Jump to content


Sign in to follow this  
Saif

AD 2000 Migration to AD 2008

Recommended Posts



You can not do an inplace upgrade to 2008, prepare the schema with adprep

command for 2008 on the 2000 Schema master and you have to add a 2008 server

as member server and run dcpromo on it. Then make it DNS server (choose AD

integrated zones) Global catalog server and move all 5 FSMO roles to the

2008 DC.

 

Good Luck! :)

Share this post


Link to post
Share on other sites

.

 

Hi!

 

Hope this can be of use. Your Server 2000 might not have the same roles as the one in this guide, but you'll get the general idéa

 

NOTE! I found this guide on http://forums.techarena.in/server-migration/1010582.htm

 

The general steps to migrate from Windows Server 2000 to Windows Server

2008 is almost the same as the steps to migrate from Windows Server 2003 to

Windows Server 2008.

 

Scenario:

 

Old server: Windows Server 2000 box

New server: Windows Server 2008 box

 

1. Verify that Windows 2000 SP4 have been installed on the old server and

Windows Server 2008 SP1 have been installed on the new server

 

Note: the domain functional level should be in Windows 2000 native mode for

the Windows 2000 domain.

 

2. Upgrade the Windows 2000 forest schema by running "adprep /forestprep"

command on old server

 

Note: you can copy the adprep folder from the Windows Server 2008

installation disc to the old server to run "adprep /forestprep".

The location is \source\adprep on the installation disc.

 

3. Upgrade the Windows 2000 domain schema by running "adprep /domainprep"

command on old server

 

4. Verify the new server's TCP/IP configuration has been pointed to

existing DNS server.

 

5. Add new server to existing Windows 2000 domain as a member server.

 

6. Run dcpromo on new server to promote it as an additional domain

controller in existing Windows 2000 domain, afterwards you may verify the

installation of Active Directory.

 

7. Enable Global Catalog on new server and manually Check Replication

Topology and afterwards manually trigger replication to synchronize Active

Directory database between 2 replica.

 

8. Disable Global Catalog on old server.

 

9. Use NTDSUTIL utility to transfer all the 5 FSMO roles from old server to

new server. You'd better transfer FSMO roles via GUI method instead of

using NTDSUTIL.

 

10. Install DNS component on new server and configure it as a new DNS

Server(Active Directory Integrated-Zone is preferred)

 

Note: all the DNS configuration need to be transferred from the existing

DNS Server.

 

11. Migrate DHCP service from Windows Server 2000 to Windows Server 2008

 

Please refer to:

How to move a DHCP database from a computer that is running Windows NT

Server 4.0, Windows 2000, or Windows Server 2003 to a computer that is

running Windows Server 2003

http://support.microsoft.com/default.aspx/kb/325473

(This should work on Windows Server 2008)

 

12. Migrate File Sharing service from

 

You can also use robocopy.exe from the Windows Server Resource kit to copy

the files and maintain NTFS permissions.

 

For the shares, the shares definitions and permissions are stored in the

following registry key on the server:

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\lanmanserver\Shares

 

If you export out the whole key and import in the new server, and if you

have the files and folders in the same path as in the old server, then you

will retain all you shares and share permissions.

 

12. It's better to make the old DC offline for several days and check

whether everything works normally with the new server online. If so, you

may let the old DC online and run DCPROMO to demote it.

 

For more information, please refer to:

 

Identifying Your Windows Server 2008 Functional Level Upgrade

http://technet2.microsoft.com/window...03a77-d9ba-4a2

6-b756-eba5499f15581033.mspx?mfr=true

 

How To Install and Configure DNS Server in Windows Server 2003

http://support.microsoft.com/kb/814591/EN-US/

 

How To Convert DNS Primary Server to Active Directory Integrated

http://support.microsoft.com/kb/816101

Share this post


Link to post
Share on other sites

Hi!

 

Hope this can be of use. Your Server 2000 might not have the same roles as the one in this guide, but you'll get the general idéa

 

NOTE! I found this guide on http://forums.techarena.in/server-migration/1010582.htm

 

The general steps to migrate from Windows Server 2000 to Windows Server

2008 is almost the same as the steps to migrate from Windows Server 2003 to

Windows Server 2008.

