Tech Support banner

Status
Not open for further replies.
1 - 15 of 15 Posts

·
Registered
Joined
·
1,259 Posts
Discussion Starter #1
I am helping a company install a new server running Windows Server 2003. They currently have a server running Server 2000. I was just wondering on what is the best way to move to the new server with the minimum amount of downtime. For example: How to transfer the active directory info over, how to assure all settings are the same so that they dont lose connectivity when they move over to the new server. Basically, a check list of things to do when they move over to assure that everything works properly. Thanks alot in advance. :smile:
 

·
Registered
Joined
·
1,645 Posts

·
Registered
Joined
·
1,259 Posts
Discussion Starter #4
This is going to be a completely new server running Server 2003. It is a fairly small company (maybe 20 users). Would there be any harm in simply setting up the domain on the new server and manually adding the user accounts to active directory and then just simply replace the server? Or would this cause problems?
 

·
Registered
Joined
·
7,747 Posts
Eclipse2003 said:
This is going to be a completely new server running Server 2003. It is a fairly small company (maybe 20 users). Would there be any harm in simply setting up the domain on the new server and manually adding the user accounts to active directory and then just simply replace the server? Or would this cause problems?
I have never done it that way. I have always brought in the new server, set up DNS and DHCP (if being used), promote it to DC with AD integrated, let it replicate, transfer the FSMO roles, then demote the old server.
I guess you could but you would have to import your GP settings, permissions, etc.
 

·
Registered
Joined
·
1,259 Posts
Discussion Starter #6
Sorry I haven't really done this before. Could you explain in detail how to complete the tasks that you said.

crazijoe said:
set up DNS and DHCP (if being used), promote it to DC with AD integrated, let it replicate, transfer the FSMO roles, then demote the old server.
Thanks
 

·
Registered
Joined
·
7,747 Posts
You will need to join the 2003 server to the domain. Install DHCP and DNS. Make sure you give the new server a static IP address. Then you need to run "ADPrep /forestprep" and "ADPrep /domainprep" on your 2000 server.
http://www.petri.co.il/windows_2003_adprep.htm
Run DCPROMO on the 2003 server. This will make it a domain controller.
Set the new server as a Global Catalogue server.
Set the new server as a DNS server with the existing AD Integrated Primary Zone.
Transfer the 5 FSMO Roles to the new server (I keep forgetting where it is in the GUI, but here's how for the command line):

click Start then Run then type the following - return after each line.
ntdsutil
roles
connections
connect to domain <domain name>
connect to server <new server name>
quit
Transfer domain naming master
Transfer infrastructure master
Transfer PDC
Transfer RID master
Transfer schema master

Reset client and server IP information to make the new server primary DNS.
Set your scope and options in DHCP for you router, DNS server and DNS Domain name.
Force replication of AD on the 2000 server and wait 24 hours.
Demote your 2000 server to a member server, wait 24hrs and then pull it out.
I'd suggest that you monitor the server for a week, regular checks of the event logs and make sure everything is working correctly before you do anything (like reformat) to the 2000 server.
 

·
Registered
Joined
·
796 Posts
Dcpromo

Be sure to make the box you are promoting look to itself for DNS when promoting it. I have seen some VERY long DC promotion by not doing this.
 

·
Registered
Joined
·
1,259 Posts
Discussion Starter #9 (Edited)
Can you let me know what/if any disadvantages there are by simply replacing the old server with the new 2003 server, giving it the same static ip and simply entering all of the user accounts and rights. The rights and accounts they have are very simple with very few differences in permissions really. Just wanted to know if I did it this way if anything would or could go wrong. Thanks.

Also, if you could explain a little more on how to do the following:

Set the new server as a Global Catalogue server.
Set the new server as a DNS server with the existing AD Integrated Primary Zone. (are these options in the GUI when you run DCPROMO?)

click Start then Run then type the following - return after each line.
ntdsutil
roles
connections
connect to domain <domain name>
connect to server <new server name>
quit
Transfer domain naming master
Transfer infrastructure master
Transfer PDC
Transfer RID master
Transfer schema master
Are these in the command prompt or just in the Run window?

Reset client and server IP information to make the new server primary DNS. (is this simply setting the ip of the new server on each client machine?)

Force replication of AD on the 2000 server and wait 24 hours.
Demote your 2000 server to a member server, wait 24hrs and then pull it out.
For these, does this mean that you have both connected to the domain for 2 days? If so, why does this need to be done? Also, will all the workstations be up for these 2 days? Which server will they be connected to?

Be sure to make the box you are promoting look to itself for DNS when promoting it. I have seen some VERY long DC promotion by not doing this.
 

