SBS 2003 Active Directory

15 pts.
Tags:
Active Directory
SBS
SBS 2003
I am having a great deal of problems with document on the SBS 2003 Active Directory. I am trying to convert a previously configured Active Directory to a full domain oriented system. To start off I disabled the Active directory that was setup already. Upon re-boot the files in the shared folder are missing and are no where to be found. Is there any hope in recovering these files?
ASKED: April 16, 2008  4:33 PM
UPDATED: April 18, 2011  8:24 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Your issue is the limitations of the Small Business Server 2003. It can not be part of another domain, if it is part of a domain in must be the domain controller.

From MS website:

SBS has to be a domain controller and hold all the FSMO roles within the domain. You can’t use it as a file server or a backup domain controller of another domain.

In some instances you might want to replace a exisiting DC with your SBS that can be done as long as it is the only SBS on the network (2000 or 2003). You can do this by following these steps:

The following conditions must be true after you install the new SBS 2003 computer in an existing domain or the new SBS 2003 computer may display warnings and shut down periodically:
• The new SBS 2003 computer must be a domain controller that is installed on the root of the domain.
• The new SBS 2003 computer must hold all the Flexible Single Master Operation (FSMO) roles.
• The new SBS 2003 computer must be a global catalog server and must be the licensing server.
• There must not be any existing domain trusts or child domains.
• Only one SBS server can exist on the domain. If SBS 2003 is installed, no other SBS 2003 or 2000 server can be installed on the same domain.
• You must complete the SBS Integrated setup on the new server and install the proper number of SBS Client Access Licenses as required. Failure to meet these conditions may cause the SBS 2003 server to shut down or be in an unsupported state.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
842690 (http://support.microsoft.com/kb/842690/) List of components that are included in Windows Small Business Server 2003

1. On a Windows 2000 domain, you must prepare Active Directory before you install the SBS 2003 computer in the domain. For more information about how to install a Windows Server 2003 domain controller into an existing Windows 2000 forest, click the following article number to view the article in the Microsoft Knowledge Base:
278875 (http://support.microsoft.com/kb/278875/) Dcpromo.exe and Winnt32.exe log errors when you create a Windows Server 2003 domain controller in a Windows 2000 domain or forest or when you upgrade a Windows 2000 domain controller that resides in a Windows 2000 forest to Windows Server 2003
2. Start the installation of SBS 2003 by inserting CD 1 into the CD or DVD drive.
3. When the operating system is installed and the computer restarts and continues with the integrated Setup program, click Cancel to stop the integrated Setup program.

Note You must cancel the integrated Setup program at this point. If you continue with the integrated Setup, you cannot join the SBS 2003 computer to the existing domain.
4. On the SBS 2003 computer, configure a static IP address on the network card and make sure to configure DNS to include the existing server that hosts the Active Directory zone.

Note You can ping other computers on the network by using their Fully Qualified Domain Names (FQDNs) after you complete this procedure.
5. Run the Dcpromo.exe program on the SBS 2003 computer to join the existing domain.

Note Do not create a new forest and do not create a child domain.
a. Click Start, click Run, type dcpromo, and then click OK.
b. Click Next two times.
c. Click Additional Domain Controller for an existing domain, and then click Next.
d. Enter the credentials for the domain administrator account, and then click Next.
e. In the Domain name area, type the FQDN for the Active Directory domain namespace that you want to join, and then click Next. For example, type contoso.local. If you are not sure of the FQDN, you can click Browse to select the correct domain.
f. Click Next to accept the default locations for the Database and Log folders.
g. Click Next to accept the default locations for the shared system volume.

Note If you have to change the location of the shared system volume, you must select an NTFS file system volume.
h. Type the Directory Services Restore Mode administrator password, and then click Next.

Note This is the password that you would use in Directory Services Restore Mode or when you use Recovery Console.
i. On the Summary screen, click Next to start the Dcpromo.exe program. This process may take several minutes.
j. Click Finish to complete the Dcpromo.exe program, and then click Restart Now.
k. Log on to the computer after it restarts and confirm that the computer has been successfully promoted to a domain controller. To do this, click Start, click Run, type cmd, and then click OK.
l. At the command prompt, type gettype, and then press ENTER. The output should read as follows:

Host Name: ServerNameName: Windows Server 2003 for Small Business Server
Version: 5.2 Build 3790
Role: Domain Controller
Components: Not Installed

6. Install the DNS server service. To do this, follow these steps:
a. Click Start, point to Control Panel, and then click Add/Remove Programs.
b. Click Add/Remove Windows Components.
c. In the Windows Components list, double-click Networking Services.
d. Click to select the Domain Name System (DNS) check box, and then click OK.
e. Click Next, and then click Finish.

