Steps to migrate a win2k domain to 2k3

Discussion in 'Active Directory' started by Shannon Hemems, Jun 7, 2005.

  1. Hi there,

    This is probably a question that gets posted a fair amount, but here goes

    I've got a single site Win2k AD domain (native mode). 4 DC's,1 Exch2k3
    server (member server), and about 35 mixed Win2k & Win2k3 servers, running
    various server applications (e.g., Great Plains, Symantec AV Enterprise 8.0,
    Netbackup, IIS 5.0, SQL 2000, Perforce, etc.). We've also got a few Red Hat
    Linux 8.0 servers.

    We're running AD-integrated DNS, DHCP, RAS (pptp VPN), & DFS services.

    What's the best approach to migrating our domain & window services? I've
    seen some of the general articles, but having just gone through the Exchange
    migration, I found there were a lot of little side articles that I'd
    initially missed in my planning (I ended up following MS Exchange's step by
    step article, which was really helpful). Has anyone come across something
    similar, or have recommended articles to read?

    Many articles suggest building a test lab first to do a test migration that
    replicates your environment, but how in the world can anyone replicate their
    live domain, with all the various servers & apps? Do many people actually
    follow this step? If so, can it be done quickly (ie., a week) & cheaply?

    Thanks very much,

    Shannon Hemems, Jun 7, 2005
    1. Advertisements

  2. The first thing I would say is why do you need to do a migration? Seeing as
    you're not consolidating domains, etc. I would say an in-place upgrade is
    the way forward (using the 'swing' method).

    I always start looking at things from an upgrade perspective and only
    migrate if the upgrade doesn't suit -and obviously when we're consolidating
    Yes, this step is followed. As to the scale of the test lab that is up to
    you -down to time, resources, and need. In an ideal world you'd be able to
    duplicate your live environment, in reality we usually make do with two or
    three 'servers' and VMs [1].

    A week is pushing it. And this kind of work shouldn't be rushed. Try and
    budget testing into your plan. We always spend a substantial amount of time
    testing after the design is complete.

    [1] The term server here refers to the OS. For testing, there's nothing
    wrong with installing trial versions of Windows server on desktop PC
    Paul Williams [MVP], Jun 7, 2005
    1. Advertisements

  3. Shannon Hemems

    Allen Firouz Guest


    The process is fairly straight-forward. Generally, the idea is to introduce
    a 2003 DC to the environment (either by DCPROMO-ing aserver into the fold or
    by doing an in-place upgrade of one of your W2kDC's). Now that your
    environment is in Mixed mode, move your FSMO roles over and upgrade the other
    DC's to 2003. Once completed, you can flip the switch and make it Native.
    That's the general idea. Now, there are things like extending domainprep and
    schemaprep and additional steps involved, which should be considered (see
    links below). And YES, years of experience tells me that a test lab is
    crucial to easing the pain of implementing ANY new system, so I highly
    recommend a test lab for a dry run or two.
    Now, here are the links:
    Upgrade from AD 2000 to 2003:

    AD planning:

    -Allen Firouz
    Allen Firouz, Jun 7, 2005
  4. My bad. I did mean an in place upgrade from our current domain.

    Is there a process for creating a duplicate test domain available? Would I
    be able to somehow restore the AD from a backup, in a test domain, for

    Shannon Hemems, Jun 7, 2005
  5. Thanks for the links. The first doc is one I've been missing & looks like
    the best starting place for my planning.
    Shannon Hemems, Jun 7, 2005
  6. Is there a process for creating a duplicate test domain available? Would
    There are a number of possibilities. Restoring to alternative hardware in
    an isolated environment is a good one -it also acts as a DR test ;-)

    The other one I use is to promote a new DC in production, turn it off, do a
    metadata cleanup, then load it in the isolated environment, delete the
    connection objects, seize the FSMOs, and possibly do a metadata cleanup here
    Paul Williams [MVP], Jun 7, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.