Migrate 2003 domain to 2008 domain

I am starting the process to upgrade a Windows 2003 domain to a
Windows 2008 domain. We are running a new seperate server for 2008. Is
there a good white paper for this transition.

I also have a client whom I am working with that we will be doing
something similar with but it is a SBS 2003 domain and wanting to go to a
2008 Domain. Would like to get started with some white papers on the
process.

Any help or direction would be great.

Hello Brian,

Part one:

!!!NEVER START BEFORE HAVING CREATED AND TESTED A BACKUP OF YOUR DATA/MACHINE!!!


- On the old server open DNS management console and check that you are running
Active directory integrated zone (easier for replication, if you have more
then one DNS server)

- run replmon from the run line or repadmin /showrepl, dcdiag and netdiag
from the command prompt on the old machine to check for errors, if you have
some post the complete output from the command here or solve them first.
For this tools you have to install the support\tools\suptools.msi from the
2003 installation disk.

- run adprep /forestprep and adprep /domainprep and adprep /rodcprep from
the 2008 installation disk against the 2003 schema master, with an account
that is member of the Schema admins, to upgrade the schema to the new version
(44), you can check the version with "schupgr" in a command prompt.

- Install the new machine as a member server in your existing domain

- configure a fixed ip and set the preferred DNS server to the old DNS server
only

- run dcpromo and follow the wizard to add the 2008 server to an existing
domain, make it also Global catalog.

- if you are prompted for DNS configuration choose Yes. If not, install DNS
role after promotion.

- for DNS give the server time for replication, at least 15 minutes. Because
you use Active directory integrated zones it will automatically replicate
the zones to the new server. Open DNS management console to check that they
appear

- if the new machine is domain controller and DNS server run again replmon,
dcdiag and netdiag (copy the netdiag from the 2003 to 2008, will work) on
both domain controllers

- Transfer, NOT seize the 5 FSMO roles to the new Domain controller (http://support.microsoft.com/kb/324801
applies also for 2008)

- you can see in the event viewer (Directory service) that the roles are
transferred, also give it some time

- reconfigure the DNS configuration on your NIC of the 2008 server, preferred
DNS itself, secondary the old one

- if you use DHCP do not forget to reconfigure the scope settings to point
to the new installed DNS server

- export and import of DHCP database for 2008 choose "netshell dhcp backup"
and "netshell dhcp restore" command (http://technet.microsoft.com/en-us/l.../cc772372.aspx)



Demoting the old DC (if needed)

- reconfigure your clients/servers that they not longer point to the old
DC/DNS server on the NIC

- to be sure that everything runs fine, disconnect the old DC from the network
and check with clients and servers the connectivity, logon and also with
one client a restart to see that everything is ok

- then run dcpromo to demote the old DC, if it works fine the machine will
move from the DC's OU to the computers container, where you can delete it
by hand. Can be that you got an error during demoting at the beginning, then
uncheck the Global catalog on that DC and try again

- check the DNS management console, that all entries from the machine are
disappeared or delete them by hand if the machine is off the network for ever

- also you have to start AD sites and services and delete the old servername
under the site, this will not be done during demotion

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> I am starting the process to upgrade a Windows 2003 domain to a
> Windows 2008 domain. We are running a new seperate server for 2008.
> Is there a good white paper for this transition.
>
> I also have a client whom I am working with that we will be
> doing something similar with but it is a SBS 2003 domain and wanting
> to go to a 2008 Domain. Would like to get started with some white
> papers on the process.
>
> Any help or direction would be great.
>

Hello Brian,

Part two, SBS:

Will you transition from the SBS to a "normal" windows domain or should it
be also SBS 2008?

For transition to "normal" domain:
As far as i know until now there is no transition pack available, call MS
support for that. I suggest to post to: microsoft.public.windows.server.sbs

To SBS 2008:
Keep in mind that SBS 2008 will only run on 64bit system, 32bit is not available
with 2008.
http://technet.microsoft.com/en-us/l.../cc546034.aspx
Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> I am starting the process to upgrade a Windows 2003 domain to a
> Windows 2008 domain. We are running a new seperate server for 2008.
> Is there a good white paper for this transition.
>
> I also have a client whom I am working with that we will be
> doing something similar with but it is a SBS 2003 domain and wanting
> to go to a 2008 Domain. Would like to get started with some white
> papers on the process.
>
> Any help or direction would be great.
>

I am also starting the process of replacing two of my Windows Server 2003 DCs
to Windows Server 2008. The approach for my upgrade process is replacing
domain controllers due to old hardware.

