We help IT Professionals succeed at work.

Migration from SBS to Essentials

LockDown32
LockDown32 asked
on
76 Views
Last Modified: 2015-09-08
I went the SBS Migration route from a SBS 2003 to SBS 2011 server and when it was all said an done I really questioned the approach. It was only a 20-user network and I think it would have been easier and less time consuming to not migrate. To simple start with a fresh server and manually recreate the users and shares then on a slow weekend copy the data from one server to the other and rejoin the workstations to the new server.

Any thoughts on this? I have a couple more to do this year. Both about a 10-user network. A SBS 2008 and a SBS 2003. Is "migration" really the best way to go or is it easier to start fresh and manually transfer things over?
Comment
Watch Question

CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
it_saigeDeveloper
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT

Commented:
@-saige-

(just having SBS version x is not the ideal configuration)

Why that comment?  In any case it is your opinion.  Adding IMO might have made it less offensive to the OP and others who chose to use SBS.
CERTIFIED EXPERT
Distinguished Expert 2018
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
it_saigeDeveloper
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
@Larry - I was not meaning to be offensive, I was meaning to imply that just walking into a client and seeing that they have SBS is enough to just write that client off as having been configured properly.

I have used and recommended SBS for many clients.  I have even completed migrations from one SBS version to another (or to a standard domain when the client outgrew SBS).

-saige-
CERTIFIED EXPERT

Commented:
@lockdown32

I was not able to edit in time to add that a greenfield with robocopy and .pst files the new server can be "almost" 100% ready on game day.  Data in place, wizards run, shares created, users and permissions done.  All that would be left on game day is to join the stations to the new domain (including moving the profiles) and change the forwards on the firewall/router.  Well, almost.
LockDown32Owner
Top Expert 2016

Author

Commented:
The mail issue will be handled long before the migration takes place. In looking through the responses it appears as though the 10-users wasn't taken much in to consideration.

You really don't need to invest in profile migration software and their profiles are really gone. If you keep the usernames the same it might take 20 minutes per computer to join the new domain and straight copy their old profile to their new profile and things will be right back to where they were. The profiles are a PITA but pretty easy to do.

ACLs shouldn't be that hard to reconfigure either. A 10-20 user network really shouldn't have that many shares or ACLS. Now days most people are going Office 365 which makes the mail a cake walk too.

I laughed at the remarks about SBS. The sweetest migration in the world is non-SBS :) You pay more for the full blown Server Standard up front but when it comes time to upgrade it couldn't be much sweeter and easier :) Well worth the price of the full blown server :)

So what do people use to "migrate" to Essentials? Does Microsoft offer anything?
KimputerIT Manager
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
LockDown32Owner
Top Expert 2016

Author

Commented:
That's kind of where I was at. If you start from scratch you don't "bastardize" you server with any issues that existed in the previous server. You start with a clean slate. Imaging upgrading from 95 to 98 then 98 to Millennium  then Millennium to XP etc., etc. Nothing runs better then a fresh clean install. I can see migrating if you had 50 or 100 computers but 10 to 20? I guess, like anything else, there are pros and cons. The migration not working doesn't surprise me. Too many things that could possible go wrong.
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
" Imaging upgrading from 95 to 98 then 98 to Millennium  then Millennium to XP"

That's an apples-to-oranges comparison, just to be fair.  In-place upgrades are ugly. Always have been. You are getting every dll, every registry entry, every nuanced bit of OS with each upgrade.  A migration is *none* of that.

When you migrate, you are manually copying files. So the files themselves are new. The filesystem is new. The OS is new. The ACLs are copies, but are recorded in the new filesystem's new journal. Active Directory is replicated. But LDAP is a long-standing database type that is well understood (unlike the registry) and changes are not done willy-nilly to AD (unlike the registry) and it has a well defined schema that blocks illegal changes (unlike the registry) so it isn't like OS-level problems follow an active directory migration. Think of any large corporation that has been running AD since 2000. They've gone from 2000 to 2003 to 2008 to 2008 R2 to 2012 to 2012 R2 and, because of their size, have pulled along their entire AD with them. AD is just not prone to "rot" the way people think of an OS, any more than a well defined Excel spreadsheet is prone to rot. Do you recreate your excel spreadsheets with each new OS change? OF course not. You copy the file. Because the file format is known. It doesn't change. It doesn't rot. And the data is intact. *THAT'S* AD. ...And honestly, the only thing "migrated" in an SBS-to-Essentials migration is AD. Everything else either stays the same (the clients, which don't get changed) or are copied (files, such as Robocopy.)  But preserving AD *does* preserve SIDs, which eliminates all of the downsides of a clean install. New profiles (because the SID changed.)  Resetting file permissions (because the old permissions were based on SIDs that don't exist.)  Etc.  It seems trivial, but preserving AD is the only reason to migrate, but that is a *HUGE* reason.

