New SBS 2003 joining to existing network

Discussion in 'Windows Small Business Server' started by Don, Apr 5, 2005.

  1. Don

    Don Guest

    I have a new SBS Premium 2003 configured server and am looking to join it to
    an esixting network which has a production Win 2003 Std Ed srv. After
    installing & configing the SBS srv I found that the SBS srv has to be at the
    root of the forest. Something new for 2003.

    I've found a lot of tech's complaining about this and problems with the
    process. I'm hopeful to avoid these issues. I'm first needing to know if both
    servers need to be on the same domain. The SBS srv is a ".local" domain and
    the Std Ed srv is a ".com". Both srv's are behind a hardware firewall so
    there's no issue with a website on the SBS srv.

    I'm to understand that some migration needs to take place so I'm also
    looking for a quality source of information to perform the AD, etc migration.
    At present the Std Ed srv is providing DC, AD, DHCP, DNS, WINS, GP services.
    I am wanting to keep the Std Srv on the network and as a BDC.

    Lastly is there anything that needs to be done with trust relationships?

    Thanks,
     
    Don, Apr 5, 2005
    #1
    1. Advertisements

  2. Don

    Rick F Guest

    Nothing new with 2003. The Small Business Server has needed to be the root
    since 2000 and before that it had to be the PDC in the NT 4.0 (SBS 4.0/4.5
    days). Haven't seen much complaining about it but then again I've looked for
    it considering I've known this since Microsoft did the first SBS to market.
    (been around a while...remember setting up my first SBS 4.0 back in the day)

    If your overall goal is to make the existing server a DC (we don't use BDC
    anymore) of the new SBS 2003 domain then I would probably look into the
    Swing It kit at www.sbsmigration.com. I haven't used this product but I
    think it will do what you want.

    As far as trust relationship; SBS since 4.0 hasn't done that either and SBS
    2003 still doesn't do it and I doubt it ever will in the future. I've heard
    that it will do a 14 day trust in the beginning during a migration but I
    haven't verified that myself.
     
    Rick F, Apr 6, 2005
    #2
    1. Advertisements

  3. Hi Rick, you may also benefit from this

    -----------quote--------------
    To install a SBS 2003 computer in an existing Active Directory domain,
    please follow these steps:

    1. On a Windows 2000 domain, you must prepare Active Directory before you
    install the SBS 2003 computer in the domain.

    Cannot Promote a Windows Server 2003 Domain Controller into a Windows 2000
    Forest

    http://support.microsoft.com/?id=278875

    2. Start the installation of SBS 2003 by inserting CD 1 into the CD or DVD
    drive.

    3. When the operating system is installed and the computer restarts and
    continues with the integrated Setup program, click "Cancel" to stop the
    integrated Setup program. Note You must cancel the integrated Setup program
    at this point. If you continue with the integrated Setup, you cannot join
    the SBS 2003 computer to the existing domain.

    4. On the SBS 2003 computer, configure a static IP address on the network
    card and make sure to configure DNS to include the existing server that
    hosts the Active Directory zone. Note You can ping other computers on the
    network by using their Fully Qualified Domain Names (FQDNs) after you
    complete this procedure.

    5. Run the Dcpromo.exe program on the SBS 2003 computer to join the existing
    domain.

    6. Install the DNS server service.

    For additional information about how to configure a DNS server, visit the
    following Microsoft Web site:

    http://www.microsoft.com/resources/...3/standard/proddocs/en-us/dns_server_role.asp

    7. Promote the SBS 2003 computer to a global catalog server.

    8. After the new computer is successfully promoted to a global catalog
    server, remove any other global catalog servers in the domain.

    9. Transfer the FSMO roles to the SBS 2003 computer.

    10. Move the site licensing server to the SBS 2003 computer.

    11. Wait for the new Active Directory objects to replicate to the SBS

    2003 computer. The time this takes depends on the Active Directory size and
    on network performance. You can view the Directory Service event log to
    verify that replication has completed successfully. The SBS 2003 integrated
    Setup program may not continue if replication has not completed or if
    replication has failed.

    12. Change the DNS settings on all domain controllers to point to the new
    SBS 2003 computer as the primary DNS server.

    13. On the SBS 2003 computer, insert the SBS 2003 CD 1 into the CD or DVD
    drive and continue with the integrated Setup of SBS 2003 and its components.

    Wish it helps!

    Regards,

    Bob Qin

    Microsoft Online Partner Support
    -----------endquote-----------
     
    SuperGumby [SBS MVP], Apr 6, 2005
    #3
  4. Hello Don,

    Thank you for posting to the SBS Newsgroup.

    If the SBS server is holding the domain.local while the existing domain is
    domain.com, they should be in different domains and they cannot share
    information. You cannot establish a trust relationship. If you want to use
    the ADMT tool to do the migration, I am afraid this cannot be done either,
    because the NetBIOS domain names are the same. You have to reinstall SBS
    2003 by using another domain name like domain2.local and then follow the
    migration white paper to migrate data. Refer to the following document
    which applies to this scenario:

    Migrating from Small Business Server 2000 or Windows 2000 Server
    http://www.microsoft.com/downloads/details.aspx?familyid=fa187d1e-8218-4501-
    9729-222bd8ebb64c&displaylang=en

    If you use the existing server as a BDC, you need to reinstall it and join
    it in the SBS domain

    You can also install SBS 2003 in the existing domain however you should
    transfer all FQMO roles to the SBS server and make it a Global Catalog in
    14 days. The existing DC should be the BDC now.

    More information for your reference:

    295765 Description of the product limitations in Small Business Server 2000
    http://support.microsoft.com/?id=295765

    General Frequently Asked Questions About Windows Small Business Server 2003
    http://www.microsoft.com/WindowsServer2003/sbs/techinfo/overview/generalfaq.
    mspx

    Thanks for your time. I am glad to be working with you again.