In my environment, there are three domains controllers and all are running
Windows Server 2003 Std without any service pack installed. All clients are
running on WinXP SP2 or SP3. No DHCP server is used in my environment. All
are IP hard-coded.

Two of the DCs are GC and AD-integrated zone DNS.

The steps/procedures I got from Meinolf (thank you) to complete the
migration are as follows:

1) Install Win2003 SP1 or SP2 on all three Win2003 DCs.
2) Run repadmin /showrepl, dcdiag and netdiag on the DC then check for any
error.
3) Join the two new Win2008 servers on the domain as member server.
4) Run adprep.exe /forestprep on the schema master role holder DC.
5) Run adprep.exe /domainprep /gpprep then run adprep.exe /rodcprep on the
infrastructure master role holder DC.
6) Add the AD DS role on to the two Win2008 servers.
7) Use the NTDSUTIL to move the forestwide OM roles to one of the Win2008 DC.
8) Use the NTDSUTIL to move the domainwide OM roles to the Win2008 DC chosen
on step (6).
9) Run dcpromo to demote the two old Win2003 DCs.
10) Use ADSIEdit to retire "phantom" DCs.
11) Move AD-integrated DNZ zones to the newly created partitions.
12) Turn off the two Win2003 server on step (8).

Am I missing any steps on the migration?

So, the question I have is since all devices are IP hard-coded and by
choosing the replacing approach, will all the clients fail on DNS query until
I physically change their DNS entry on their LAN settings?

Any comment or feedback will be greatly appreciated. Thank you.

KC

Hello KC,
I think your step 3 Join the two new Win2008 servers on the domain as member
server should be after step 5 and your step 11 should be after step 6.

As regard to your last question, I will suggest after you dcpromo the 2 w2k8
servers into DC, wait and make sure they are all replicating and fully
functional as DC. Then, install DNS on the w2k8 box(es) change the hard
coded IPs one by one to point to the w2k8 boxes for dns and verify using
nslookup etc that they can be resolved. Then ove fsmo roles
So, the hardcoded clients will still be looking on w2k3 boxes for dns until
you manually change the settings, that is why it is advised to shot down the
w2k3 boxes until dns is fully functional on the w2k8 boxes

--
Isaac Oben [MCTIP:EA, MCSE]
"KC" <> wrote in message
news:7FD3CF81-C989-4004-ACF5-...
>I am also starting the process of replacing two of my Windows Server 2003
>DCs
> to Windows Server 2008. The approach for my upgrade process is replacing
> domain controllers due to old hardware.
>
> In my environment, there are three domains controllers and all are running
> Windows Server 2003 Std without any service pack installed. All clients
> are
> running on WinXP SP2 or SP3. No DHCP server is used in my environment.
> All
> are IP hard-coded.
>
> Two of the DCs are GC and AD-integrated zone DNS.
>
> The steps/procedures I got from Meinolf (thank you) to complete the
> migration are as follows:
>
> 1) Install Win2003 SP1 or SP2 on all three Win2003 DCs.
> 2) Run repadmin /showrepl, dcdiag and netdiag on the DC then check for any
> error.
> 3) Join the two new Win2008 servers on the domain as member server.
> 4) Run adprep.exe /forestprep on the schema master role holder DC.
> 5) Run adprep.exe /domainprep /gpprep then run adprep.exe /rodcprep on the
> infrastructure master role holder DC.
> 6) Add the AD DS role on to the two Win2008 servers.
> 7) Use the NTDSUTIL to move the forestwide OM roles to one of the Win2008
> DC.
> 8) Use the NTDSUTIL to move the domainwide OM roles to the Win2008 DC
> chosen
> on step (6).
> 9) Run dcpromo to demote the two old Win2003 DCs.
> 10) Use ADSIEdit to retire "phantom" DCs.
> 11) Move AD-integrated DNZ zones to the newly created partitions.
> 12) Turn off the two Win2003 server on step (8).
>
> Am I missing any steps on the migration?
>
> So, the question I have is since all devices are IP hard-coded and by
> choosing the replacing approach, will all the clients fail on DNS query
> until
> I physically change their DNS entry on their LAN settings?
>
> Any comment or feedback will be greatly appreciated. Thank you.
>
> KC
>
>
>

