows Server 2003 SP 1 or later. This is required for the '/PrepareLegacyExchangePermissions' task when updating existing domains that have been previously prepared for exchange server.

All servers including the only DC are all running Windows Server 2003 R2 SP2  or Windows Server 2003 SP2

I am attaching the Best Practice analyser result.

Any clues or help would be really appreciated.
Thanks! ExBPA.SBS-2008-Migration.2011093.xml
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 36893438
0
 

Author Comment

by:echepett
ID: 36911801
We will be implementing this changes on Friday14th, please keep question open.
0
 
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 36929874
Raise your functional level to 2003 first then continue with the help you are getting, otherwise it wont work.
0
 

Author Comment

by:echepett
ID: 36945834
Postponed please do not close.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question