Retaining a Windows 2000 AD Controller after SBS 2003 upgrade

It might be a bizarre concept, but can you add a Windows 2000 Standard Server
to an SBS Domain?

The situation is this - we plan to migrate from a single Windows 2000 Server
to a new SBS 2003 server, and would like to avoid having a new domain name,
so we are thinking of preparing the forest, installing the new server as
Windows 2003 Standard, moving all the FSMO roles to the new server, then
in-place upgrading the new server to SBS 2003. The original server we would
like to maintain as a replica DC for load balancing authentication. If I
really have to I'll rebuild that with 2003 Server but given the cost of the
licensing I cant see any great benefit of using 2003 over 2000 other than the
fact that we know 2003 server will perform well as a replica DC.

TIA

Simon.

Yes, you can add a Windows 2000 server to an SBS domain. The SBS server must
hold all FSMO roles and be the root of the forest. Otherwise you can add as
many servers as you desire including additional Domain Controllers (for the
same domain).

You upgrade plan looks okay as long as you have only a single domain (which
I believe you do).

Chris

"Simon Beckett" wrote:

> It might be a bizarre concept, but can you add a Windows 2000 Standard Server
> to an SBS Domain?
>
> The situation is this - we plan to migrate from a single Windows 2000 Server
> to a new SBS 2003 server, and would like to avoid having a new domain name,
> so we are thinking of preparing the forest, installing the new server as
> Windows 2003 Standard, moving all the FSMO roles to the new server, then
> in-place upgrading the new server to SBS 2003. The original server we would
> like to maintain as a replica DC for load balancing authentication. If I
> really have to I'll rebuild that with 2003 Server but given the cost of the
> licensing I cant see any great benefit of using 2003 over 2000 other than the
> fact that we know 2003 server will perform well as a replica DC.
>
> TIA
>
> Simon.
>

From MS:
For a valid migration from old box to new.

1. Setup new SBS server and add it to the original domain. Transfer all
roles from older one to new one and retire the
older server. I will list the detailed steps below.

2. Swing method.

http://www.sbsmigration.com
Note: this is a third-party method and not supported by Microsoft

3. M&M's solution.

How do I move my server to new hardware
http://www.smallbizserver.net/Default.aspx?tabid=99

Note: this is also a third-party method


Method 1# how to add SBS 2k3 server to an existing domain
================================================== ===============

Following steps for above task for your reference.

Note: in the following steps "SBS 2003 computer" means the new server

1. Start the installation of SBS 2003 by inserting CD 1 into the CD or DVD
drive.
2. When the operating system is installed and the computer restarts and
continues with the integrated Setup
program, click Cancel to stop the integrated Setup program.

Note You must cancel the integrated Setup program at this point. If you
continue with the integrated Setup, you
cannot join the SBS 2003 computer to the existing domain.
3. On the SBS 2003 computer, configure a static IP address on the network
card and make sure to configure
DNS to include the existing server that hosts the Active Directory zone.

Note You can ping other computers on the network by using their Fully
Qualified Domain Names (FQDNs) after you
complete this procedure.
4. Run the Dcpromo.exe program on the SBS 2003 computer to join the existing
domain.

Note Do not create a new forest and do not create a child domain.
a. Click Start, click Run, type dcpromo, and then click OK.
b. Click Next two times.
c. Click Additional Domain Controller for an existing domain, and then click
Next.
d. Enter the credentials for the domain administrator account, and then
click Next.
e. In the Domain name area, type the FQDN for the Active Directory domain
namespace that you want to join,
and then click Next. For example, type contoso.local. If you are not sure of
the FQDN, you can click Browse to select
the correct domain.
f. Click Next to accept the default locations for the Database and Log
folders.
g. Click Next to accept the default locations for the shared system volume.

Note If you have to change the location of the shared system volume, you
must select an NTFS file system volume.
h. Type the Directory Services Restore Mode administrator password, and then
click Next.