Thank you Isaac for the quick response. If I understood you correctly, the
migration procedures/steps should be as follows:

1) Install Win2003 SP1 or SP2 on all three Win2003 DCs.
2) Run repadmin /showrepl, dcdiag and netdiag on the DC then check for any
error.
3) Run adprep.exe /domainprep /gpprep then run adprep.exe /rodcprep on the
infrastructure master role holder DC.
4) Run adprep.exe /forestprep on the schema master role holder DC.
5) Join the two new Win2008 servers on the domain as member server.
6) Add the AD DS role without DNS server and GC on to the two Win2008 servers.
7) Verify all DC replications are fully functional and check for any error.
8) Add DNS server and GC to the newly Win2008 servers.
9) Move AD-integrated DNS zones to the newly created partitions on the new
Win2008 servers.
10) Change the client's DNS entry on LAN settings to point to the new
Win2008 DCs one client at a time and make sure the name resolution is
working. Check the DNS event log.
11) Use the NTDSUTIL to move the forestwide OM roles to one of the Win2008 DC.
12) Use the NTDSUTIL to move the domainwide OM roles to the Win2008 DC
chosen on step (11).
13) Run dcpromo to demote the two old Win2003 DCs.
14) Use ADSIEdit from Win2008 DC to retire "phantom" domain controller.
15) Turn off the two Win2003 servers.

Thanks again.
KC

Hello KC,

See inline

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Thank you Isaac for the quick response. If I understood you correctly,
> the migration procedures/steps should be as follows:
>
> 1) Install Win2003 SP1 or SP2 on all three Win2003 DCs.

SP2 and all latest patches to make sure the OS is complete for the upgrade
to 2008.

> 2) Run repadmin /showrepl, dcdiag and netdiag on the DC then check for
> any
> error.

Check any DC for errors.

> 3) Run adprep.exe /domainprep /gpprep then run adprep.exe /rodcprep on
> the
> infrastructure master role holder DC.

You have to start with adprep /forestprep and then /domainprep, /gpprep is
not needed when upgrading from 2003 (you can run it if you like). Also run
adprep /rodcprep to prepare for Read-only domain controllers, maybe you like
to have them in the future and so this is done. If you have split the FSMO
roles you have to choose the correct FSMO DC, thats fine.

> 4) Run adprep.exe /forestprep on the schema master role holder DC.

See above.

> 5) Join the two new Win2008 servers on the domain as member server.

Ok, make sure to point the preferred DNS only to one acting DC/DNS server
until replication after promoting later is done.

> 6) Add the AD DS role without DNS server and GC on to the two Win2008
> servers.

Why? Do it direct during promotion, no problem and all is replicated complete
AD, DNS and GC.

> 7) Verify all DC replications are fully functional and check for any
> error.

To use netdiag on 2008 you have to copy the netdiag.exe from 2003 to the
2008 windows\system32 folder, not included as the others. Works also without
any problem on 2008.

> 8) Add DNS server and GC to the newly Win2008 servers.

See above.

> 9) Move AD-integrated DNS zones to the newly created partitions on the
> new
> Win2008 servers.

See above.

> 10) Change the client's DNS entry on LAN settings to point to the new
> Win2008 DCs one client at a time and make sure the name resolution is
> working. Check the DNS event log.

Ok.

> 11) Use the NTDSUTIL to move the forestwide OM roles to one of the
> Win2008 DC.

You can also use the AD management consoles. http://support.microsoft.com/kb/324801

> 12) Use the NTDSUTIL to move the domainwide OM roles to the Win2008 DC
> chosen on step (11).

You can also use the AD management consoles. http://support.microsoft.com/kb/324801

> 13) Run dcpromo to demote the two old Win2003 DCs.

WAIT until you have really tested all functionality for some days. For the
test just remove the network cable form the old DC's so that all must run
with the new ones. If every service/application/role is working as expected,
reconnect, let them replicate again, check replication and then start with
demotion.

> 14) Use ADSIEdit from Win2008 DC to retire "phantom" domain
> controller.

If demotion is succesful, you have only to remove the old DC names from AD
sites and services. Also DNS has to be cleaned up from the old servers and
record's.

> 15) Turn off the two Win2003 servers.

After demotion the servers will move in AD UC to the computers container,
so you have to delete them there if you will not longer use the servers as
member servers in the domain.

> Thanks again.
> K

Hi Meinolf, thank you for the response. If the environment has over thousand
of clients, changing the DNS settings per client might not be very practical
if you have limited staff. Is there a way where you still do the replacement
with new server hardware and with new server name but you reuse the old IP
address for DNS sake? Thanks again.

"Meinolf Weber [MVP-DS]" wrote:

> Hello KC,
>
> See inline
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
> > Thank you Isaac for the quick response. If I understood you correctly,
> > the migration procedures/steps should be as follows:
> >
> > 1) Install Win2003 SP1 or SP2 on all three Win2003 DCs.
>
> SP2 and all latest patches to make sure the OS is complete for the upgrade
> to 2008.
>
> > 2) Run repadmin /showrepl, dcdiag and netdiag on the DC then check for
> > any
> > error.
>
> Check any DC for errors.
>
> > 3) Run adprep.exe /domainprep /gpprep then run adprep.exe /rodcprep on
> > the
> > infrastructure master role holder DC.
>
> You have to start with adprep /forestprep and then /domainprep, /gpprep is
> not needed when upgrading from 2003 (you can run it if you like). Also run
> adprep /rodcprep to prepare for Read-only domain controllers, maybe you like
> to have them in the future and so this is done. If you have split the FSMO
> roles you have to choose the correct FSMO DC, thats fine.
>
> > 4) Run adprep.exe /forestprep on the schema master role holder DC.
>
> See above.
>
> > 5) Join the two new Win2008 servers on the domain as member server.
>
> Ok, make sure to point the preferred DNS only to one acting DC/DNS server
> until replication after promoting later is done.
>
> > 6) Add the AD DS role without DNS server and GC on to the two Win2008
> > servers.
>
> Why? Do it direct during promotion, no problem and all is replicated complete
> AD, DNS and GC.
>
> > 7) Verify all DC replications are fully functional and check for any
> > error.
>
> To use netdiag on 2008 you have to copy the netdiag.exe from 2003 to the
> 2008 windows\system32 folder, not included as the others. Works also without
> any problem on 2008.
>
> > 8) Add DNS server and GC to the newly Win2008 servers.
>
> See above.
>
> > 9) Move AD-integrated DNS zones to the newly created partitions on the
> > new
> > Win2008 servers.
>
> See above.
>
> > 10) Change the client's DNS entry on LAN settings to point to the new
> > Win2008 DCs one client at a time and make sure the name resolution is
> > working. Check the DNS event log.
>
> Ok.
>
> > 11) Use the NTDSUTIL to move the forestwide OM roles to one of the
> > Win2008 DC.
>
> You can also use the AD management consoles. http://support.microsoft.com/kb/324801
>
> > 12) Use the NTDSUTIL to move the domainwide OM roles to the Win2008 DC
> > chosen on step (11).
>
> You can also use the AD management consoles. http://support.microsoft.com/kb/324801
>
> > 13) Run dcpromo to demote the two old Win2003 DCs.
>
> WAIT until you have really tested all functionality for some days. For the
> test just remove the network cable form the old DC's so that all must run
> with the new ones. If every service/application/role is working as expected,
> reconnect, let them replicate again, check replication and then start with
> demotion.
>
> > 14) Use ADSIEdit from Win2008 DC to retire "phantom" domain
> > controller.
>
> If demotion is succesful, you have only to remove the old DC names from AD
> sites and services. Also DNS has to be cleaned up from the old servers and
> record's.
>
> > 15) Turn off the two Win2003 servers.
>
> After demotion the servers will move in AD UC to the computers container,
> so you have to delete them there if you will not longer use the servers as
> member servers in the domain.
>
> > Thanks again.
> > KC
>
>
>

Hello KC,
You can use a simple script in powershell or vbscript to accomplished this.

