?
Solved

Upgrading to Active Directory 2008

Posted on 2011-11-01
13
Medium Priority
?
348 Views
Last Modified: 2012-06-21
Hi All,

I have a few questions regarding our move to Active directory 2008 from Active Directory 2003:

1. Can we introduce 2008 and 2008 R2 domain controllers into the domain and keep the functional level at 2003 until we're ready?
2. Is it ok to have a mix of 2003, 2008 and 2008R2 domain controllers? (we plan to move them all over eventually to at least 2008)
3. Are there any major 'gotchas' I should look out for in this upgrade?  The main servers that we have that rely on Active Directory are SQL 2005/2008 servers and Exchange 2003.

Thanks a lot!

Rob
0
Comment
Question by:robclarke41
  • 5
  • 4
  • 2
  • +2
13 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 288 total points
ID: 37063561
1.  Yes that is fine and the normal way it is done...staggered(not all at once)

2.  Yes ok to have a mix

3.  As long as your exchange 2003 servers have SP2 installed you should be fine there.  Good matrix of exchange here

http://technet.microsoft.com/en-us/library/ff728623.aspx

Thanks


Mike
0
 
LVL 6

Assisted Solution

by:jzaniewski
jzaniewski earned 860 total points
ID: 37063571
1. Yes, the functional level would be fine to leave at 2003 (although it will need to be 2003 R2)
2. I have run in this scenario without issue and it is fine to run this way until you're ready to upgrade the level.
3. SQL and Exchange versions that you are running should work fine. Remember, you're not changing the functional level so everything would be status quo.
0
 
LVL 6

Assisted Solution

by:AhmedHERMI
AhmedHERMI earned 568 total points
ID: 37063948
1- Yes it's working
2- yes it's working fine and without any problem
3- it's working too.

But before making the Upgrade i want to advise you to check this link, so help-full:
http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2008/04/08/upgrading-your-active-directory-to-windows-server-2008.aspx

Best Regards.
0
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

 
LVL 1

Author Comment

by:robclarke41
ID: 37066941
Thanks guys, that's all really useful and very reassuring!
Jzaniewski, what did you mean when you said that the functional level would be fine to leave at 2003 but would need to be 2003 R2? I didn't realise there was a 2003 R2 functional level?!!!
0
 
LVL 1

Author Comment

by:robclarke41
ID: 37068623
Also if I'm just adding a 2008 domain controller to a 2003 domain do I still need to run the forestprep and domainprep commands? or do I only do this when I'm ready to raise the functional level?
0
 
LVL 2

Assisted Solution

by:satishpeta
satishpeta earned 284 total points
ID: 37068847
It will not allow you to promote the dc as domain controller until you run forestprep and domainprep. Also, keep in mind that it has to be ran on schema role holder DC.

adprep32 for 32-bits and adprep.exe for 64-bit.

Complete info with pictures can be found here:
http://www.petri.co.il/prepare-for-server-2008-r2-domain-controller.htm
0
 
LVL 6

Assisted Solution

by:jzaniewski
jzaniewski earned 860 total points
ID: 37069933
Are you running Windows 2003 or Windows 2003 R2?
0
 
LVL 1

Author Comment

by:robclarke41
ID: 37069957
Our current domain controllers are just Windows 2003 - is this a problem for upgrading to 2008?
0
 
LVL 6

Assisted Solution

by:AhmedHERMI
AhmedHERMI earned 568 total points
ID: 37075055
You can simply reuse your existing Windows Server 2003  Domain Controllers as Windows Server 2008 Domain Controllers.
0
 
LVL 6

Assisted Solution

by:jzaniewski
jzaniewski earned 860 total points
ID: 37079551
You would need to make sure that if you're only on Windows 2003 Server, that you have all of your updates and service packs installed, including SP2.
Check out this page for steps on how to integrate and upgrade your DCs  http://technet.microsoft.com/en-us/library/cc731188(WS.10).aspx
0
 
LVL 1

Author Comment

by:robclarke41
ID: 37106135
Just one more question if I may!  Is it safe to run the forestprep and domainprep commands during working hours when the servers are in use or should this be run out of working hours because it causes disruption?
0
 
LVL 6

Expert Comment

by:jzaniewski
ID: 37108635
It's really going to depend on the size of the domain.  Performing either of these will lock the domain until the task is complete.  This means that no authentication can take place.  So if someone tries to logon while this task is taking place, they would end up using cached credentials and possibly not gain access to GPOs or redirected folders.

My recommendation is to perform these tasks during off hours.  If it's a small environment, the process shouldn't take more that 5 - 10 min each.
0
 
LVL 1

Author Comment

by:robclarke41
ID: 37108640
great, thanks for the tip!
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question