Eric B
asked on
Please verify my steps for Server 2003 x32 -2012 r2 migration - Dell Server and a BDC in a VM
I have read numerous articles and made copious notes but want to make sure I am not missing something obvious.
Setup:
Dell server with Windows Server 2003 Standard Edition SP2 x32 PDC, DNS, file server, 1 domain
HyperV VM: Windows server 2003 R2 SE SP2 32 bit - backup DC, backup DNS, SMTP server (no file serving)
Forest and Domain Functional levels are at Windows 2000
30 Win 7 pro x32 workstations
I'd like to upgrade both servers to 2012 R2 with same roles.
Steps:
Use dcdiag to look for any problems in Active Directory
dcdiag /v /c /d /e /s:servername > c:\temp\dcdiag.log
Look for and delete outdated entries in Active Directory
dcquery computer -26
dcquery user -26
(adding | dsrm if it looks ok)
use DSLint?
Next is to increase the functional levels to 2003. I assume this causes no issue for users?
At that point is it possible to add a VM, install Server 2012r2 and have it as the backup domain controller? Would be great to migrate functions from the old 2003 VM and shut it off but I assume 2012 will want to be the PDC?
For the 2012 r2 PDC, sounds like I need to:
install on the server hardware
add directory services and DNS
To transfer the files, permissions, shares must I use the SMIGDEPLOY process or is there something simple?
https://blogs.technet.microsoft.com/canitpro/2014/10/29/step-by-step-migrating-a-windows-server-2003-file-server-ntfs-and-share-rights-to-windows-server-2012-r2/
What about this? Seems to require Server 2003 Enterprise or Datacenter so no love.
Windows file server migration toolkit 1.2 http://www.microsoft.com/en-us/download/details.aspx?id=10268
Or other ideas?
Setup:
Dell server with Windows Server 2003 Standard Edition SP2 x32 PDC, DNS, file server, 1 domain
HyperV VM: Windows server 2003 R2 SE SP2 32 bit - backup DC, backup DNS, SMTP server (no file serving)
Forest and Domain Functional levels are at Windows 2000
30 Win 7 pro x32 workstations
I'd like to upgrade both servers to 2012 R2 with same roles.
Steps:
Use dcdiag to look for any problems in Active Directory
dcdiag /v /c /d /e /s:servername > c:\temp\dcdiag.log
Look for and delete outdated entries in Active Directory
dcquery computer -26
dcquery user -26
(adding | dsrm if it looks ok)
use DSLint?
Next is to increase the functional levels to 2003. I assume this causes no issue for users?
At that point is it possible to add a VM, install Server 2012r2 and have it as the backup domain controller? Would be great to migrate functions from the old 2003 VM and shut it off but I assume 2012 will want to be the PDC?
For the 2012 r2 PDC, sounds like I need to:
install on the server hardware
add directory services and DNS
To transfer the files, permissions, shares must I use the SMIGDEPLOY process or is there something simple?
https://blogs.technet.microsoft.com/canitpro/2014/10/29/step-by-step-migrating-a-windows-server-2003-file-server-ntfs-and-share-rights-to-windows-server-2012-r2/
What about this? Seems to require Server 2003 Enterprise or Datacenter so no love.
Windows file server migration toolkit 1.2 http://www.microsoft.com/en-us/download/details.aspx?id=10268
Or other ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
First off I truly appreciate your time on this answer, you really hit on each point.
Yes, it is a migration to new hardware.
The point of my learning is to practice on a test network prior to having a professional come in. I figure if there are errors or lengthy items that I could utilize them most efficiently.
Yes, we have SMTP - it is an easy way for some of our devices to e-mail from within the LAN. We've outsourced our exchange hosting.
I do like the DFS namespace idea, sorry to burden you with a simple question but can it supplement what's already on the server?
\\serverA\share1
\\domain\dfsname\share1
Where both point to the same thing? I can't imagine going through all of my client connections, batch files, etc. and having to change them on the same weekend I'm migrating the server. I assume that if I use NTFS permissions currently they would be maintained?
We do not have any Windows 2000 servers. Merely the two W2003 mentioned, the main file server and the backup VM. Sounds like I can do a server backup and upgrade the forest/domain functional levels to 2003 after hours one day with no issue.
…Unless the 2003 server was poorly deployed, you even import the lanmanserver registry settings for shares and restore the shares and share permissions.
This sounds great…is this correct:
Use an attached VHDX file, or robocopy all the data to the new server
2003: Navigate to HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ LanmanServer \ Shares.
2003: Select the “shares” key and click files -> export. Save this file to the location of your choice.
2003: Do the same with the “security” sub key.
2012: Copy both files to the new machine.
2012: Log in into the new server and double click on the registry files you’ve just created (NOTE: You will lose all previously configured shares on the new system).
2012: Reboot the server, and voilà, the new shares should be there.
Yes, it is a migration to new hardware.
The point of my learning is to practice on a test network prior to having a professional come in. I figure if there are errors or lengthy items that I could utilize them most efficiently.
Yes, we have SMTP - it is an easy way for some of our devices to e-mail from within the LAN. We've outsourced our exchange hosting.
I do like the DFS namespace idea, sorry to burden you with a simple question but can it supplement what's already on the server?
\\serverA\share1
\\domain\dfsname\share1
Where both point to the same thing? I can't imagine going through all of my client connections, batch files, etc. and having to change them on the same weekend I'm migrating the server. I assume that if I use NTFS permissions currently they would be maintained?
We do not have any Windows 2000 servers. Merely the two W2003 mentioned, the main file server and the backup VM. Sounds like I can do a server backup and upgrade the forest/domain functional levels to 2003 after hours one day with no issue.
…Unless the 2003 server was poorly deployed, you even import the lanmanserver registry settings for shares and restore the shares and share permissions.
This sounds great…is this correct:
Use an attached VHDX file, or robocopy all the data to the new server
2003: Navigate to HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ LanmanServer \ Shares.
2003: Select the “shares” key and click files -> export. Save this file to the location of your choice.
2003: Do the same with the “security” sub key.
2012: Copy both files to the new machine.
2012: Log in into the new server and double click on the registry files you’ve just created (NOTE: You will lose all previously configured shares on the new system).
2012: Reboot the server, and voilà, the new shares should be there.
Yes, DFS works by sharing out over \\domain the \\server\share paths. When you configure the namespace, you indicate what shares the \\domain\newshare points to. With DFS replication, you can have more than one share pointing to the same thing. Without DFS replication, it's just an alternate way to connect to the existing shares.
re the lanman server part, basically yes. To be clear, this works great when your EXISTING data is on a "D: drive" or other drive letter and not some shared folder off C:. Then if you match the original data drive letter on the new server, then you can export/import the registry. II would edit it .reg export and remove the shares that don't really apply like the C$, Admin$, etc. You don't need to import those.
re the lanman server part, basically yes. To be clear, this works great when your EXISTING data is on a "D: drive" or other drive letter and not some shared folder off C:. Then if you match the original data drive letter on the new server, then you can export/import the registry. II would edit it .reg export and remove the shares that don't really apply like the C$, Admin$, etc. You don't need to import those.
ASKER
Thank you for the thorough, detailed, and patient explanations. Best wishes!
Can a nurse who studies hard and generally knows what they are doing remove an appendix without killing the patient? Sure... is it SAFER to have a doctor who has done it 1000 times do it? DEFINITELY.
Point being, If this isn't part of your skillset, you would be wiser to hire a professional to either work with you OR do it for you. This is a major network operation and should be treated as such. (Sorry for being blunt).