• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 306
  • Last Modified:

Removing SBS 2003 sp2 from domain with multiple other domain controllers

Hi Guys,

I am in a bit of a dilemma.  I work for a IT outsourcing company and we support a client A (DomainA) that has 2003 AD functional  and domain level.  Client A has recently purchased a new business Client B (Domain B) That is running a SBS2003 environment with 4 other domain controllers within the same domain.

I was planning to consolidate the two domains by collapsing Domain B into the Domain A by using ADMT. I discovered that SBS 2003 or any version of SBS does not permit the creation of a trust between the two domains. I have done a bit of research and this brings me to basically 2 ways to do this.

1) Find the 2003 SBS Transistional Pack and upgrade teh SBS server to a standard server. Being 2014 i think it will be next to imposible to find this media anywhere.

2) Remove the SBS services all together - The Client B is not using any of the SBS services.  Email is offshore with office365 no sql or other applications running on it.  It is basically just a PDC for the DomainB.

I cant seem to find the SBS transitional pack anywhere with microsoft advising to contact local distributers and local distributers advising to contact microsoft. This leaves me to believe option 2 is the only option at this point in time.

Below is the steps i plan to do. Can you guys provide any insight into things a may have missed or if i need to re-organize the schedule.


1) Modify the Registry permissions to disable the SBCore Services on the SBS server
2) Confirm that DNS is installed on the remaining domain controllers and the intergrated DNZ zone has replicated to all dc's
3) Confirm all client devices are pointing to the new DNS servers
4) Make one of the other server that is a DC a Global catalog server
5) FSMO the roles over to this other domain controller (PDC, RID scheama master etc)
6) confirm the Sysvol and netlogon shares have replicated to the second domain controller and all the rest - force replication by doing a authorative / non-authorative restore  i.e.  http://support.microsoft.com/kb/315457
7) Move the site licensing server from the sbs server to the new domain controller
8) Reboot new domain controller that is now PDC and a Global catalog
9) Remove global catalog from sbs2003 server
10) Uninstall sbs components from legacy sbs2003 server
11) Demote legacy sbs server so it is purely a member server


Please let me know if there is anything i need to add to this task list or if i am missing anything critical
0
tetran_au
Asked:
tetran_au
1 Solution
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
1) Modify the Registry permissions to disable the SBCore Services on the SBS server
You cannot.  Doing so would violate licensing.  We cannot assist you in violating licensing and I would suggest that doing so on behalf of your client is a REALLY bad idea.
2) Confirm that DNS is installed on the remaining domain controllers and the intergrated DNZ zone has replicated to all dc's
Fine.
3) Confirm all client devices are pointing to the new DNS servers
Fine.
4) Make one of the other server that is a DC a Global catalog server
This should have been done long ago.  In my opinion each site should have two GCs.  So bottom line, this is fine.
5) FSMO the roles over to this other domain controller (PDC, RID scheama master etc)
Why would you do this BEFORE 6?  Where is your DCDIAG runs to confirm AD is healthy?  STRONGLY recommend you do that first.
6) confirm the Sysvol and netlogon shares have replicated to the second domain controller and all the rest - force replication by doing a authorative / non-authorative restore  i.e.  http://support.microsoft.com/kb/315457
Fine, but again, this should come after a DCDIAG /C /E /V and BEFORE the FSMO role transfer.
7) Move the site licensing server from the sbs server to the new domain controller
What site licensing server?  The SBS Licensing service?  Terminal Server Licensing?  Licensing, with a few exceptions, is a DOCUMENTATION thing, NOT a service when it comes to Microsoft.
8) Reboot new domain controller that is now PDC and a Global catalog
Why reboot?  You can... no problem doing it... but it's unnecessary.
9) Remove global catalog from sbs2003 server
You can't - this would violate licensing*
10) Uninstall sbs components from legacy sbs2003 server
You can't - this would violate licensing*
11) Demote legacy sbs server so it is purely a member server
You can't - this would violate licensing*
*You CAN if you COMPLETELY REMOVE the SBS server from the network.  If the SBS server is to be on the network, it MUST be the FSMO Master DC, *A* Global Catalog.  The SBS components, WHILE THEY CAN BE REMOVED, cannot be re-installed on another server unless you buy separate licenses for them.  (You cannot move the Exchange install from an SBS server to a non-SBS install without buying a new copy of Exchange.  (This is somewhat FYI as I know you're not using Exchange directly in house).
0
 
tetran_auAuthor Commented:
Thanks for your answer.  I have added the dcdiag checks and AD health checks in step 4 and moved the rest across.

The idea is to decomission the sbs component so we can establish a trust. Once the trust is in place all users and servers from the new domain (one that was recently purchased) will be transfered into the clients current domain.

Once this has been competed the legacy sbs environment will be decomissioned completely.  In terms of licensing our client has a enterprise agreement licensing with microsoft and we have confirmed that all the servers that will be transfered across will get a appropriate license through this agreement.

The issue we had is no one has the transitional pack as microsoft says 2003 is dead and all distributers say the same. So i wouldnt call it breaking the rules, more like bending them slightly to ensure that the domains can be combined
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now