From small to large, from incremental to skipping several versions, I've done so many migrations I've lost count. And been called in on dozens of projects where "things went wrong." Including clean builds where the consequences were unknown or not well understood. I can vehemently say migrate...every time. But you do have to know and understand Active Directory. Like any project and skill, you have to know what you are doing. On the job learning is never good. Chances are you didn't jump on the interstate five seconds after you first got behind the wheel of a car. You probably drove in circles in an empty parking lot.  Bad migrations are rarely (dare I say, ever) from the migration process. But from lack of planning and inexperience while rushing ahead. That doesn't invalidate the process. Nor does it mean giving up a car and using a horse and carriage as a regular way to commute from the suburbs to downtown Chicago is a good idea because cars are too dangerous/complicated.
it_saigeDeveloper
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
I couldn't agree with Cliff more.  This is the reason why I stressed familiarity with your clients domain servers and members.

It wasn't as much about whether they had SBS or not and it wasn't a bash on SBS (as it might have been taken).  It was really just saying if your clients domain is healthy and their systems are compatible with the changes that are going to be made (in this case adding a Server 2012 R2 server with Essentials), then you would be less likely to encounter any issues; you would have an *ideal* configuration.

-saige-
LockDown32Owner
Top Expert 2016

Author

Commented:
Your comparing AD to Registry is an Apples to Oranges comparison too. You are also missing the part about 10 to 20 users. Yes enterprises have gone from 2003 to 2008 to 2012 (which is only 3 upgrades) but they are the ones who can also afford to pay Microsoft $200 to $300 an hour to fix problems and afford to have someone from Microsoft on staff during the migration. Then look what you get now... all the Exchange and SQL AD entries are moot but carried over anyway and that is just one example. Garbage collection. That was my point in upgrading 95 to 98 to Millennium not it actually being an in place upgrade. The fact that every time you upgrade (even AD) that things just keep getting a little more off each time until the inevitable.....
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
That demonstrates a fundamental misunderstanding of Active Directory. You can choose to learn, or choose your own path. I have no skin in the game.
LockDown32Owner
Top Expert 2016

Author

Commented:
English translation please? Are you disagreeing with something in the above?
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
I didn't compare AD to the registry. I went to great lengths to show that they *can't* be compared because they are distinctly differentiated. And you said my comparison was apples to oranges (exactly my point!)  And then proceeded to (without naming the registry by name) talk about cruft and garbage collection and "the inevitable."

Basically? I disagree with your entire last reply. Most organizations do *not* pay Microsoft for a simple Active Directory migration, nor have MS staff "on hand."  AD does not collect cruft because things rarely make schema level changes to AD, and object-level changes are discreet, trackable, removable.

And implying some "inevitable" failure will occur after a few AD migrations shows, as I just said, a *FUNDAMENTAL* misunderstanding of AD.

But hey, you don't want to migrate and you want someone to post an opinion here that you can show your boss so you feel justified with your shortcuts.  That won't be me, but as I also said, I really don't care. It's your network tear apart, your users (or client) to frustrate, and your time to spend as you see fit. I really don't feel compelled to argue with someone who already made up their mind and came here seeking validation instead of an honest question and conversation.  Good luck to you.
LockDown32Owner
Top Expert 2016

Author

Commented:
Yee haw! A due with an attitude! If you read the original question (which you obviously didn't)  I started out by saying that I had done SBS 2003 to SBS 2011 migrations and simply asked is there wasn't a less time consuming method due to the fact that there were only 10 users on these networks. So let's start there. Would you like to answer the question because your rant on AD didn't really touch the question. It was a pretty simple question. I am not trying to cut corners. I am trying to find a simpler way of doing things. Are you opposed to trying new methods and saving some time?

   You are right AD and the Registry can't be compared but I have read that block several times and still can't get what you were tying to say. Are you actually saying the AD can't get corrupt and collect garbage? Really? Microsoft finally came out with something indestructible? Wow! Cool! Exactly why are you dragging the registry in to this?