·
Registered
Joined
·
7,747 Posts
Eclipse2003 said:
Can you let me know what/if any disadvantages there are by simply replacing the old server with the new 2003 server, giving it the same static ip and simply entering all of the user accounts and rights. The rights and accounts they have are very simple with very few differences in permissions really. Just wanted to know if I did it this way if anything would or could go wrong. Thanks.
The biggest disadvantage to this is the administrative overhead you will have. But being with a small company this might not be a problem. The company I work for have about 75 users. In august we just replaced 2 Domain controllers, an Exchange server, a Web server, and a file/print server, plus we added another member server, another Web server, and 2 SQL servers.
The advantage to having AD integrated is you can introduce a new DC and it will replicate with your exsiting AD. You do not have to worry about setting up groups and OUs and you do not have to worry about resetting and reconfiguring group policies and permissions.

Eclipse2003 said:
Set the new server as a Global Catalogue server.
To set the server as the Global Catalog Server.
Start, Administrative tools, Active directory sites and services, expand sites expand 'your domain', expand servers, click on the new server. On the right side, right click the NTDS settings and go to the properties. Check the box for Global Catalog then click OK.

Eclipse2003 said:
Set the new server as a DNS server with the existing AD Integrated Primary Zone. (are these options in the GUI when you run DCPROMO?)
I can't remember but I beleive it will do this with DCPROMO. I basically added this in to make sure that the new DC is set for AD Integrated.

Eclipse2003 said:
click Start then Run then type the following - return after each line.
ntdsutil
roles
connections
connect to domain <domain name>
connect to server <new server name>
quit
Transfer domain naming master
Transfer infrastructure master
Transfer PDC
Transfer RID master
Transfer schema master
Are these in the command prompt or just in the Run window?
This would be done from the command prompt.

Eclipse2003 said:
Reset client and server IP information to make the new server primary DNS. (is this simply setting the ip of the new server on each client machine?)
This would depend on if you are using DHCP or setting the client machines with static IPs.
If you are using static IPs, then you would need to go to the network connections- TCP/IP properties and replace the entry for the old DNS server with the IP of the new DNS server.
If you are using DHCP, this would mearly be an entry of the DHCP scope options on the server.

Eclipse2003 said:
Force replication of AD on the 2000 server and wait 24 hours.
Demote your 2000 server to a member server, wait 24hrs and then pull it out.
For these, does this mean that you have both connected to the domain for 2 days? If so, why does this need to be done? Also, will all the workstations be up for these 2 days? Which server will they be connected to?
Yes you would have both connected to the domain. The reason I suggest this is if something doesn't go right, you still have the old server online. Basically you want to make sure the server is stable and replicate fully before you take the old one off line. I actually wait about a week before I remove the old server.
The workstations will connect to whatever DC it finds. When the old one becomes off line the all the workstation will use the new DC.

Forgot to add, If you are using DHCP, set the lease time to 1 day on the old server. This way the client machines can start pulling from the new DHCP server.
 

·
Registered
Joined
·
1,259 Posts
Discussion Starter #12 (Edited)
Ok everything worked smoothly so far except one minor detail. When I had them join the domain (which is exactly the same as the last) they were able to join if they used the administrator account, however they couldn't use their own user account until they left the domain and joined a workgroup, reboot, logged into local computer, joined the domain, reboot. Then, they were fine. However, it created another user name on the actual PC, therefore all of their documents, favorites, etc...are on the other account. For example, if their user name is jones. Their old account under Documents and Settings is Jones. But the new one is Jones.glf (where glf.local is the domain). The Documents and settings arent too big of a deal I guess cause i can just copy over, altho if it can be avoided that would be great. The main thing is, their Outlook Express email and settings are not there because they are solely on the old account on the PC. Is there any way to import these settings, address book, inbox etc...? Any help would be greatly appreciated. They have all OS' here basically. XP Pro, 2000, 98SE, ME. Please help.

Edit: By the way, I did the whole swap idea instead of the steps you had originally suggested. Everything works fine tho besides these minor details
 

·
Registered
Joined
·
1,259 Posts
Discussion Starter #13
One quick note: I just checked and its only the 2000 Pro and XP Pro machines that are having this problem
 

·
Registered
Joined
·
7,747 Posts
Eclipse2003 said:
They have all OS' here basically. XP Pro, 2000, 98SE, ME.
All these OS's in an office of 20 people? Must be a very tight budget. I bet you have a variety of different hardware too.

Well......
What has happen is there are 2 domains. Even though you have created a domain on the new machine and it is the same domain name as the old one, it is still technically a new domain. Therefore the workstations are joining a new domain and need to setup a new profile for the new domain. Even though the names are the same, they are 2 different domanins.
Eclipse2003 said:
The main thing is, their Outlook Express email and settings are not there because they are solely on the old account on the PC. Is there any way to import these settings, address book, inbox etc...?
The only way I can think of doing this is to hook up the old server and have the workstations join it. Then they should use their old profiles and you can backup their .pst files.
 

·
Registered
Joined
·
1,259 Posts
Discussion Starter #15
I figured it out. By just looking around I found their outbox, inbox, etc...saved in a folder within local settings/app data/... just copied these and pasted into the new users same folder and they got all their messages. Good stuff. Thanks for all the help with this guys. Everything is running smoothly now.
 
1 - 15 of 15 Posts
Status
Not open for further replies.
Top