Solved

What should I do? Migrate from server 2003 or start fresh with server 2012?

Posted on 2013-11-16
18
643 Views
Last Modified: 2013-12-03
I'm uncertain which route I should take. I have a client who has a 2003 server DC with File server, Print Server, Remote access/VPN server, Domain controller, and DNS server roles installed. They just purchased a 2012 server. Which path should I take? Migration or just start fresh? I've read in some cases server 2003 doesn't play well server 2012. I want to do it right and not lose any data or settings.

Anybody done this before that could give me some insight?
0
Comment
Question by:GregDSelwah
  • 9
  • 6
  • 2
  • +1
18 Comments
 
LVL 6

Expert Comment

by:lasmith05
ID: 39654118
Well, do you have the option of starting from scratch? Are there not too many user accounts?
0
 

Author Comment

by:GregDSelwah
ID: 39654145
there are approx 20 user accounts. Some with varying degrees of permissions. I think starting from scratch is the way to go but how does one do that with limiting the down time of the transition? I could do it after hours.

If I do it from  scratch how will the existing  user accounts be affected? Will they lose settings? What would you do?
0
 
LVL 3

Expert Comment

by:haribabuonline
ID: 39654159
0
 
LVL 6

Expert Comment

by:lasmith05
ID: 39654213
You can also try exporting users and organizational unit from 2003 to new domain controller:

http://www.techforcast.com/2012/08/export-users-groups-and-ous-from-one-ad.html

This way you can setup the new 2012 server and just import the users.
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39654476
Just add 2012 server as member server in AD
Raise domain and forest functional level of domain to 2003
Upgrade AD schema to windows 2012
promote 2012 server as ADC with AD integrated DNS and GC
check if both servers are replicating properly
transfer FSMO roles from 2003 server to 2012 server
Point Windows 2003 server primary DNS to Windows 2012
Gracefully demote Windows 2003 server to member server
If you have DHCP server for client computers, then just chnage primary DNS server IP from 2003 server to 2012 server
OR
if you have static IP addresses for client computers, just enable zone transfer on primary DNS zone of windows 2012 DC for windows 2003 server.
On windows 2003 server create Secondary DNS zone pointing to windows 2012 server as master server.
Later on slowly you can change primary DNS ip on client machine to point to Windows 2012 server.
All other roles on Windows 2003 server will continue as it is.
You don't require downtime in this way and this is pretty very straight forward.......
0
 

Author Comment

by:GregDSelwah
ID: 39672004
I've added the 2003 server to the DNS of the 2012 server but the 2003 server does not want to see the 2012 server for some reason.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39672018
Sorry, I don't get your point ?

What steps you have taken so far please ?

Mahesh
0
 

Author Comment

by:GregDSelwah
ID: 39672069
0
 

Author Comment

by:GregDSelwah
ID: 39672072
but instead of adding to existing domain I setup "add new forest" as I want to start from scratch.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 35

Expert Comment

by:Mahesh
ID: 39672464
The step you followed mentioned in above article are correct

Your last comment:
"but instead of adding to existing domain I setup "add new forest" as I want to start from scratch. "

If you do select "add new forest", then it will create new active directory domain which is not required in your case.

Let me know what you are trying to do and exact problem you are facing now please ?

Mahesh
0
 

Author Comment

by:GregDSelwah
ID: 39673682
O.K. I've completed these steps.

http://blogs.technet.com/b/canitpro/archive/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-2003-network.aspx

But now when I go to change FSMO roles it says the current domain controller is the operations master. Now I'm stuck.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39673885
1st ensure your account is part of schema admins, domain admins group in active directory
Then try below
On 2003 DC, go to run and enter below command
regsvr32 schmmgmt.dll
This should register schema management snapins on 2003 server
then open mmc and add schema management in that
Check below link for step by step
http://catapctips.blogspot.in/2010/12/how-to-enable-active-directory-schema.html

Once you opened schema management, then in cosole, right click "Active Directory Schema" and Select "Change Active directory domain Controoller"
This will preset you the list of available domain controllers, here select 2012 domain controllers and click OK
Now again right click  "Active Directory Schema" and select "Operations manager"
There click on change, it will give you warning message, just accept warning message and now your role will be transffered to 2012 DC
Now open cmd on 2012 server and run below command
netdom query fsmo
it will show you the owners of each FSMO role
hope that helps

Mahesh
0
 

Author Comment

by:GregDSelwah
ID: 39675558
I should add that after I finished all those steps in my last comment, the 2012 server now shows the same domain name as the 2003 server in both operations Master prompts and cannot be changed. I had setup a .local extension instead of a .com that the 2003 server had. But now that .local is nowhere to be found. Is that normal?
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39675589
What is your 2003 server name (FQDN) - u will find in My computer properties
For ex. server1.domain.com

What is your 2012 server FQDN
For ex.server2.domain.com

Also let me know the command output from 2012 servers
netdom query fsmo

Mahesh
0
 

Author Comment

by:GregDSelwah
ID: 39676045
server 2003 FQDN: server2003.mydomain.com


server 2012  FQDN: SRV2012.mydomain.com


C:\Users\Administrator.mydomain>netdom query fsmo
Schema master                server2003.mydomain.com
Domain naming master   server2003.mydomain.com
PDC                                  server2003.mydomain.com
RID pool manager            server2003.mydomain.com
Infrastructure master      serv er2003.mydomain.com
The command completed successfully.
0
 

Author Comment

by:GregDSelwah
ID: 39676062
added note: when I do the netdom query command from cmd prompt in 2003 server it says it is not recognized as an internal command?
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39676723
Your 2012 server have been properly promoted as DC
let run below command on 2012 server with cmd
net share
Check if you are able to view sysvol and netlogon shares on 2012 DC
also run repadmin /showreps from same cmd to check if replication is happening

You have not installed 2003 SP2 support tools on windows 2003 server
That's why 2003 server is unable to recognize the command
You can download tools from below link and install it on 2003 server
http://www.microsoft.com/en-us/download/details.aspx?id=15326

I can see that you have not transffered FSMO roles to windows 2012 server yet.
Before demoting the 2003 server do not forget to transfer roles to windows 2012 server

Refer below article for transffering the same
http://www.petri.co.il/transferring_fsmo_roles.htm
http://community.spiceworks.com/how_to/show/2883-how-to-transfer-fsmo-roles-using-mmc-tools

Mahesh
0
 

Author Closing Comment

by:GregDSelwah
ID: 39694551
Thanks for your time and help. It truly is appreciated!
0

Featured Post

Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

Join & Write a Comment

Every now and then, Microsoft does something that totally impresses me. It doesn't happen often, but in this case I must say I am thoroughly impressed with Windows Server Backup. One of the long time issues with Windows Backup has been the ability t…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now