    Best regards,

    Brandy Nee

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Brandy Nee [MSFT], Apr 6, 2005
    #4
  5. Hi Don

    Because of the limitations mentioned by Brandy and information posted by
    SuperGumby I suggest you visit SBSMigration.com and look at the concepts
    there. Then email Jeff Middleton directly from the links there with all the
    information from this post. Your situation looks ideal for Swing Migration,
    I am just a little unsure of the implications of the existing .com DC
     
    Frank McCallister SBS MVP, Apr 6, 2005
    #5
  6. Hi Don,

    I don't want to repeat everyone else's comments in detail. SBS has always
    taken root of Forest, never supported domain trusts, and the standard
    installation setup and documentation will _tell you_ that you can't put a
    new SBS in an existing domain.

    Everything in the above is true, but there's a misleading aspect of the
    "existing domain" part. MS has pretty much ingored the idea of building an
    SBS into an existing domain until I got serious about documenting that it
    wasn't actually true. I've posted about introducing an SBS to an existing
    domain for years, and it follows the logic of the details posted by SG and
    Brandy, but that's only part of the problem solved.

    The reason you have seen suggestions to visit my site www.SBSmigration.com
    is that I have outlined on my website how to actually _replace_ the original
    DC with a new DC having the same server name, in the same domain, with the
    same Exchange Information Store, same shared folder security, and with no
    impact to the workstations. For those who want a detailed project guide, the
    Swing It!! Kit available from my website includes step by step instructions
    for the entire project path. Replacing an existing DC/Exchange in an
    existing domain is a complicated process, but it also is possible to do this
    in a manner in which the new DC construction is done offline from the
    production domain operations, without shutting down the existing production
    until you are ready to transfer the data across.

    I am happy to answer questions here, or you can contact me directly about
    that project concept.
     
    Jeff Middleton [SBS-MVP], Apr 6, 2005
    #6
  7. Don

    Don Guest

    Hey Jeff,

    All the post have provided in-site.

    I am aware of the 14 day limit by which the FSMO and GC has to be
    transferred from the old DC or the SBS box is subject to shutting down.

    Prior to posting here I had found several techs that posted on other sites
    their experiences with introducing SBS to an existing network. And it was
    told to me that as of 2003 SBS had to be at the root. Accroding to what I'm
    seeing here this has been a requirement for some time. Frankly I'venot had a
    case where I had to introducing SBS to an existing network.

    I'll take a look at your site. I'm sure I'll be posting again.
    Thanks all,
    Don
     
    Don, Apr 10, 2005
    #7
  8. Hello Don,

    May I know if you have any questions regarding this post? If so, please do
    let me know and I am glad to be of the assistance. Thank you.

    Best regards,

    Brandy Nee

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Brandy Nee [MSFT], Apr 11, 2005
    #8
  9. Don

    Don Guest

    Hello All,

    Once again, thanks to all for the feedback. After absorbing the postings and
    then some. I need to clarify some details.

    Brandy, I need to clarify the '.local' vs ".com" domain reference you made
    in your first post. The SBS 2003 srv is domain named Srv2.local (example) and
    the Std Ed 2003 is domain named SRV1.com. This may change your perspective in
    your post.

    The situation requires that the existing Std Ed 2003 srv stay in production
    to provide file and print services. This server has 200GB hard drvies and
    contains qty's of digital images.

    The purpose for the SBS Prem is to provide ISA and e-mail services
    initially. Since SBS has to be the DC, there is a desire to dcpromo the Std
    Ed srv back to provide a DC backup should the SBS srv go down. The Std Ed srv
    provides mission critical data thus if the SBS srv were to go down the stop
    gap would be the Std Ed srv.

    With all that said, I'm gathering that the SBS Prem should be reload using
    integrated setup and the same domain name as the existing domain. Jeff, if
    you still feel that going through and SBS mirgration is the better way to go,
    I'm listening. However keep in mind that the SBS srv does not have the
    storage capacity that the Std Ed srv has. Also, since there is no issue with
    external websites on the SBS srv, I presume there would be no issue with the
    SBS srv having a ".com" domain name. Please correct if I'm offbase here.

    Thanks again,
    Don
     
    Don, Apr 12, 2005
    #9
  10. Hello Don,

    Thank you for posting back.

    Based on the KB article below, we do not recommend using a public domain
    name (.com domain suffix) as the internal domain name since this may lead
    to many issues:

    296250 The Domain Name System name recommendations for Small Business Server
    http://support.microsoft.com/?id=296250

    Note: Although this KB applies on SBS domain, it can also apply on a
    standard Windows domain.

    So, based on the information you provided, we suggest that use the SBS as
    the DC to manage your network. To do that, we may migrate the data from
    Windows Server 2003 domain to SBS 2003 domain by performing the steps in
    the document below:

    Migrating from Small Business Server 2000 or Windows 2000 Server to Windows
    Small Business Server 2003
    http://go.microsoft.com/fwlink/?LinkId=16414

    After you perform the steps below, please demote the Windows Server 2003 to
    the workgroup mode by running "dcpromo", and then join it into the SBS 2003
    domain as a member server or an additional DC.

    Hope this information answers your questions. Thank you for your time.

    Best regards,

    Brandy Nee

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Brandy Nee [MSFT], Apr 13, 2005
    #10
  11. Hello Don,

    Thank you for posting back.

    It is OK and I will be waiting to see if you have any questions regarding
    this post. Thanks again.

    Best regards,

    Brandy Nee

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Brandy Nee [MSFT], Apr 15, 2005
    #11
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.