Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 432
  • Last Modified:

AD migration SBS2003 to Standard 2003

Hi All

I need to decomission a server that is not stable anymore, it is running sbs2003 and is our main server. i will be reloading another server with server standard 2003, and want to keep the domain in the network the same, but simply use the new server as a file and print server nothing else,

my question is basiclaly what are the risks of just getting the server to take over the ad services for the users to be able to log on and be able to work and print throughout the network, if email, dns, and dhcp all comes from the router which works fine. just to replace the main server with a normal file server and AD for security etc.

please advise how difficult this would be to achieve with minimal downtime ?

regards
0
safsystech
Asked:
safsystech
1 Solution
 
djsharmaTechnical ConsultantCommented:
Please ellorate more on
"i will be reloading another server with server standard 2003, and want to keep the domain in the network the same, but simply use the new server as a file and print server nothing else"
0
 
Krzysztof PytkoActive Directory EngineerCommented:
In SBS environment you cannot have DC with FSMO roles other than SBS, so you need to migrate AD to new 2003 and decommission SBS. Pleae migrate also other roles if you wish or leave them on SBS

However, is it possible to run 2008/2008R2 instead of 2003 ? It's much more better

Downtime should not be long if you prepare whole plan earlier

Regards,
Krzysztof
0
 
safsystechAuthor Commented:
ok .

1. i want to remove the sbs server completely, ie scrap it.
2. have freshly reloaded server 2003 standard simply take over the complete ad service currently running on the sbs2003 box.
3. i dont need any other services from the surrent server, (just need the users to be able to logon and use the new server as a file server.
4. the data that currently sits on the sbs box will be backed up and moved to the 2003 standard box as well.
5. have to use 2003 software that we already own, have no budget to purchase 2008.

the plan here is to completely take out the sbs box as we have moved our mail away from it, at the moment it just provides AV central console, data access. we have a firewall that has taken over the DHCP and DNS responsibilites. so all in all, this server needs to be out.

is this info better?

thanks.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Lee W, MVPTechnology and Business Process AdvisorCommented:
> my question is basiclaly what are the risks of just getting the server to take over the
> ad services for the users to be able to log on and be able to work and print throughout
> the network, if email, dns, and dhcp all comes from the router which works fine. just to
> replace the main server with a normal file server and AD for security etc.

So what you're saying is, whoever setup the SBS server failed to do it properly and as a result, it has problems so you want to get rid of it?

I say this because if your router is handling DNS and DHCP, then SBS wasn't setup properly because SBS WANTS to manage these and at least in the case of DNS, it MUST handle it.

Active Directory RELIES on DNS to locate resources (servers to authenticate and server resources).  If your router is providing DNS then it's providing the ISPs DNS and as a result, your workstations are asking your ISP where the server is and your ISP is saying "I don't know - I don't concern myself with things like that" resulting in slow logons and delays connecting to resources.

Put simply, if you want to retire SBS, do so, but you MUST run DNS on the server ONLY.  No secondary ISP DNS servers either.  The way Windows DNS works, that just creates intermittent problems.  And since you must run DNS from the server, it's kinda silly not to run DHCP as well - the interface is a lot easier to manage than that of your typical router.

Keep in mind, if you get rid of SBS, you'll have to get rid new Standard CALs for your clients since the SBS CALs are unique to an SBS server.
0
 
safsystechAuthor Commented:
hi , thank you very much,
what happened was , our mail was moved to a managed server outside of the office and all users connect ot mail via IMAP, so yes the pc's were not happy about this and what i did was ask the ISP to login to the router and have it take precedence over DHCP services, i then turned off DHCP on the  sbs server and disabled the service.

then we had another mail failure yesterday, and i restarted the sbs server and noticed that when i turn off the dns service on the sbs server, the mail started working? the mail is still running at the moment, printing still works, but i fear that this will re-occur . the snapin on the DNS of the sbs box is gone, i cannot add it via mmc, and under components it tells me that it is still installed. there are entries that needs to be told where to look for the new mail server, which i cannot do, and yes i understand that the DNS is important for looking up resources. and that the external DNS cannot be used to find internal resources.

i understand that when i kill the sbs box, i will need to have DNS elsewhere in the network, and i assume it will have to be on the standard 2003 box together with the AD when i migrate if im correct.?

yes i have cals for the standard as well.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
It sounds like things were misconfigured to begin with.  If you cannot access mail, then you need to start testing things - what happens when you ping the mail server?  What does it resolve to?  It sounds like you may well have had the domain DNS name the same as your public domain name - that would cause serious problems if not done and managed correctly.

Not saying you shouldn't get rid of SBS, but you need to know WHY you're getting rid of it... I mean what was wrong and where your issues are or else just removing the SBS may do absolutely nothing for you.
0
 
safsystechAuthor Commented:
that is exactly, sorry forgot to mention, currently our AD domain is the same name as the website/mail domain, IE .co.za at the end, and yes i know about that being a big problem, and yes that part was configured incorrectly from the start a couple of years ago. and i am thinking, that has to be changed when i do any type of migration ? or do you think , it might very well be best to setup a new domain and call it .local in stead of .co.za..... ? this would then cost a lot more re configs that would need to be done on the user pc's ie rejoining the new domain etc. i had some support in the past on how to work around this problem, but i am , myself not sure how to go about this.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now