Solved

SBS 2003 -> Server 2012 Two Way Trust

Posted on 2014-09-05
3
944 Views
Last Modified: 2014-09-05
I am in the process of trying to create a two way trust between two domains in separate forests. server1 SBS2003 and Server2 2012 Std Edtn. I am doing this as I am trying to migrate to anew domain and eventually use ADMT to move all profiles and AD information to the new server.
I am running into issues:
cant-do-it.PNG

can anyone help me. I need the two way trust I assume as I am following the documentation here:

http://blog.thesysadmins.co.uk/admt-series-1-preparing-active-directory.html


Thanks
0
Comment
Question by:andrew sangster
  • 2
3 Comments
 

Author Comment

by:andrew sangster
ID: 40305747
Can a 1 way trust be used?... if so what kind. or what options do I have thanks
0
 

Accepted Solution

by:
andrew sangster earned 0 total points
ID: 40305790
No.  ADMT won't work.

 Join the new 2003 server as a DC in the SBS domain.
 Move all your data to it.
 Install DNS on it and allow replication to populate it.
 If your using DHCP, then install and configure it, but don't activate the scope.
 Make the new server a Global Catalog.
 After a night of replication turn off the SBS server and remove it from the network.
 Seize all 5 FSMO roles to the new server.
 Do a metadata cleanup of AD to remove the old SBS server.
 Clean up DNS.
 Delete the old SBS server from AD Sites and Services.



http://social.technet.microsoft.com/Forums/en-US/dbc4f9e1-f169-49c6-b5bb-6e4cef247d53/migrate-sbs-2003-to-windows-server-2012-standard?forum=smallbusinessserver
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 40306882
I disagree with those instructions.  If you follow them, you will have SBS specific group policies remaining and tons of Exchange data in AD that shouldn't be there.

To be clear - and confirm SBS does not support trusts - you cannot setup a trust between an SBS server and any other domain.

The procedure I would recommend:
0. Make a FULL BACKUP of the existing server.
1. Add the new server to the existing domain
2. Run DCDIAG /C /E /V on the existing SBS Server and clean up any unexplained errors.
3. Promote the new server to a DC (MAY have to manually run ADPREP, though in 2012, it should do it for you).
4. Make a global catalog (Wizard may give option).
5. Run DCDIAG again and confirm everything is working.  Especially confirm Sysvol replication. (Test authentication by turning off / unplugging network cable from SBS server)
6. Transfer data, files, etc.
7. Once everything is transferred, uninstall Exchange from the SBS server to remove the AD exchange data.
8. TRANSFER - DO NOT SEIZE - the FSMO roles from the SBS server to the new server.
9. Demote the SBS server using DCPROMO
10. Turn off the SBS server.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question