Advice on Migrating from Windows 2003 to Window 2008 Domain

abraham808
abraham808 used Ask the Experts™
on
We have an 2003 Active Directory Forest with a
Parent Domain called USA.com
Child Domain NY.USA.com

We want to create a new 2008 Domain but change the Domain name to
Parent Domain USA.corp
Child Domain NY.USA.corp

We then want to migrate the user/computer accounts via ADMT.
That's the plan.


I get the feelign when I setup a trust between the 2 domains I will have an issue with NETBIOS.

Parent Netbios for both domains will be USA
Child Netbios for both domain with be NY

1) So Will i have any issues with the NetBios?
2) Is it easier to migrate to 2008 (inplace) then rename the domain later?  (we have Exchange 2003 sp2)


thanks,

Alvin
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Senior Active Directory Engineer
Top Expert 2012
Commented:
If there is no mess in AD I would suggest to rename forest and child domain using rendom and after all introduce 2008R2 Domain Controller in environemnt. At the end, you can decommission 2003 DCs.

How to rename forest and child domain
http://technet.microsoft.com/pl-pl/windowsserver/bb405948.aspx

and after that, you may follow articles on my blog for adding the first 2008R2 DC
http://kpytko.wordpress.com/2011/08/25/adding-first-windows-server-2008-r2-domain-controller-within-windows-2003-network/

and how to add another 2008R2 DC
http://kpytko.wordpress.com/2011/09/05/adding-additional-domain-controller/

how to transfer FSMO roles
http://kpytko.wordpress.com/2011/08/26/transferring-fsmo-roles-from-gui/
http://kpytko.wordpress.com/2011/08/26/transferring-fsmo-roles-from-command-line/

and after all, if everything is working fine, decommission the old DCs
http://kpytko.wordpress.com/2011/08/29/decommissioning-the-old-domain-controller/

Regards,
Krzysztof
What i didn't want to rename.

Will I have an issue with NETBIOS?
Krzysztof PytkoSenior Active Directory Engineer
Top Expert 2012

Commented:
OK, then you will face an issue because of NetBIOS name conflict and you won't be able to create forest trust between these 2 forests :/

However, there is a way to do that :) You need to create 2 additional forests. 1  temporary and one target. Temporary let's say: tempdom.local with NetBIOS TEMP and migrate everything from the old one to the temp. Remove forest trust between old and temp, shut down DCs for the old forest. Then establish forest trust between temp and taget and migrate everything to the final state. After all clean TEMP by decommissioning it and removing trust.

That's all in short if you don't want to rename it :)

Krzysztof
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Ok what if I wanted to Create a clean 2008 Domain.  Can i migrate users from the 2003 to 2008?  Do you know of a Step by Step?

Also what is better?  2008 or 2008R2
I promise to give you points and thanks for being patient and helpful
Krzysztof PytkoSenior Active Directory Engineer
Top Expert 2012

Commented:
Hi, I'm sorry for delayed answer, I was on vacations :)

Yes, this is really good idea to set up completely new forest and migrate objects from the old one. For that I would suggest using Windows Server 2008R2 as it has much more features and it is really good (remember that R2 is only 64 bit architecture OS! and your hardware must be capable of supporting it)

I have no complete solution for that, however I would try to describe it step-by-step with appropriate articles:

1) Configure new forest root domain to be ready for objects migration.
http://kpytko.wordpress.com/2011/09/02/configuring-a-forest-root-domain-on-windows-server-2008-r2/

2) When you have new forest structure then you can start migrating objects from the old domain to the new one. For that you can use free ADMT v3.1 from Microsoft or paid solution from Quest (it also migrates Exchange mailboxes!)

ADMT 3.1 can be downloaded from
http://www.microsoft.com/en-us/download/details.aspx?id=17918

and document describing whole migration process. Read it first, before you will start migration
http://www.microsoft.com/en-us/download/details.aspx?id=19188

3) Configure routing between these 2 locations to be able that you can ping all Domain Controllers using their IP addresses

4) Open necessary ports on router/firewall to allow forest trust setup
http://support.microsoft.com/kb/179442

5) Configure DNS Conditional forwarders for these 2 domains to be able to create forest trust
for 2003 DCs: http://support.microsoft.com/kb/304491
for 2008 DC: http://technet.microsoft.com/pl-pl/library/cc794735%28v=ws.10%29

6) Configure two way transitive trust between the old and new forests
http://technet.microsoft.com/en-us/library/cc816590.aspx

7) Install ADMT agents within both forests and follow Microsoft ADMT guide

8) At the end, promote additional DC for new domain for redundancy
http://kpytko.wordpress.com/2011/09/05/adding-additional-domain-controller/

everything should be fine

Krzysztof

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial