• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 338
  • Last Modified:

New Server and/or Migration etc


The place i work at has a very old NT4 server and i have been giving some funds to buy a new seerver which will be virtualized and have Server 2008 R2 installed.

The NT4 is a Domain Controller and all it does is handle authentication requests and roaming profiles for 50 staff for 2 x Terminal Servers. There is no Exchange, no Print Services etc, just a simple server asking to be sent to heaven.

There are several other servers on the same domain performing their own duties, none are DC related.

Question is, how would you tackle this upgrade?

1) Do i setup a new AD Server with a new Domain Name, recreate the 50 accounts and move the profiles over? I then re-establish all the workstations and servers onto the new AD Server?

2) Do i find a tool to migrate the 50 accounts? I wouldn't know if one exists for NT4 these days, it's just too old.

Also, no matter what happens i need to remove and then reconnect all workstations and servers to the new AD Server, most a XP (x86) machines with Office 2010 and their own .pst files so all will end up with a new profile and Outlook etc will need to be revconfigured all over again, a pain in the backside.

Are their any utilities out there that can take care of the profile change on the workstations, that is replicate existing profiles?

2 Solutions
Sushil SonawaneCommented:
You have to option in this scenario:

First one you already mention :

Setup a new AD Server with a new Domain Name, recreate the 50 accounts and move the profiles over. Then re-establish all the workstations and servers onto the new AD Server

Second option :

It is possible to migrate a Windows NT 4.0 domain to a Windows Server 2008-based Active Directory environment.
Of the three ways to migrate (transitioning, in-place upgrading and restructuring) you will need the in-place upgrade method and might want to look at transitioning.
 Basically what you need to do is in-place upgrade a Windows NT 4.0 PDC to Windows 2000 Server or Windows Server 2003 (advisable: install new a Windows NT4 server on common hardware as a BDC,  make it a PDC and perform the in-place upgrade on it), sort out your other Domain Controllers, Domain functional level and Forest functional level and from there transition or in-place upgrade further to Windows Server 2008.


To Upgrade a Windows NT 4.0-Based PDC to a Windows Server 2003-Based Domain Controller Please refer below link.

Lee W, MVPTechnology and Business Process AdvisorCommented:
Given the size of your network and the relatively low risk involved, I would do an upgrade as well.  My method would involve:

1. Install a VM with NT4 as a BDC (one of the trickiest things was finding a server with a NIC that was supported by NT4 - as I recall, the basic NIC in a VM is USUALLY supported - at least it was in Virtual Server and VMWare in earlier versions - you may have to try a couple of VM platforms to find one that works.  One of the reasons this is important is, if you don't recall, to install a BDC, you had to choose that during setup and it HAD to be able to communicate with the PDC to continue the installation.  If the NIC drivers aren't there, you're pretty much in trouble).

2. Once the NT4 BDC was in a VM, pull it onto a separate network and start doing this in a TEST environment - even I would do it in a test environment as it's been 10 years since I last did this!  Once you've gone through the process at least once (preferrably two or three times), repeat the procedure and do it on the production environment.

3. As stated, promote the NT4 BDC VM to your PDC and then do an inplace upgrade (I'll take sushil84's word you can do this with 2003 - the only ungrades I performed went to 2000.  

4. Once AD is installed, and working, get rid of the BDCs (really, just turn them off) and change the AD mode from Mixed to Native 200x.

5. Now, treat this as a migration from 200x to 2008R2.  Much easier and accounts preserved.

The problem with starting fresh is that you have 50 accounts.  And you use roaming profiles.  (You'll have some data migrations to do and repoint account properties).  Migrating those manually could well take days.  (I rebuilt a domain a few years back for 15 people... took a week of tweeking to get all those people working normally again... by that logic, it could take you (one person) three weeks... this upgrade should take a few days including the testing.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now