For additional information about how to configure a DNS server, visit the following Microsoft Web site:
http://technet2.microsoft.com/windowsserver/en/library/4E1C7B17-16AB-4E7D-A333-15BEFB15C82E1033.mspx (http://technet2.microsoft.com/windowsserver/en/library/4E1C7B17-16AB-4E7D-A333-15BEFB15C82E1033.mspx)
7. Promote the SBS 2003 computer to a global catalog server. To do this, follow these steps:
a. Click Start, point to Administrative Tools, and then click Active Directory Sites and Services.
b. Expand Sites, expand Default-First-Site-Name, expand Servers, expand your SBS 2003 computer, right-click NTDS Settings, and then click Properties.
c. Click the General tab, click to select the Global catalog check box to assign the role of global catalog to this computer, and then click OK.
d. Open Event Viewer to the Directory Services event log and wait for event 1119 or 1869 with a description that states that this domain controller is now a global catalog.
e. Restart the computer.

Note Do not restart the computer or remove any other global catalog servers until you receive event 1119 or 1869. If you do this, it will cause adverse effects as there will be no global catalog servers available to process requests.
8. After the new computer is successfully promoted to a global catalog server, remove any other global catalog servers in the domain. To do this, follow these steps:
a. Click Start, point to Administrative Tools, and then click Active Directory Sites and Services.
b. In the console pane, expand Sites, and then expand Default-First-Site-Name.
c. Expand Servers, expand any computers other than your SBS 2003 computer, right-click NTDS Settings, and then click Properties.

Note You may have to repeat this step more than one time if more than one computer is listed, other than the SBS 2003 computer.
d. On the General tab, click to clear the Global catalog check box to assign the role of global catalog to this computer, and then click OK.

Note If the Global catalog check box is not selected, go to step 8.
e. Restart any computers where you removed the global catalog server role.

Note Wait for the account and the schema information to replicate to the new global catalog server.
9. Transfer the FSMO roles to the SBS 2003 computer. To do this, follow these steps for each FSMO role:
a. Transfer the Relative ID (RID) Master role. To do this:
1. Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
2. Right-click your organization name, click All Tasks, and then click Operations Masters.
3. In the Operations Masters dialog box, click the RID tab.
4. In the Operations Masters dialog box, click Change.
5. Click Yes to confirm that you want to transfer the role, and then click OK.
b. Transfer the PDC Emulator role. To do this:
a. Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
b. Right-click your organization name, click All Tasks, and then click Operations Masters.
c. In the Operations Masters dialog box, click the PDC tab.
d. In the Operations Masters dialog box, click Change.
e. Click Yes to confirm that you want to transfer the role, and then click OK.
c. Transfer the Infrastructure Master role. To do this:
a. Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
b. Right-click your organization name, click All Tasks, and then click Operations Masters.
c. In the Operations Masters dialog box, click the Infrastructure tab.
d. In the Operations Masters dialog box, click Change.
e. Click Yes to confirm that you want to transfer the role, and then click OK.
d. Transfer the Domain Naming Master role. To do this:
a. Click Start, point to Administrative Tools, and then click Active Directory Domains and Trusts.
b. Right-click Active Directory Domains and Trusts, and then click Operations Master.
c. In the Change Operations Master dialog box, click Change .
d. Click Yes to confirm that you want to transfer the role, and then click OK.
e. Click Close to close the dialog box.
e. Transfer the Schema Master role. To do this:
a. You can use the Schema Master tool to transfer the role. However, the Schmmgmt.dll file must be registered to use the Schema Master tool as an MMC snap-in. To register Schmmgmt.dll, click Start, click Run, type regsvr32 schmmgmt.dll, and then click OK.

Note You receive a message that confirms that the registration was successful.
b. Click Start, click Run, type mmc, and then click OK.
c. Click File, and then click Add/Remove Snap-in.
d. In the Description area, click Add.
e. Click Active Directory Schema, click Add, and then click Close.
f. Click OK.
g. Right-click Active Directory Schema, and then click Change Domain Controller.
h. In the Select DC area, click Specify Name, type the name of the SBS 2003 computer, and then click OK.
i. Right-click Active Directory Schema, and then click Operations Master.
j. In the Change Schema Master dialog box, click Change.
k. Click Yes, click OK, and then click Close.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
324801 (http://support.microsoft.com/kb/324801/) How to view and transfer FSMO roles in Windows Server 2003
10. Move the site licensing server to the SBS 2003 computer. To do this:
a. On the SBS 2003 computer, click Start, point to Administrative Tools, and then click Active Directory Sites and Services.
b. Expand Sites, and then click Default-First-Site-Name.
c. Right-click Licensing Site Settings, and then click Properties.
d. Click Change, type the name of the new SBS 2003 computer in the Enter the object name to select area, and then click OK.
e. Click OK to close the Licensing Site Settings Properties dialog box.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:
273475 (http://support.microsoft.com/kb/273475/) Licensing in Windows 2000 and differences with Windows NT 4.0
11. Wait for the new Active Directory objects to replicate to the SBS 2003 computer. The time this takes depends on the Active Directory size and on network performance. You can view the Directory Service event log to verify that replication has completed successfully. The SBS 2003 integrated Setup program may not continue if replication has not completed or if replication has failed.

