Solved

How can I establish a two way trust between a SBS 2008 domain and a Windows server 2003

Posted on 2011-09-27
16
908 Views
Last Modified: 2012-05-14
Both devices are on the same subnet. The Windows Server 2003 domain is the old domain which has a 2000 level.
Basically I need to then transfer all accounts from the old domain to the new one and migrate the mailboxes from a 5.5 exchange tot he new 2007 exchange on the new SBS2008 domain.
0
Comment
Question by:echepett
  • 6
  • 3
  • 2
  • +2
16 Comments
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 36711050
No you can't do DOMAIN TRSUT in SBS.

You need to do a proper migration but you need to check if you can migrate from Exchange 5.5 into Exchange 2007.

Search for migrating Windows 2003 domain into SBS2008 there will be loads of post returned.

If you are not familiar with migration best way is to look at Swing migration (http://www.sbsmigration.com) - with an affordable price they provide you with tools to migrate Windows domain.
0
 
LVL 17

Expert Comment

by:Tony Massa
ID: 36711282
http://support.microsoft.com/kb/555073

Method B - Upgrade the current domain:
Obtain "Windows Small Business Server 2003 Transition Pack" and follow "Windows Small Business Server 2003 Transition Pack" installation instructions:
http://www.microsoft.com/WindowsServer2003/sbs/techinfo/overview/licensingfaq.mspx
Note: To migrate from SBS 2003 to Windows 2003 R2 Domain, you may need to upgrade the schema to R2.
0
 
LVL 17

Expert Comment

by:Tony Massa
ID: 36711404
Link to Transition Pack for SBS 2003 can't be found readily:

Here is more information:
http://tec-articles.blogspot.com/2008/01/migrate-from-sbs-2003-to-2003-standard.html


It looks like you can buy the software from online stores like Amazon, but I am wondering if SBS 2003 is no longer supported.  You may want to try upgrading to SBS 2008 first, meaning you would have to buy a new server (SBS 2003 is 32-bit, and 2008 is x64 only):
http://technet.microsoft.com/en-us/library/sbs-2008-2003-migration(WS.10).aspx
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:echepett
ID: 36711574
Dear all the problem is that I need to move from NON SBS Windows 2000 domain to a SBS 2008. There are just a little amount of users, so I have the option to re create all user on a new domain, the only thing important is that I need to be able to move the mailboxes from the old domain to the new one.
0
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 36711634
I am not sure why the transition pack is being discussed, as it is inappropriate for two reasons:

1) the transition pack was not a migration tool. It was meant to remove licensing restrictions from SBS. It is unnecessary in a migration scenario, ESPECIALLY if migrating to another version of SBS.

2) the transition pack only worked on SBS 2003. Nowhere do I see SBS 2003 mentioned In the original question, and anecdotally would say it is not, since SBS 2003 did not come with Exchange 5.5

What you want to do is install SBS 2008 in migration mode into your 2003 domain. Stock standard stuff there. That will get AD and DNS taken care of. You will then want to manually migrate DHCP and any other roles you need (file and print services and hosted files and printers being the most common.) finally, you will need to use outlook to export your exchange 5.5 mailboxes and public folders, then use outlook to import them into exchange 2007. Exchange 5.5 is just that old.

Run the SBS BPA when you are done. Mop up any remain g issues, and decommission your old server gracefully (uninstall exchange then dcpromo to demote) and you should be good to go. Make REGULAR backups and do so OFTEN during the process so you can fall back to the last successful step easily and you'll have a mostly pain free migration. I've done many.

-Cliff
0
 

Author Comment

by:echepett
ID: 36711763
Cliff this sounds like a good option I am going to further research that scenario.
Thanks!
0
 

Author Comment

by:echepett
ID: 36711991
Cliff, apologies for my mistake but looks like exchange version Microsoft Exchange Server 2003 SP2. Also to further more add clarification the current enviroment is
All servers are running Windows Server 2003 with domain level 2000
The roles are divided as follows:
Server 1: Exchange, DHC
Server 2: DC
Server 3: DNS
For what I read your option still seems to be the correct way to go, but would really appreciate if you could confirm or ammend based on this information? Kind Regards
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 36712117
If you are on exchange 2003, you can use the SBS migration docs (even thought you are not yet on SBS) and move the mailboxes via SBS wizard. Easier than export/import. But otherwise, same as above.

-Cliff
0
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 36715437
How many users are you talking about? I recommend building a new domain from scratch if you have about 10 users. Migration takes a fair bit of time especially if you haven't done before - Microsoft recommend a 7 days process for migration but usually experienced technician can do in a weekend.

As Cliff said you can use Outlook to export/import mailboxes, or you can use Exmerge (only handles mailbox of size LESS than 2Gb) which is free. One reason not to migrate is that if you have a corrupted AD migration will bring that across too. So if you want to go down the migration route sort out all your issues within your domain first.

If you start a new domain, before you copy the data across you may need to grant Everyone Full access before moving them.

Hope this helps.

PS. Transition pack is no longer available.
0
 

Author Comment

by:echepett
ID: 36891701
Ok after running all updated and promotin DC 2003 with no errors, moving exchange from mixed to native, i run the Exchange best practice analyser for migration to Exchange 2007, nbut I get 1 error, which states" Active Directory domain Dc..blabla. Does not contain at least one domain controller running Windows Server 2003 SP 1 or later. This is required for the '/PrepareLegacyExchangePermissions' task when updating existing domains that have been previously prepared for exchange server.

All servers including the only DC are all running Windows Server 2003 R2 SP2  or Windows Server 2003 SP2

I am attaching the Best Practice analyser result.

Any clues or help would be really appreciated.
Thanks! ExBPA.SBS-2008-Migration.2011093.xml
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 36893438
0
 

Author Comment

by:echepett
ID: 36911801
We will be implementing this changes on Friday14th, please keep question open.
0
 
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 36929874
Raise your functional level to 2003 first then continue with the help you are getting, otherwise it wont work.
0
 

Author Comment

by:echepett
ID: 36945834
Postponed please do not close.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question