2000 to 2003 migration

Discussion in 'Server Migration' started by Dan Andrews, Oct 30, 2008.

  1. Dan Andrews

    Dan Andrews Guest

    Hello,
    I have a small 2 server windows 2000 domain with about 10 users. One is
    AD domain and the other a member of the domain. I have 2 new servers with
    2003 R2 installed and would like to know if it makes sense to try and use
    ADMT, or just manually create the users on the new system and move the user
    data over manually, then re-join the users to the new domain? If ADMT is
    easiest, what doc's are available to detail how to configure the new servers
    and old servers to allow ADMT to work. Or would I install AD on the new
    server adding it to the existing 2000 forest, then remove the 2000 server?
    Any ideas would be appreciated.
    Thank You,
    Dan
     
    Dan Andrews, Oct 30, 2008
    #1
    1. Advertisements

  2. Hello Dan,

    !!!NEVER START BEFORE HAVING CREATED AND TESTED A BACKUP OF YOU DATA/MACHINE!!!

    One question first:
    Is the old server also Exchange server and will it be taken out of the domain
    forever, when the new server is running?

    - On the old server open DNS management console and check that you are running
    Active directory integrated zone (easier for replication, if you have more
    then one DNS server)

    - run replmon, dcdiag and netdiag on the old machine to check for errors,
    if you have some post the complete output from the command here or solve
    them first

    - run adprep /forestprep and adprep /domainprep from the 2003 installation
    disk against the 2000 server, with an account that is member of the Schema
    admins, to upgrade the schema to the new version

    - Install the new machine as a member server in your existing domain

    - configure a fixed ip and set the preferred DNS server to the old DNS server
    only

    - run dcpromo and follow the wizard to add the 2003 server to an existing
    domain

    - if you are prompted for DNS configuration choose Yes (also possible that
    no DNS preparation occur), then install DNS after the reboot

    - for DNS give the server time for replication, at least 15 minutes. Because
    you use Active directory integrated zones it will automatically replicate
    the zones to the new server. Open DNS management console to check that they
    appear

    - if the new machine is domain controller and DNS server run again replmon,
    dcdiag and netdiag on both domain controllers

    - if you have no errors, make the new server Global catalog server, open
    Active directory Sites and Services and then double-click sitename, double-click
    Servers, click your domain controller, right-click NTDS Settings, and then
    click Properties, on the General tab, click to select the Global catalog
    check box (http://support.microsoft.com/?id=313994)

    - Transfer, NOT seize the 5 FSMO roles to the new Domain controller (http://support.microsoft.com/kb/324801)

    - you can see in the event viewer (Directory service) that the roles are
    transferred, also give it some time

    - reconfigure the DNS configuration on your NIC of the 2003 server, preferred
    DNS itself, secondary the old one

    - if you use DHCP do not forget to reconfigure the scope settings to point
    to the new installed DNS server

    - export and import of DHCP database (if needed) (http://support.microsoft.com/kb/325473)



    Demoting the old DC (if needed)

    - reconfigure your clients/servers that they not longer point to the old
    DC/DNS server on the NIC

    - to be sure that everything runs fine, disconnect the old DC from the network
    and check with clients and servers the connectivity, logon and also with
    one client a restart to see that everything is ok

    - then run dcpromo to demote the old DC, if it works fine the machine will
    move from the DC's OU to the computers container, where you can delete it
    by hand. Can be that you got an error during demoting at the beginning, then
    uncheck the Global catalog on that DC and try again

    - check the DNS management console, that all entries from the machine are
    disappeared or delete them by hand if the machine is off the network for ever

    - also you have to start AD sites and services and delete the old servername
    under the site, this will not be done during promotion

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Oct 30, 2008
    #2
    1. Advertisements

  3. Dan Andrews

    Dan Andrews Guest

    Thank you! I have followed your instructions and here is whats happening.
    The 2000 server is running SP4, the 2003 server is R2 version. After running
    adprep /forestprep and /domainprep /gpprep on the 2000 server all looked
    good. rebooted 2000 server. after adding 2003 server to 2000 domain and
    reboot, ran dcpromo and added server to existing domain, after about 1 minute
    it errors and says the forest is not prepared for windows 2003 server? Any
    ideas?
     