 

Scenario:

 

Old server: Windows Server 2000 box

New server: Windows Server 2008 box

 

1. Verify that Windows 2000 SP4 have been installed on the old server and

Windows Server 2008 SP1 have been installed on the new server

 

Note: the domain functional level should be in Windows 2000 native mode for

the Windows 2000 domain.

 

2. Upgrade the Windows 2000 forest schema by running "adprep /forestprep"

command on old server

 

Note: you can copy the adprep folder from the Windows Server 2008

installation disc to the old server to run "adprep /forestprep".

The location is \source\adprep on the installation disc.

 

3. Upgrade the Windows 2000 domain schema by running "adprep /domainprep"

command on old server

 

4. Verify the new server's TCP/IP configuration has been pointed to

existing DNS server.

 

5. Add new server to existing Windows 2000 domain as a member server.

 

6. Run dcpromo on new server to promote it as an additional domain

controller in existing Windows 2000 domain, afterwards you may verify the

installation of Active Directory.

 

7. Enable Global Catalog on new server and manually Check Replication

Topology and afterwards manually trigger replication to synchronize Active

Directory database between 2 replica.

 

8. Disable Global Catalog on old server.

 

9. Use NTDSUTIL utility to transfer all the 5 FSMO roles from old server to

new server. You'd better transfer FSMO roles via GUI method instead of

using NTDSUTIL.

 

10. Install DNS component on new server and configure it as a new DNS

Server(Active Directory Integrated-Zone is preferred)

 

Note: all the DNS configuration need to be transferred from the existing

DNS Server.

 

11. Migrate DHCP service from Windows Server 2000 to Windows Server 2008

 

Please refer to:

How to move a DHCP database from a computer that is running Windows NT

Server 4.0, Windows 2000, or Windows Server 2003 to a computer that is

running Windows Server 2003

http://support.microsoft.com/default.aspx/kb/325473

(This should work on Windows Server 2008)

 

12. Migrate File Sharing service from

 

You can also use robocopy.exe from the Windows Server Resource kit to copy

the files and maintain NTFS permissions.

 

For the shares, the shares definitions and permissions are stored in the

following registry key on the server:

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\lanmanserver\Shares

 

If you export out the whole key and import in the new server, and if you

have the files and folders in the same path as in the old server, then you

will retain all you shares and share permissions.

 

12. It's better to make the old DC offline for several days and check

whether everything works normally with the new server online. If so, you

may let the old DC online and run DCPROMO to demote it.

 

For more information, please refer to:

 

Identifying Your Windows Server 2008 Functional Level Upgrade

http://technet2.microsoft.com/window...03a77-d9ba-4a2

6-b756-eba5499f15581033.mspx?mfr=true

 

How To Install and Configure DNS Server in Windows Server 2003

http://support.microsoft.com/kb/814591/EN-US/

 

How To Convert DNS Primary Server to Active Directory Integrated

http://support.microsoft.com/kb/816101

 

Thank you for the extensive explanation and steps. will try this in a lab environment first.

Share this post


Link to post
Share on other sites

You can not do an inplace upgrade to 2008, prepare the schema with adprep

command for 2008 on the 2000 Schema master and you have to add a 2008 server

as member server and run dcpromo on it. Then make it DNS server (choose AD

integrated zones) Global catalog server and move all 5 FSMO roles to the

2008 DC.

 

Good Luck! :)

 

If i promote it to AD, wouldn't all five FSMO roles automatically replicate over?

Share this post


Link to post
Share on other sites

You can only have one of each operations master in you AD structure.

 

Read through this for a better understanding: http://en.wikipedia.org/wiki/Flexible_single_master_operation

 

Ok first of all i dont know what happened to my original post because it is gone. I must have deleted it by mistake.

 

You see we only have 2 DCs and both are setup and GC. In addition the primary DC has all the roles assigned to it.

 

Can't i use ADMT tool to migrate everything over to our new severs? Will that help me keep my original server names?

 

thanks,

Share this post


Link to post
Share on other sites

Ok first of all i dont know what happened to my original post because it is gone. I must have deleted it by mistake.