Note This is the password that you would use in Directory Services Restore
Mode or when you use Recovery Console.
i. On the Summary screen, click Next to start the Dcpromo.exe program. This
process may take several minutes.
j. Click Finish to complete the Dcpromo.exe program, and then click Restart
Now.
k. Log on to the computer after it restarts and confirm that the computer
has been successfully promoted to a
domain controller. To do this, click Start, click Run, type cmd, and then
click OK.
l. At the command prompt, type gettype, and then press ENTER. The output
should read as follows:
m. Host Name: ServerName
Name: Windows Server 2003 for Small Business Server
n.
Version: 5.2 Build 3790
o.
Role: Domain Controller
Components: Not Installed
5. Install the DNS server service. To do this, follow these steps:
a. Click Start, point to Control Panel, and then click Add/Remove Programs.
b. Click Add/Remove Windows Components.
c. In the Windows Components list, double-click Networking Services.
d. Click to select the Domain Name System (DNS) check box, and then click
OK.
e. Click Next, and then click Finish.

For additional information about how to configure a DNS server, visit the
following Microsoft Web site:
http://www.microsoft.com/resources/d...d/proddocs/en-
us/dns_server_role.asp
6. Promote the SBS 2003 computer to a global catalog server. To do this,
follow these steps:
a. Click Start, point to Administrative Tools, and then click Active
Directory Sites and Services.
b. Expand Sites, expand Default-First-Site-Name, expand Servers, expand your
SBS 2003 computer, right-click
NTDS Settings, and then click Properties.
c. Click the General tab, click to select the Global catalog check box to
assign the role of global catalog to this
computer, and then click OK.
d. Restart the computer.

Note Wait for the account and the schema information to replicate to the new
global catalog server. Wait for event
1119 or event 1869 to be logged in the Directory Services event log with a
description that states that the computer is
now advertising itself as a global catalog server.
7. After the new computer is successfully promoted to a global catalog
server, remove any other global catalog
servers in the domain. To do this, follow these steps:
a. Click Start, point to Administrative Tools, and then click Active
Directory Sites and Services.
b. In the console pane, expand Sites, and then expand
Default-First-Site-Name.
c. Expand Servers, expand any computers other than your SBS 2003 computer,
right-click NTDS Settings, and
then click Properties.

Note You may have to repeat this step more than one time if more than one
computer is listed, other than the SBS 2003
computer.
d. On the General tab, click to clear the Global catalog check box to assign
the role of global catalog to this
computer, and then click OK.

Note If the Global catalog check box is not selected, go to step 8.
e. Restart any computers where you removed the global catalog server role.

Note Wait for the account and the schema information to replicate to the new
global catalog server.
8. Transfer the FSMO roles to the SBS 2003 computer. To do this, follow
these steps for each FSMO role:
a. Transfer the Relative ID (RID) Master role. To do this:
i. Click Start, point to Administrative Tools, and then
click Active Directory Users and Computers.
ii. Right-click your organization name, click All Tasks,
and then click Operations Masters.
iii. In the Operations Masters dialog box, click the RID
tab.
iv. In the Operations Masters dialog box, click Change.
v. Click Yes to confirm that you want to transfer the
role, and then click OK.
b. Transfer the PDC Emulator role. To do this:
1. Click Start, point to Administrative Tools, and then click Active
Directory Users and Computers.
2. Right-click your organization name, click All Tasks, and then click
Operations Masters.
3. In the Operations Masters dialog box, click the PDC tab.
4. In the Operations Masters dialog box, click Change.
5. Click Yes to confirm that you want to transfer the role, and then click
OK.
c. Transfer the Relative ID (RID) Master role. To do this:
1. Click Start, point to Administrative Tools, and then click Active
Directory Users and Computers.
2. Right-click your organization name, click All Tasks, and then click
Operations Masters.
3. In the Operations Masters dialog box, click the Infrastructure tab.
4. In the Operations Masters dialog box, click Change.
5. Click Yes to confirm that you want to transfer the role, and then click
OK.
d. Transfer the Domain Naming Master role. To do this:
1. Click Start, point to Administrative Tools, and then click Active
Directory Domains and Trusts.
2. Right-click Active Directory Domains and Trusts, and then click
Operations Master.
3. In the Change Operations Master dialog box, click Change .
4. Click Yes to confirm that you want to transfer the role, and then click
OK.
5. Click Close to close the dialog box.
e. Transfer the Schema Master role. To do this:

. You can use the Schema Master tool to transfer the
role. However, the Schmmgmt.dll file must be
registered to use the Schema Master tool as an MMC snap-in. To register
Schmmgmt.dll, click Start, click Run, type
regsvr32 schmmgmt.dll, and then click OK.

