Solved

Microsoft SBS 2003 to Full Server 2008 Standard R2 Domain Migration

Posted on 2014-02-19
4
771 Views
Last Modified: 2014-02-20
Hello...A small client of about 20 users will be moving off their legacy Windows Server 2003 Small Business model to a full Windows Server 2008 R2 model. They've already moved off Exchange 2003 to Office 365, so SBS 2003 Exchange is not a concern. Only the user accounts, PCs, printers, file shares and network-related service account/applications are affected.

I want my new domain to be completely clean and I'm a little concerned about the legacy SBS 2003 domain - it may have experienced some corruption in the past that could cause a garbage-in, garbage-out situation if I was to migrate the resources from the old to the new domain. I'm considering doing the following:

1. Build a new Windows Server 2008 R2 domain.

2. Create new accounts with exact same username and password.

3. Gradually move PCs, printers, file shares and so on to new domain.

4. Once all resources are migrated, wipe SBS 2003 server and rebuild SBS 2003 server as Server 2008 R2 DC on new domain.

My main concern during the migration is that users - whether on the existing SBS domain or the new domain - can seamlessly access resources on the peer domain. So for example, when I remove a PC from the SBS domain and add to the new domain, the user will need access to file shares on the legacy SBS server. Conversely, if I move printers to the new domain, the users still on the legacy SBS domain will need printing capability from the newly hosted printer on the Server 2008 R2 box.

I'm hopeful that setting up the new domain with the same usernames and passwords will accomplish this.

Am I correct?

Is there a better way to do this?

Thank you.
0
Comment
Question by:FSHS
  • 2
4 Comments
 
LVL 12

Accepted Solution

by:
ktaczala earned 275 total points
ID: 39871695
New users on a new domain will have different SID's.  They will not have access to the old shares using the new accounts.

Are you planning to move all shares to the new server?  
Since it's only 20 users I would just do it manually, make notes of shares & permissions move data add appropriate permissions
0
 
LVL 12

Expert Comment

by:ktaczala
ID: 39871701
Since it's a small business 2003 domain, you can't even setup a trust.
0
 
LVL 22

Assisted Solution

by:Olaf De Ceuster
Olaf De Ceuster earned 25 total points
ID: 39872102
You'll need to export the profiles and re-import again. (Or use 3rd party software to move domain profiles)
Consider Server 2012 R2  Essentials. You get 25 licenses and Remote Access. And fantastic 365 integration.
Hope that helps,
Olaf
0
 

Author Comment

by:FSHS
ID: 39874003
I found a few more details as to why accessing resources in different domains even with the same usernames and passwords won't work, in case this is helpful to any reader.

in a domain, your user name and password aren't compared against a securable object's access control list when you try to access the securable object. Your access token gets compared. Your access token is generated at domain logon and is composed of lots of pieces of information beyond just your username and password--primarily, it includes your account's SID, which will obviously be different in each domain. Since the access control list of the directory or share you're trying to access in Domain A while you're logged into Domain B doesn't actually contain your username and password, but rather your Domain B account's SID, the access token you present to the Domain A server when you try to access the directory or share doesn't match any access control entries and you get access denied
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Event ID: 1008 / Source: Microsoft-Windows-Perflib 2 122
SBS Server and Office 365 5 42
SBS 2011 6 42
Sharepoint 2010 Audit Logs 11 76
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now