--
Isaac Oben [MCTIP:EA, MCSE]
"KC" <> wrote in message
news:05D5D1CE-17B4-4B16-B69C-...
> Hi Meinolf, thank you for the response. If the environment has over
> thousand
> of clients, changing the DNS settings per client might not be very
> practical
> if you have limited staff. Is there a way where you still do the
> replacement
> with new server hardware and with new server name but you reuse the old IP
> address for DNS sake? Thanks again.
>
> "Meinolf Weber [MVP-DS]" wrote:
>
>> Hello KC,
>>
>> See inline
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>
>>
>> > Thank you Isaac for the quick response. If I understood you correctly,
>> > the migration procedures/steps should be as follows:
>> >
>> > 1) Install Win2003 SP1 or SP2 on all three Win2003 DCs.
>>
>> SP2 and all latest patches to make sure the OS is complete for the
>> upgrade
>> to 2008.
>>
>> > 2) Run repadmin /showrepl, dcdiag and netdiag on the DC then check for
>> > any
>> > error.
>>
>> Check any DC for errors.
>>
>> > 3) Run adprep.exe /domainprep /gpprep then run adprep.exe /rodcprep on
>> > the
>> > infrastructure master role holder DC.
>>
>> You have to start with adprep /forestprep and then /domainprep, /gpprep
>> is
>> not needed when upgrading from 2003 (you can run it if you like). Also
>> run
>> adprep /rodcprep to prepare for Read-only domain controllers, maybe you
>> like
>> to have them in the future and so this is done. If you have split the
>> FSMO
>> roles you have to choose the correct FSMO DC, thats fine.
>>
>> > 4) Run adprep.exe /forestprep on the schema master role holder DC.
>>
>> See above.
>>
>> > 5) Join the two new Win2008 servers on the domain as member server.
>>
>> Ok, make sure to point the preferred DNS only to one acting DC/DNS server
>> until replication after promoting later is done.
>>
>> > 6) Add the AD DS role without DNS server and GC on to the two Win2008
>> > servers.
>>
>> Why? Do it direct during promotion, no problem and all is replicated
>> complete
>> AD, DNS and GC.
>>
>> > 7) Verify all DC replications are fully functional and check for any
>> > error.
>>
>> To use netdiag on 2008 you have to copy the netdiag.exe from 2003 to the
>> 2008 windows\system32 folder, not included as the others. Works also
>> without
>> any problem on 2008.
>>
>> > 8) Add DNS server and GC to the newly Win2008 servers.
>>
>> See above.
>>
>> > 9) Move AD-integrated DNS zones to the newly created partitions on the
>> > new
>> > Win2008 servers.
>>
>> See above.
>>
>> > 10) Change the client's DNS entry on LAN settings to point to the new
>> > Win2008 DCs one client at a time and make sure the name resolution is
>> > working. Check the DNS event log.
>>
>> Ok.
>>
>> > 11) Use the NTDSUTIL to move the forestwide OM roles to one of the
>> > Win2008 DC.
>>
>> You can also use the AD management consoles.
>> http://support.microsoft.com/kb/324801
>>
>> > 12) Use the NTDSUTIL to move the domainwide OM roles to the Win2008 DC
>> > chosen on step (11).
>>
>> You can also use the AD management consoles.
>> http://support.microsoft.com/kb/324801
>>
>> > 13) Run dcpromo to demote the two old Win2003 DCs.
>>
>> WAIT until you have really tested all functionality for some days. For
>> the
>> test just remove the network cable form the old DC's so that all must run
>> with the new ones. If every service/application/role is working as
>> expected,
>> reconnect, let them replicate again, check replication and then start
>> with
>> demotion.
>>
>> > 14) Use ADSIEdit from Win2008 DC to retire "phantom" domain
>> > controller.
>>
>> If demotion is succesful, you have only to remove the old DC names from
>> AD
>> sites and services. Also DNS has to be cleaned up from the old servers
>> and
>> record's.
>>
>> > 15) Turn off the two Win2003 servers.
>>
>> After demotion the servers will move in AD UC to the computers container,
>> so you have to delete them there if you will not longer use the servers
>> as
>> member servers in the domain.
>>
>> > Thanks again.
>> > KC
>>
>>
>>

Hello. So, it is basically not a recommended approach to reuse the IP address
of the seized domain controller even it is being replaced with a new box, new
name and all. Am I correct? Thank you.

