Solved

SBS 2003 -> Server 2012 Two Way Trust

Posted on 2014-09-05
3
956 Views
Last Modified: 2014-09-05
I am in the process of trying to create a two way trust between two domains in separate forests. server1 SBS2003 and Server2 2012 Std Edtn. I am doing this as I am trying to migrate to anew domain and eventually use ADMT to move all profiles and AD information to the new server.
I am running into issues:
cant-do-it.PNG

can anyone help me. I need the two way trust I assume as I am following the documentation here:

http://blog.thesysadmins.co.uk/admt-series-1-preparing-active-directory.html


Thanks
0
Comment
Question by:andrew sangster
  • 2
3 Comments
 

Author Comment

by:andrew sangster
ID: 40305747
Can a 1 way trust be used?... if so what kind. or what options do I have thanks
0
 

Accepted Solution

by:
andrew sangster earned 0 total points
ID: 40305790
No.  ADMT won't work.

 Join the new 2003 server as a DC in the SBS domain.
 Move all your data to it.
 Install DNS on it and allow replication to populate it.
 If your using DHCP, then install and configure it, but don't activate the scope.
 Make the new server a Global Catalog.
 After a night of replication turn off the SBS server and remove it from the network.
 Seize all 5 FSMO roles to the new server.
 Do a metadata cleanup of AD to remove the old SBS server.
 Clean up DNS.
 Delete the old SBS server from AD Sites and Services.



http://social.technet.microsoft.com/Forums/en-US/dbc4f9e1-f169-49c6-b5bb-6e4cef247d53/migrate-sbs-2003-to-windows-server-2012-standard?forum=smallbusinessserver
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 40306882
I disagree with those instructions.  If you follow them, you will have SBS specific group policies remaining and tons of Exchange data in AD that shouldn't be there.

To be clear - and confirm SBS does not support trusts - you cannot setup a trust between an SBS server and any other domain.

The procedure I would recommend:
0. Make a FULL BACKUP of the existing server.
1. Add the new server to the existing domain
2. Run DCDIAG /C /E /V on the existing SBS Server and clean up any unexplained errors.
3. Promote the new server to a DC (MAY have to manually run ADPREP, though in 2012, it should do it for you).
4. Make a global catalog (Wizard may give option).
5. Run DCDIAG again and confirm everything is working.  Especially confirm Sysvol replication. (Test authentication by turning off / unplugging network cable from SBS server)
6. Transfer data, files, etc.
7. Once everything is transferred, uninstall Exchange from the SBS server to remove the AD exchange data.
8. TRANSFER - DO NOT SEIZE - the FSMO roles from the SBS server to the new server.
9. Demote the SBS server using DCPROMO
10. Turn off the SBS server.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question