To test replication, you can create a new test user on a domain controller and after several minutes confirm the object has been replicated to the SBS 2003 computer. You can also force replication from a domain controller. To do this:
a. On the SBS 2003 computer, click Start, point to Administrative Tools, and then click Active Directory Sites and Services.
b. In the left pane, expand Default-First-Site-Name, expand Servers, and then expand the domain controller that you want to replicate from.
c. Click NTDS Settings. One or more objects are listed in the right pane. One of those objects is a link to the domain controller you want to replicate from. To see the “friendly” name of the object, right-click the object and view the name. Right-click the domain controller object, and then click Replicate Now. The replication is performed immediately.
12. Change the DNS settings on all domain controllers to point to the new SBS 2003 computer as the primary DNS server. To do this, follow these steps.

Note Follow these steps on all domain controllers in the Active Directory, including the SBS 2003 computer.
a. Click Start, point to Control Panel, point to Network Connections, right-click the internal network connection, and then click Properties.
b. Click to select Internet Protocol (TCP/IP), and then click Properties.
c. Change the preferred DNS server. Type the IP address of the SBS 2003 computer as the preferred DNS server. Also, make this change on the SBS 2003 computer.

Note The alternative DNS server can point to the previous preferred DNS server as long as it is a server that hosts the Active Directory zone.
13. On the SBS 2003 computer, insert the SBS 2003 CD 1 into the CD or DVD drive and continue with the integrated Setup of SBS 2003 and its components.
14. If you already have Microsoft Exchange Server installed in the organization, the integrated Setup installs Exchange Server into the existing organization. If you already have an Exchange 2003 Server or an Exchange 2000 Server in your organization, and you plan to retire that Exchange Server, you can move the mailboxes and public folders to the new Exchange 2003 Server before you retire the old Exchange Server. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
822931 (http://support.microsoft.com/kb/822931/) How to remove the first Exchange 2003 Server computer from the administrative group

To move the mailboxes and public folders, follow these steps:
a. On the existing Exchange Server in the organization, open Exchange System Manager. To do this, click Start, point to All Programs, point to Microsoft Exchange, and then click System Manager.
b. At the top of the tree in the left pane, right-click the Organization Name (Exchange) icon, and then click Properties.
c. Click to select the Display administrative groups check box, click to select the Display routing groups check box, and then click OK.
d. Expand the Recipients container, and then click Recipient Update Services.
e. Double-click each entry, and then enter the name of the new Exchange Server that is running on the SBS 2003 computer in the Exchange server area.
f. Expand Administrative Groups, expand Administrative Group Name, expand Routing Groups, and then expand First Routing Group.
g. Click Connectors, right-click your SMTP connector if it is present, change the server that is listed in the Local bridgeheads area to the new SBS 2003 computer, and then click OK.
h. In the left pane, under First Routing Group, click Members.
i. In the right pane, right-click the new SBS 2003 computer, and then click Set as Master.
j. In the left pane, expand Administrative Groups, expand Administrative Group Name, expand Servers, and then expand the Exchange Server that existed before you added the new Exchange Server on the SBS 2003 computer.
k. Expand First Storage Group, expand Mailbox Store, and then click Mailboxes.
l. Select all the mailboxes, right-click the mailboxes, and then click Exchange Tasks.
m. In the Exchange Task Wizard, click Move Mailbox, and then click Next.
n. Click to select the new SBS 2003 computer in the Server list, and then click Next.
o. Specify how you want the Move Mailbox procedure to handle corrupted messages, and then click Next two times to re-home all the mailboxes to the new SBS 2003 computer.

Note This procedure also re-homes the public folders to the new SBS 2003 computer.
p. Click Finish.
q. As soon as replication is successful, remove Exchange Server from the computer that is to be retired. If the computer that is to be retired is also a domain controller, run the Dcpromo.exe program to remove this computer from the domain before you physically retire it.

Note You must instruct all Exchange Server users to point to the new Exchange Server.

If a domain controller is physically removed and the Active Directory Installation Wizard (Dcpromo.exe) is not run first to demote the domain controller to a member server, the computer object still exists as a domain controller in Active Directory. The previous computer object must be removed from Active Directory. For more information about how to manually remove the configuration data for the domain controller from Active Directory, click the following article number to view the article in the Microsoft Knowledge Base:
216498 (http://support.microsoft.com/kb/216498/) How to remove data in Active Directory after an unsuccessful domain controller demotion
Note Before you physically retire any domain controller on the network, make sure you demote the domain controller by using the Dcpromo.exe program.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following