"Isaac Oben [MCITP,MCSE]" wrote:

> Hello KC,
> You can use a simple script in powershell or vbscript to accomplished this.
>
> --
> Isaac Oben [MCTIP:EA, MCSE]
> "KC" <> wrote in message
> news:05D5D1CE-17B4-4B16-B69C-...
> > Hi Meinolf, thank you for the response. If the environment has over
> > thousand
> > of clients, changing the DNS settings per client might not be very
> > practical
> > if you have limited staff. Is there a way where you still do the
> > replacement
> > with new server hardware and with new server name but you reuse the old IP
> > address for DNS sake? Thanks again.
> >
> > "Meinolf Weber [MVP-DS]" wrote:
> >
> >> Hello KC,
> >>
> >> See inline
> >>
> >> Best regards
> >>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>
> >>
> >> > Thank you Isaac for the quick response. If I understood you correctly,
> >> > the migration procedures/steps should be as follows:
> >> >
> >> > 1) Install Win2003 SP1 or SP2 on all three Win2003 DCs.
> >>
> >> SP2 and all latest patches to make sure the OS is complete for the
> >> upgrade
> >> to 2008.
> >>
> >> > 2) Run repadmin /showrepl, dcdiag and netdiag on the DC then check for
> >> > any
> >> > error.
> >>
> >> Check any DC for errors.
> >>
> >> > 3) Run adprep.exe /domainprep /gpprep then run adprep.exe /rodcprep on
> >> > the
> >> > infrastructure master role holder DC.
> >>
> >> You have to start with adprep /forestprep and then /domainprep, /gpprep
> >> is
> >> not needed when upgrading from 2003 (you can run it if you like). Also
> >> run
> >> adprep /rodcprep to prepare for Read-only domain controllers, maybe you
> >> like
> >> to have them in the future and so this is done. If you have split the
> >> FSMO
> >> roles you have to choose the correct FSMO DC, thats fine.
> >>
> >> > 4) Run adprep.exe /forestprep on the schema master role holder DC.
> >>
> >> See above.
> >>
> >> > 5) Join the two new Win2008 servers on the domain as member server.
> >>
> >> Ok, make sure to point the preferred DNS only to one acting DC/DNS server
> >> until replication after promoting later is done.
> >>
> >> > 6) Add the AD DS role without DNS server and GC on to the two Win2008
> >> > servers.
> >>
> >> Why? Do it direct during promotion, no problem and all is replicated
> >> complete
> >> AD, DNS and GC.
> >>
> >> > 7) Verify all DC replications are fully functional and check for any
> >> > error.
> >>
> >> To use netdiag on 2008 you have to copy the netdiag.exe from 2003 to the
> >> 2008 windows\system32 folder, not included as the others. Works also
> >> without
> >> any problem on 2008.
> >>
> >> > 8) Add DNS server and GC to the newly Win2008 servers.
> >>
> >> See above.
> >>
> >> > 9) Move AD-integrated DNS zones to the newly created partitions on the
> >> > new
> >> > Win2008 servers.
> >>
> >> See above.
> >>
> >> > 10) Change the client's DNS entry on LAN settings to point to the new
> >> > Win2008 DCs one client at a time and make sure the name resolution is
> >> > working. Check the DNS event log.
> >>
> >> Ok.
> >>
> >> > 11) Use the NTDSUTIL to move the forestwide OM roles to one of the
> >> > Win2008 DC.
> >>
> >> You can also use the AD management consoles.
> >> http://support.microsoft.com/kb/324801
> >>
> >> > 12) Use the NTDSUTIL to move the domainwide OM roles to the Win2008 DC
> >> > chosen on step (11).
> >>
> >> You can also use the AD management consoles.
> >> http://support.microsoft.com/kb/324801
> >>
> >> > 13) Run dcpromo to demote the two old Win2003 DCs.
> >>
> >> WAIT until you have really tested all functionality for some days. For
> >> the
> >> test just remove the network cable form the old DC's so that all must run
> >> with the new ones. If every service/application/role is working as
> >> expected,
> >> reconnect, let them replicate again, check replication and then start
> >> with
> >> demotion.
> >>
> >> > 14) Use ADSIEdit from Win2008 DC to retire "phantom" domain
> >> > controller.
> >>
> >> If demotion is succesful, you have only to remove the old DC names from
> >> AD
> >> sites and services. Also DNS has to be cleaned up from the old servers
> >> and
> >> record's.
> >>
> >> > 15) Turn off the two Win2003 servers.
> >>
> >> After demotion the servers will move in AD UC to the computers container,
> >> so you have to delete them there if you will not longer use the servers
> >> as
> >> member servers in the domain.
> >>
> >> > Thanks again.
> >> > KC
> >>
> >>
> >>
>