 

You see we only have 2 DCs and both are setup and GC. In addition the primary DC has all the roles assigned to it.

 

Can't i use ADMT tool to migrate everything over to our new severs? Will that help me keep my original server names?

 

thanks,

 

ADMT is for migrating objects. This tool will not help you preserve your domaincontroller hostnames.

 

Why is it so important to keep the DC names?

 

 

I guess you could move all roles to w2k3 dc1 and then demote w2k3 dc2.

When this is done, extend the forestprep and domainprep on your remaining w2k3 dc1.

Then install a w2k8 machine and promote it to a domaincontroller (give it the same name as w2k3 dc2 had..).

Move all roles to your new w2k8 machine. Then demote your w2k3 dc1.

Then install your second w2k8 machine and promote it to a domaincontroller.

done..

 

Remeber though that it is never a good idea to have less then 2 domaincontrollers.

backup backup backup B)

Share this post


Link to post
Share on other sites

ADMT is for migrating objects. This tool will not help you preserve your domaincontroller hostnames.

 

Why is it so important to keep the DC names?

 

 

I guess you could move all roles to w2k3 dc1 and then demote w2k3 dc2.

When this is done, extend the forestprep and domainprep on your remaining w2k3 dc1.

Then install a w2k8 machine and promote it to a domaincontroller (give it the same name as w2k3 dc2 had..).

Move all roles to your new w2k8 machine. Then demote your w2k3 dc1.

Then install your second w2k8 machine and promote it to a domaincontroller.

done..

 

Remeber though that it is never a good idea to have less then 2 domaincontrollers.

backup backup backup B)

 

I like your idea here. I will transfer whatever roles i have on w2k-dc2 on to w2k-dc1. Then demote w2k-dc2, all i have to do is run dcpromo to demote correct? Will i need to do anything else on DC1 or in DNS to completely remove w2k-dc2? Once i build new w2k8 with same name, will i be able to promote to it to DC by running DCpromo? Once that is done, transfer all fsmo roles from w2k-dc1 onto here and repeate again. I will maintain my hostnames and have new domain controllers correct?

 

How will i be able to keep all my shares on w2k-dc2?

Share this post


Link to post
Share on other sites

I like your idea here. I will transfer whatever roles i have on w2k-dc2 on to w2k-dc1. Then demote w2k-dc2, all i have to do is run dcpromo to demote correct? Will i need to do anything else on DC1 or in DNS to completely remove w2k-dc2? Once i build new w2k8 with same name, will i be able to promote to it to DC by running DCpromo? Once that is done, transfer all fsmo roles from w2k-dc1 onto here and repeate again. I will maintain my hostnames and have new domain controllers correct?

 

How will i be able to keep all my shares on w2k-dc2?

 

Yes dcpromo is the only thing you need to run to demote the DC.

Before doing this though, make sure that all operations master are moved and that it is not the last global catalog server.

 

What shares do you mean? Do you have fileshares on your DC2?

Share this post


Link to post
Share on other sites

Yes dcpromo is the only thing you need to run to demote the DC.

Before doing this though, make sure that all operations master are moved and that it is not the last global catalog server.

 

What shares do you mean? Do you have fileshares on your DC2?

 

Exactly, it is also acting acting as a file server. How would i successfully copy all the shares off of it (i know i can use explorer) and retain file/ntfs permissions?

 

I setup the whole scenario in my test lab. This is what i did and please correct me if did something wrong:

 

1) Built another 2008 server. Added it to the domain as a normal member server.

2)Used robocopy on the new member server to copy all the files off of DC2 (it copied all the files, but i dont see any permissions being retained, also it placed the files all over the place and not in a specific directory, please advise).

3) I then copied all the FSMO roles off of DC2 to DC1. Ran dcpromo, but in the process received DNS errors. Although it demoted successfully, i had lots of DNS erros.

4) Shut down DC2. When i checked DC1, i still see entries in DNS for DC2, is that OK?

5) renamed new member server to DC2 and ran dcpromo

 

by then it was 1:00 am and i was tired so i went home. I have not checked the results yet, but this is exactly what i am suppose to do to replace a Domain controller correct? Please advise..

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...