Note You receive a message that confirms that the registration was
successful.
a. Click Start, click Run, type mmc, and then click OK.
b. Click File, and then click Add/Remove Snap-in.
c. In the Description area, click Add.
d. Click Active Directory Schema, click Add, and then
click Close.
e. Click OK.
f. Right-click Active Directory Schema, and then click
Change Domain Controller.
g. In the Select DC area, click Specify Name, type the
name of the SBS 2003 computer, and then click OK.
h. Right-click Active Directory Schema, and then click
Operations Master.
i. In the Change Schema Master dialog box, click Change.
j. Click Yes, click OK, and then click Close.
For additional information, click the following article number to view the
article in the Microsoft Knowledge Base:
324801 How to view and transfer FSMO roles in Windows Server 2003

9. Move the site licensing server to the SBS 2003 computer. To do this:
a. On the SBS 2003 computer, click Start, point to Administrative Tools, and
then click Active Directory Sites
and Services.
b. Expand Sites, and then click Default-First-Site-Name.
c. Right-click Licensing Site Settings, and then click Properties.
d. Click Change, type the name of the new SBS 2003 computer in the Enter the
object name to select area, and
then click OK.
e. Click OK to close the Licensing Site Settings Properties dialog box.

For additional information, click the following article number to view the
article in the Microsoft Knowledge Base:
273475 Licensing in Windows 2000 and differences with Windows NT 4.0

10. Wait for the new Active Directory objects to replicate to the SBS 2003
computer. The time this takes depends
on the Active Directory size and on network performance. You can view the
Directory Service event log to verify that
replication has completed successfully. The SBS 2003 integrated Setup
program may not continue if replication has
not completed or if replication has failed.

To test replication, you can create a new test user on a domain controller
and after several minutes confirm the object
has been replicated to the SBS 2003 computer. You can also force replication
from a domain controller. To do this:
a. On the SBS 2003 computer, click Start, point to Administrative Tools, and
then click Active Directory Sites
and Services.
b. In the left pane, expand Default-First-Site-Name, expand Servers, and
then expand the domain controller
that you want to replicate from.
c. Click NTDS Settings. One or more objects are listed in the right pane.
One of those objects is a link to the
domain controller you want to replicate from. To see the "friendly" name of
the object, right-click the object and view
the name. Right-click the domain controller object, and then click Replicate
Now. The replication is performed
immediately.
11. Change the DNS settings on all domain controllers to point to the new
SBS 2003 computer as the primary DNS
server. To do this, follow these steps.

Note Follow these steps on all domain controllers in the Active Directory,
including the SBS 2003 computer.
a. Click Start, point to Control Panel, point to Network Connections,
right-click the internal network connection,
and then click Properties.
b. Click to select Internet Protocol (TCP/IP), and then click Properties.
c. Change the preferred DNS server. Type the IP address of the SBS 2003
computer as the preferred DNS
server. Also, make this change on the SBS 2003 computer.

