Solved

SBS 2003 -> Server 2012 Two Way Trust

Posted on 2014-09-05
3
903 Views
Last Modified: 2014-09-05
I am in the process of trying to create a two way trust between two domains in separate forests. server1 SBS2003 and Server2 2012 Std Edtn. I am doing this as I am trying to migrate to anew domain and eventually use ADMT to move all profiles and AD information to the new server.
I am running into issues:
cant-do-it.PNG

can anyone help me. I need the two way trust I assume as I am following the documentation here:

http://blog.thesysadmins.co.uk/admt-series-1-preparing-active-directory.html


Thanks
0
Comment
Question by:andrew sangster
  • 2
3 Comments
 

Author Comment

by:andrew sangster
Comment Utility
Can a 1 way trust be used?... if so what kind. or what options do I have thanks
0
 

Accepted Solution

by:
andrew sangster earned 0 total points
Comment Utility
No.  ADMT won't work.

 Join the new 2003 server as a DC in the SBS domain.
 Move all your data to it.
 Install DNS on it and allow replication to populate it.
 If your using DHCP, then install and configure it, but don't activate the scope.
 Make the new server a Global Catalog.
 After a night of replication turn off the SBS server and remove it from the network.
 Seize all 5 FSMO roles to the new server.
 Do a metadata cleanup of AD to remove the old SBS server.
 Clean up DNS.
 Delete the old SBS server from AD Sites and Services.



http://social.technet.microsoft.com/Forums/en-US/dbc4f9e1-f169-49c6-b5bb-6e4cef247d53/migrate-sbs-2003-to-windows-server-2012-standard?forum=smallbusinessserver
0
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
I disagree with those instructions.  If you follow them, you will have SBS specific group policies remaining and tons of Exchange data in AD that shouldn't be there.

To be clear - and confirm SBS does not support trusts - you cannot setup a trust between an SBS server and any other domain.

The procedure I would recommend:
0. Make a FULL BACKUP of the existing server.
1. Add the new server to the existing domain
2. Run DCDIAG /C /E /V on the existing SBS Server and clean up any unexplained errors.
3. Promote the new server to a DC (MAY have to manually run ADPREP, though in 2012, it should do it for you).
4. Make a global catalog (Wizard may give option).
5. Run DCDIAG again and confirm everything is working.  Especially confirm Sysvol replication. (Test authentication by turning off / unplugging network cable from SBS server)
6. Transfer data, files, etc.
7. Once everything is transferred, uninstall Exchange from the SBS server to remove the AD exchange data.
8. TRANSFER - DO NOT SEIZE - the FSMO roles from the SBS server to the new server.
9. Demote the SBS server using DCPROMO
10. Turn off the SBS server.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Windows 2012R server restarting mysteriously 9 56
lync 2013 7 30
What is this Task? 4 34
IT Contract Fee 17 38
Understanding the various editions available is vital when you decide to purchase Windows Server 2012. You need to have a basic understanding of the features and limitations in each edition in order to make a well-informed decision that best suits y…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now