    Dan Andrews, Oct 30, 2008
    #3
  4. Hello Dan,

    Sorry my fault, missed the R2 part. You have to run adprep command from the
    second R2 disk , there is also a new schema version. dsik one upgrades to
    schema version 30 and the second disk to schema version 31.

    If you run "schupgr" on the DC you see the version of the schema.

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Oct 30, 2008
    #4
  5. Dan Andrews

    Dan Andrews Guest

    That was it! Thank you very much Meinolf. It is still installing but it
    looks like its ok now. I am doing this with 2 test systems before the real
    deal. I will definately backup the live 2000 server before I do this. Once I
    am done, is there any reason I couldn't run dcpromo on the 2003 server and
    remove AD and then do it again with the live 2000 server?
     
    Dan Andrews, Oct 30, 2008
    #5
  6. Hello Dan,

    I can not follow your question, sorry. Do you talk about removing it from
    the test system? Why not keeping the test system? Or do you test it in the
    real domain?

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Oct 30, 2008
    #6
  7. Dan Andrews

    Dan Andrews Guest

    Sorry, what I meant to say is, the 2000 server is the test system. The 2003
    server is the server I am migrating to. Once I test the migration with the
    2003 server can I run dcpromo on the 2003 server to remove AD and then re-run
    it against the live 2000 server?
     
    Dan Andrews, Oct 30, 2008
    #7
  8. Hello Dan,

    Just to get you correct, the 2003 DC is not on the 2000 domain yet. Now you
    will demote it and add it to the 2000 domain as a member server upgrade the
    schema for 2003, if not done and promote it again.

    If this is corredct you can do it, otherwise please describe the steps you
    like to do.

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Oct 30, 2008
    #8
  9. Dan Andrews

    Dan Andrews Guest

    Thank you, yes thats correct.
    One other slight issue, If I try to resyncronize in the sites and services
    from the 2000 server I get an error access is denied. Any ideas?
     
    Dan Andrews, Oct 30, 2008
    #9
  10. Hello Dan,

    What account do you use and which group membership does it have?

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Oct 31, 2008
    #10
  11. Dan Andrews

    Dan Andrews Guest

    I am logged in as administrator on both machines. I updated the 2000 box
    with all updates and ran replmon this morning. It says replication is ok
    except one of the items says DSA issue DNS lookup failure?
     
    Dan Andrews, Oct 31, 2008
    #11
  12. Dan Andrews

    Dan Andrews Guest

    One other wierd issue. Niether of the 2 machines are on the internet,
    however, the clock on the 2003 server keeps changing to 1 hour ahead if I
    select adjust for daylight savings, the 2000 server does not do this. I
    curently have the adjust for DST unchecked on the 2003 server to keep the
    time correct. I am also getting a message from the 2000 box regarding its a
    PDC and needs to set time to an outside source. Any way I can set this so it
    thinks its the time keeper? Sorry for all the questions..
     
    Dan Andrews, Oct 31, 2008
    #12
  13. Hello Dan,

    Please post an unedited ipconfig /all from both DC's. Also run dcdiag, netdiag
    and repadmin /showrepl and post the output here.

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Oct 31, 2008
    #13
  14. Hello Dan,

    Please stop posting one error after the other. Seems that something in your
    domain setup is not correct. See my previous answers/questions and let's
    start there.

    Best regards

    Meinolf Weber
     
    Meinolf Weber, Oct 31, 2008
    #14
  15. Dan Andrews

    Dan Andrews Guest

    Perhaps I have outstayed my welcome. Anyway, All is now working. What I
    found was, on the windows 2000 server the "." or root item was in the DNS and
    was replicated to the 2003 server. I removed the "'." in DNS and replmon
    shows all is ok on both servers. I still do not know what the time issue is
    on the 2003 server, but I'll figure it out from here.
     
    Dan Andrews, Oct 31, 2008
    #15
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.