Transferring a Domain

15 pts.
Tags:
Active Directory
Bind
DataCenter
DHCP
DNS
Ethernet
IPv4
IPv6
Management
Microsoft Windows
NetBIOS
Networking
Networking services
OS
Security
Servers
SQL Server
TCP
Hi All, I have a server running on WindowsNT 4.0, we are upgrading to server 2003 on new machine and removing the old machine entirely from network, Could any body tell is there any way of transferring the exisiting users and policies/ entire domain setting to new machine as it is, and not making any further changes to clients? Any help will be appriciated. Thanking You and Best Regards.

Answer Wiki

Thanks. We'll let you know when a new response is added.

I just completed this project here. The best way I found to do this is to bring up a “Pivot server”, something that is big enough to handle your domain for a week or so. Bring that server up as a BDC in NT4 fully updated. Let it sit for a few day to make sure it is working. Then promote it to a PDC (this will demote the existing PDC). One thing, you need to make sure that if your current PDC is doing DNS, WINS, DHCP… that you transfer those over to the new pivot box. Once you have it promote let it sit for a week or so and watch the error logs. Make sure everything is working right. Then take your server 2003 CD and perform a upgrade on it. This will take about 2-3 hours so make sure to do it at night or on a weekend. Everything else you can do during the day as long as you know your settings are right. Once you have it upgraded let it run for a few days again and watch the error logs. Once you are sure that it is working turn on your new server running 2003 and add it to the domain as a new dc in an existing forest. Then run dcpromo on it to promote it to the main DC. You’ll need to turn on global catalog on it also. This should transfer all setting over to the new box. Once everything is replicated you can run dcpromo on the pivot box and remove it. One thing to note: buy a tool called upromote. You need to buy the old PDC NT server back to a standalone before you can remove it form the domain (unless your new server will not have the same name, in this case never mind). Hope this helps. Take a look at Microsoft’s site. They have a big doc for doing this.

Discuss This Question: 9  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Bouncybrit
    The old PDC will be a problem unless you remove it from the domain the old fashioned way or upgrade it to a 2003 domain controller and then do dcpromo to remove its DC roles. you also have to do dcpromo on the pivot controller to remove its DC roles. remember to make sure that all the FMSO roles as well as the GC are transferred to the new domain controller before taking the pivot controller offline.
    10 pointsBadges:
    report
  • Hamel01
    Sorry i should of been a little more clearer. The UPROMOTE tool will take the old nt PDC (which after you do the upgrade is sitting as a BDC) and make it a stand alone server in it's own workgroup. As far as i know this is the only way to do it besides editing the domain files to show that it is not there.
    0 pointsBadges:
    report
  • SSMNetlander
    Myself, I have done a lot of upgrades and migrations. I would not ever upgrade NT4 or W2K to W2k3, very different hive structure indeed, to complicate future patching and service packing for sure. Are you running Exchange and going to Exchange 2003? If so, you will want to use the ADC wizard. Plus there are a lot of migration tools for this and a simple set of processes for this matter. Looking in Knowledgebase, you will start finding a lot of articles of common mistakes people make too often, in taking shortcuts and or unknowledgeable steps. You will need to run your 2003 ADS in mixed mode until you fully transfer over to only 2003 DC's. Make sure you learn the X.500 distinguished name protocol, then you will learn what your new 2003 DC will do with the NT4 flat domain. You learn that, you will have it 70% whipped. Forget about GPO's for now, just replace the old Domain. If you are running Exchange, you will have to upgrade to all 2003 and put that in "native" mode and then you can go "native" mode in ADS. Also, learn any special tweeks some admins had done to the Domain and its registries. Any wierdness will be inherited to the ADS, consequently causing deep rooted cleanups later on. Which will require MMC'g into ADSIEDIT (rktools) to clean up, also using Knowledgebase for instructions on specific matters. A book that can help, "Active Directory Cookbook for Windows Server 2003 & Windows 2000" by O'Reilly. Good luck, take your time, read every error, positive or negative.
    0 pointsBadges:
    report
  • Astronomer
    This may be overkill for you but I recommend reading the microsoft domain migration cookbook so you will understand what is involved. Here is the link: http://www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/cookbook/default.mspx Things are easier with 2003 but this explains what you are touching. We used it to figure out how we wanted to do the upgrade then used the automated tools in 2003. The only hitch we had was the NT4 domain controllers with 1gig C: partitions. We had to remove them from the new domain the hard way. rt
    15 pointsBadges:
    report
  • Jcan123
    If you want a clean start with a new fresh Windows 2003 domain, then look at Quest software. You can transfer users from NT 4 domain to Win 2000 or Win 2003 or even between to Win 2003 Forest. Included is a utility to migrate users profiles on their desktops. We have done this in our environment both from NT 4 to Win2000 and from Win 2003 to a brand new Win2003 forest. Just to make sure you're getting rid of all that upgrading sh.....
    0 pointsBadges:
    report
  • TheVyrys
    For those of you offering suggestions, I requested more info on this subject and learned that this is a single server environment with 25 users. Just thought everyone would like to know so that they could finetune their answers a little....
    0 pointsBadges:
    report
  • Inamhaque
    Dear All, Thanks for your valuable suggestions, All answers have a depth of their real life encounters, its really very helpful to know what involves in this excercise. Please keep posting, this exchange of knowlege will really help all of us, making ready for different scenrio and enviorment.
    15 pointsBadges:
    report
  • Guardian
    I would go for the fresh installation if possible. And just migrate most of you server areas that you require. Upgrading always has a posibility of problems shifted to the next of through that upgrade creating other unforseeable problems which occur in the future. But time is what matters and most important is to have a clean working and operating environment.There are a lot of migration tools. Regards Newton
    900 pointsBadges:
    report
  • Boardinhank
    Single server is what I am reading. sounded like you were going to have an old one being retired and the new 2003 on a new box. If it were me and that was the case where I could have both boxes online at the same time seeing as how the new 2003 server would technically like you to use a .com or something of the sort in your domain I would make it different than your old domain. Taking full advantage of active directory set up some different OU's groups etc for the 25 users. Only 25 I would not worry about migrating them. start from scratch. do it right after all you have proboly delt with issues or things you would not like to deal with in a new environment. Haveing both domains will allow you to migrate users one at a time. adding them to the new 2003 domain. getting new DNS settings etc. Work out the access details on a by user basis till you are so efficient at the transition from old to new that you can just bust through them. This way you will work on old till everyone is on the new with all the balls and whistles
    60 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following