Anyway... without going any further in to the tiff would you like to respond to the original question?
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
My first response covered your original question. What saves *you* time costs end-users time and the end result is always a net loss for the company, and in many cases ends up not saving the sysadmin time as they deal with "mop up" support incidents such as mismatching permissions.

That was pretty cut and dry answer, that you apparently didn't read or like, to the original question I supposedly didn't read.  Why should I keep arguing about it if you won't listen?
LockDown32Owner
Top Expert 2016

Author

Commented:
I am not the one that isn't listening. I immediately pointed out that profiles are not lost and you don't need profile migration software to recover them. I don't know about other networks but the workstations I deal with very seldom, if ever, have more than one profile. You made it sound like anything you might think of gaining by doing a greenfield installation will be lost and then some by the profile issue. I simply don't think that is the case.

   It was a cut and dry answer and if you read my response you would realize I did read yours. I am just not in 100% agreement with it just from the profile standpoint. Yours is not the only opinion and just because someone doesn't agree with your opinion doesn't mean they aren't listening.
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
You are entitled to your own opinions, but not your own facts.  Profiles are tattooed with SIDs in various places. Some are file-based (not just the ACLs but in the files themselves), for example. Office 365 ProPlus settings are secured internally via SID.  Then there are the registry hives which are part of the profile and, if loaded in regedit, you'd see are also tattooed with SIDs.  You can *copy* those files all you want, but the new account will have a new SID so a new set of registry entries will be created and any app settings that relied on the old SID are just...gone.  Microsoft created USMT with templates to accommodate that scenario for their OS and some of their applications. Laplink has created an entire business on supporting 3rd-party apps to do that.

But hey, I guess copying profiles is error-proof, SIDs don't matter, so Microsoft created USMT for no reason and people buy Laplink because they are idiots and like to waste money.  I've only sat with Microsoft engineers and discussed this, have the reputation and industry accolades to back that up, and am willing to put my reputation on the line. What could *I* possibly know that you don't, since you clearly know so much you don't even really need to ask the question in the first place.  Now don't I feel foolish.
LockDown32Owner
Top Expert 2016

Author

Commented:
Wow Cliff you are a God! How dare I question you! Goodness my bad! So you have explained everything that everyone already knew about profiles. Let's just trip the light extraordinary and say we copied a profile. There goes 15 minutes. Just how long do you think it will take to "mop up" any changes that are SID related? 15 more minutes? So... there is a half an hour. Multiply that by 10 users and there is a whapping 5 hours. Whoo hoo!

   Do you over-complicate your networks to the point you are the only one that can work on them? Do you go out of your way to make sure things are so embedded they can't be changed? Look at Kimputer's comment above. Took a whole day! A 10 user network just isn't that complicated and if it is then it wasn't set up right in the first place.

   I'm glad you have credentials. I'm glad you sat down and worked through it with Microsoft Engineers. Kudos to you! You're making a mountain out of a mole hill. You are turning a 10$, 10-minute job in to a $100,000 two year project. It's 10 users!
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
If *MIGRATING* SBS to Essentials (not a greenfield) for 10 users takes $100,000 and two years then you are overcharging, inept, or both.  I'm done. You clearly have no interest in real answers nor in even being realistic about expectations. Screw over your users/clients. I personally don't care.
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
And if you want a realistic timeline, here is my *MIGRATION* timeline for the last dozen or so I've done.

Install OS.  Fire up coffee pot.
Join domain.  Drink coffee
Promote to DC. Finish first cup of coffee.
Uninstall Exchange. Pour second cup of coffee.
Demote SBS server.  Start drinking second cup of coffee.
Update DNS to point to point to new server.  Take one *sip* of coffee.
Unplug old server....while reading facebook.

I think I just beat your five hours of touching every machine (which was a grossly underestimated timeline anyways) by about 4.5 hours.  Just sayin.
LockDown32Owner
Top Expert 2016

Author

Commented:
The five hours was your mess. You know... all those SSID changes and copying problems. Total time consumer. As far as you are concerned it can't be done. Just sayin.

   Your the one turning a $10, 10 minute job in to a fiasco. I'm glad your done. I love real answers. Too bad you didn't offer one. I don't think I have ever seen someone so full of themselves. Your way or no way huh? OK. I'll take the no way. I suppose I better close this question before you stroke out. I'll ask it again. Please don't respond this time. Your input is no longer welcome.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.