Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1098
  • Last Modified:

SBS 2003 -> Server 2012 Two Way Trust

I am in the process of trying to create a two way trust between two domains in separate forests. server1 SBS2003 and Server2 2012 Std Edtn. I am doing this as I am trying to migrate to anew domain and eventually use ADMT to move all profiles and AD information to the new server.
I am running into issues:
cant-do-it.PNG

can anyone help me. I need the two way trust I assume as I am following the documentation here:

http://blog.thesysadmins.co.uk/admt-series-1-preparing-active-directory.html


Thanks
0
andrew sangster
Asked:
andrew sangster
  • 2
1 Solution
 
andrew sangsterAuthor Commented:
Can a 1 way trust be used?... if so what kind. or what options do I have thanks
0
 
andrew sangsterAuthor Commented:
No.  ADMT won't work.

 Join the new 2003 server as a DC in the SBS domain.
 Move all your data to it.
 Install DNS on it and allow replication to populate it.
 If your using DHCP, then install and configure it, but don't activate the scope.
 Make the new server a Global Catalog.
 After a night of replication turn off the SBS server and remove it from the network.
 Seize all 5 FSMO roles to the new server.
 Do a metadata cleanup of AD to remove the old SBS server.
 Clean up DNS.
 Delete the old SBS server from AD Sites and Services.



http://social.technet.microsoft.com/Forums/en-US/dbc4f9e1-f169-49c6-b5bb-6e4cef247d53/migrate-sbs-2003-to-windows-server-2012-standard?forum=smallbusinessserver
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
I disagree with those instructions.  If you follow them, you will have SBS specific group policies remaining and tons of Exchange data in AD that shouldn't be there.

To be clear - and confirm SBS does not support trusts - you cannot setup a trust between an SBS server and any other domain.

The procedure I would recommend:
0. Make a FULL BACKUP of the existing server.
1. Add the new server to the existing domain
2. Run DCDIAG /C /E /V on the existing SBS Server and clean up any unexplained errors.
3. Promote the new server to a DC (MAY have to manually run ADPREP, though in 2012, it should do it for you).
4. Make a global catalog (Wizard may give option).
5. Run DCDIAG again and confirm everything is working.  Especially confirm Sysvol replication. (Test authentication by turning off / unplugging network cable from SBS server)
6. Transfer data, files, etc.
7. Once everything is transferred, uninstall Exchange from the SBS server to remove the AD exchange data.
8. TRANSFER - DO NOT SEIZE - the FSMO roles from the SBS server to the new server.
9. Demote the SBS server using DCPROMO
10. Turn off the SBS server.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now