Note The alternative DNS server can point to the previous preferred DNS
server as long as it is a server that hosts the
Active Directory zone.
12. On the SBS 2003 computer, insert the SBS 2003 CD 1 into the CD or DVD
drive and continue with the
integrated Setup of SBS 2003 and its components.
13. If you already have Microsoft Exchange Server installed in the
organization, the integrated Setup installs
Exchange Server into the existing organization. If you already have an
Exchange 2003 Server or an Exchange 2000
Server in your organization, and you plan to retire that Exchange Server,
you can move the mailboxes and public
folders to the new Exchange 2003 Server before you retire the old Exchange
Server. To do this:
a. On the existing Exchange Server in the organization, open Exchange System
Manager. To do this, click Start,
point to All Programs, point to Microsoft Exchange, and then click System
Manager.
b. At the top of the tree in the left pane, right-click the Organization
Name (Exchange) icon, and then click
Properties.
c. Click to select the Display administrative groups check box, click to
select the Display routing groups check
box, and then click OK.
d. Expand the Recipients container, and then click Recipient Update
Services.
e. Double-click each entry, and then enter the name of the new Exchange
Server that is running on the SBS 2003
computer in the Exchange server area.
f. Expand Administrative Groups, expand Administrative Group Name, expand
Routing Groups, and then expand
First Routing Group.
g. Click Connectors, right-click your SMTP connector if it is present,
change the server that is listed in the Local
bridgeheads area to the new SBS 2003 computer, and then click OK.
h. In the left pane, under First Routing Group, click Members.
i. In the right pane, right-click the new SBS 2003 computer, and then click
Set as Master.
j. In the left pane, expand Administrative Groups, expand Administrative
Group Name, expand Servers, and then
expand the Exchange Server that existed before you added the new Exchange
Server on the SBS 2003 computer.
k. Expand First Storage Group, expand Mailbox Store, and then click
Mailboxes.
l. Select all the mailboxes, right-click the mailboxes, and then click
Exchange Tasks.
m. In the Exchange Task Wizard, click Move Mailbox, and then click Next.
n. Click to select the new SBS 2003 computer in the Server list, and then
click Next.
o. Specify how you want the Move Mailbox procedure to handle corrupted
messages, and then click Next two
times to re-home all the mailboxes to the new SBS 2003 computer.

Note This procedure also re-homes the public folders to the new SBS 2003
computer.
p. Click Finish.
q. As soon as replication is successful, remove Exchange Server from the
computer that is to be retired. If the
computer that is to be retired is also a domain controller, run the
Dcpromo.exe program to remove this computer from
the domain before you physically retire it.

Note You must instruct all Exchange Server users to point to the new
Exchange Server.

For additional information, click the following article number to view the
article in the Microsoft Knowledge Base:
822931 How to remove the first Exchange 2003 Server computer from the
administrative group

If a domain controller is physically removed and the Active Directory
Installation Wizard (Dcpromo.exe) is not run
first to demote the domain controller to a member server, the computer
object still exists as a domain controller in
Active Directory. The previous computer object must be removed from Active
Directory. For additional information
about how to manually remove the configuration data for the domain
controller from Active Directory, click the
following article number to view the article in the Microsoft Knowledge
Base:

216498 How to remove data in Active Directory after an unsuccessful domain
controller demotion

Note Before you physically retire any domain controller on the network, make
sure you demote the domain controller
by using the Dcpromo.exe program.

Hope that helps and have a good day!

"Chris" <> wrote in message
news:550C2679-2C66-453A-840E-...
> Yes, you can add a Windows 2000 server to an SBS domain. The SBS server
> must
> hold all FSMO roles and be the root of the forest. Otherwise you can add
> as
> many servers as you desire including additional Domain Controllers (for
> the
> same domain).
>
> You upgrade plan looks okay as long as you have only a single domain
> (which
> I believe you do).
>
> Chris
>
> "Simon Beckett" wrote:
>
>> It might be a bizarre concept, but can you add a Windows 2000 Standard
>> Server
>> to an SBS Domain?
>>
>> The situation is this - we plan to migrate from a single Windows 2000
>> Server
>> to a new SBS 2003 server, and would like to avoid having a new domain
>> name,
>> so we are thinking of preparing the forest, installing the new server as
>> Windows 2003 Standard, moving all the FSMO roles to the new server, then
>> in-place upgrading the new server to SBS 2003. The original server we
>> would
>> like to maintain as a replica DC for load balancing authentication. If I
>> really have to I'll rebuild that with 2003 Server but given the cost of
>> the
>> licensing I cant see any great benefit of using 2003 over 2000 other than
>> the
>> fact that we know 2003 server will perform well as a replica DC.
>>
>> TIA
>>
>> Simon.
>>