Solved

Confused - Do I need to copy my SBS 2008  to a virtual machine to perform a migration to 2012?

Posted on 2016-11-15
6
14 Views
Last Modified: 2016-11-16
All the documentation I am seeing talks about somehow doing this to debug the process before doing this for real .
All te documentation talks about 2008 r2 not SBS 2008
The problem is I don't have the resources for this and i'm concerned what this would do to the network to have another identical server on it .
Please tell me that I can just migrate the roles one by one from the existing server .
I have already migrated the exchange 2007 to office 365 .
Ideally I would like to bring up the r 2012 server on the same  network as the SBS  and migrate the desktops  then shutdown the SBS box .
Here are my concerns .
1. The SBS 2008 (mycompany.local) box is in production and I would rather not be patching or otherwise changing its configuration due to the risk of downtime.  ( I am hoping for a migration where I export a file from one server and import it into another .
2. I need to do the migration in the background until cutover .
3. I need to have the new server run in parallel so i can configure services and roles etc without disruption of the existing setup .
I was told in another question that I cannot simply have a new AD domain (Mycompany-v2.local ) on the new server and copy the other roles so now I am stuck because I also cant have the new server on the old tree without disruption either .
I don't have the luxury of a separate network lab environment .
Please help me get past this issue . Where I am stuck is how to have AD on the new server so I can begin setting up groups and policies the way they need to be . ( EX: can I copy and rename the AD and bring it up as a separate new domain so I can work on it ?)
0
Comment
Question by:Andre P
  • 3
  • 2
6 Comments
 
LVL 33

Expert Comment

by:it_saige
ID: 41888646
Just to paraphrase, you have an existing 2008 Small Business Server (SBS) controlled domain.  You wish to add a new server that has 2012 on it and promote it to a domain controller.  After the promotion, you want to move your roles and services (where applicable) from the 2008 SBS to the new 2012 server.  Once completed you want to demote and retire the 2008 SBS?

Do I have this correct?

If so, at this point in time it sounds as if you have already stood up the new 2012 server and have moved Exchange from the 2008 SBS to O365.  Have you joined the new 2012 server to the domain?

-saige-
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 41888721
You don't need to virtualize at all to do this. Many admins do so because they feel that taking a snapshot/checkpoint provides a quick way back. But since that isn't a good idea with older domain controllers, that really isn't an issue here.

You can add your 2012 servers, join them to your existing domain, make them DCs (to replicate AD), and migrate roles and data all without virtualizing and the only downtime is the movement of the actual roles (when you move a printer, chances are there will be some interruption of that printer, etc.)

But paying attention to your event logs and looking for errors is critical.

Also keep in mind SBS's restrictions. Move the FSMO roles and demote the SBS server *last* to keep it in licensing compliance.

I've done literally hundreds of migrations like this and it all works well when properly planned.
1
 

Author Comment

by:Andre P
ID: 41888724
Yes you have it correct .
I guess i am confused as to when is the process the new server comes online as the primary domain controller .
It is currently a virtual machine and has no roles installed yet . It has not been added to any domains.
I would like to configure the new server with all roles and cutover once the data dns etc has been migrated
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 41888751
The concept of a "primary" domain controller went away with NT4. Your new server will be *a* domain controller as soon as you install and configure the "Active Directory Domain Services" role.
0
 

Author Comment

by:Andre P
ID: 41888794
Ok .. So i guess what I need to know is this . I install AD role tonight  .. I add it to the existing domain
I have not done anything else . What happens when my users come in tomorrow ? Is there a disruption ? Or are they still using the SBS 2008 server .
Can i continue migrating but not activating the other roles DNS ,DHCP ? I want to to make some changes to the group policies etc before I cut over . I DO NOT want them to take effect until after i have tested the changes on a test desktop .
Once I do the initial replication can i work on the new server without affecting the operation of the old server or the people attached to it ?
0
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 41888803
"I have not done anything else . What happens when my users come in tomorrow ? Is there a disruption ? Or are they still using the SBS 2008 server . "

There is not a disruption. But for AD requests, such as logon or group policy, they may use the SBS server or the new server. AD is multi-master which means any server can be connected to and *all* servers get any changes made.

"Can i continue migrating but not activating the other roles DNS ,DHCP ?"

DHCP, yes.  DNS is a required role in AD and those zones will replicate as part of AD. They will be live when you do so. Any changes you make to those DNS zones will replicate back to SBS as well.

"Once I do the initial replication can i work on the new server without affecting the operation of the old server or the people attached to it ? "

No. Any changes will replicate.  It is not uncommon for admins to use a security group or even an OU with just test machines and test users. Then you can create new group policies, linking them only to the OU, or filtering by those groups, so they can test without the group policy applying to other machines.  Then when you are ready to apply the setting more broadly, you can simply link to another OU and/or add security groups to the filter.  But the created group policy will "exist" on the live network the whole time.  You can't do what *you* want...fully isolated test desktops, etc, without setting up a full test network end-to-end.

Note that this is not a migration challenge. This is true even if you weren't migrating. It is also true for any sysadmin who regularly needs to manage desktops on 2012.  SBS is not a factor, nor is the migration scenario.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
A procedure for exporting installed hotfix details of remote computers using powershell
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now