I have a new server that has Win2K Server installed as well as two other Win2K servers that are all part of the primary Domain Controller that is still on NT 4.0. The Domain Controller is the only machine still on NT. I would like the new Win2K Server to be the Domain Controller with the same Domain name (my company is running on Novell but have applications that need the Microsoft Client... if the domain name can stay the same I wouldn't need touch every workstation again) and take the NT 4.0 machine now off-line. How can I do this without causing myself problems. The total of 3 Win2K Servers DO NOT have ADS installed at this point.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Changing DC in Win2000 4
- Thread starter cmarch1
- Start date
Stevehewitt
IS-IT--Management
Two solutions:
1.
bring the win2k Wannabe DC up, and run dcpromo. Follow the steps, make sure that you tell it that its not the only DC in the domain and you'll be fine. Replicate the user stuff, then temp take the NT server down. Test the network, if its ok then upgrade the NT server to 2k as another
2. After hours, simply install 2K server ontop of the NT server. Make sure that you do a full system backup before, but it shouldn't be a problem. Steve Hewitt
IT Administrator
Windows 2000 Microsoft Certified Professional (75 - 215)
1.
bring the win2k Wannabe DC up, and run dcpromo. Follow the steps, make sure that you tell it that its not the only DC in the domain and you'll be fine. Replicate the user stuff, then temp take the NT server down. Test the network, if its ok then upgrade the NT server to 2k as another
2. After hours, simply install 2K server ontop of the NT server. Make sure that you do a full system backup before, but it shouldn't be a problem. Steve Hewitt
IT Administrator
Windows 2000 Microsoft Certified Professional (75 - 215)
-
3
- #3
ShackDaddy
MIS
Actually, I'd have to contradict this. What's described above would leave you with an NT-based domain and a Win2K based domain, both with the same names and all sorts of potential conflicts and problems. The only way to properly migrate\upgrade your domain with all the users intact and the same domain name is to upgrade your current PDC to Windows2000. Once you've done that, you can run DCPROMO on your new W2K server and migrate the FSMO roles from the old DC to the new one, and at this point you could technically you could get rid of the former NT server without hurting your network too badly.
You may not be interested in having that NT server be a Windows2000 DC, so here's what you can do:
1) Get a third system handy.
2) Backup your PDC completely.
3) Install NT4 on the extra system (we'll call it 'ExtraS') and make it a BDC in your existing domain.
4) Promote ExtraS to be the PDC.
5) Upgrade ExtraS to Windows2000. You now have Active Directory.
6) Run DCPROMO on your new Win2K server (we'll call it Win2K).
7) Migrate all FSMO roles from ExtraS to Win2K. It's very easy.
8) Power down ExtraS and leave it turned off. Reformat it later.
Now your old NT server is functioning as a BDC, but you now have an AD environment and the W2K server doing most of the directory database work for you.
ShackDaddy
You may not be interested in having that NT server be a Windows2000 DC, so here's what you can do:
1) Get a third system handy.
2) Backup your PDC completely.
3) Install NT4 on the extra system (we'll call it 'ExtraS') and make it a BDC in your existing domain.
4) Promote ExtraS to be the PDC.
5) Upgrade ExtraS to Windows2000. You now have Active Directory.
6) Run DCPROMO on your new Win2K server (we'll call it Win2K).
7) Migrate all FSMO roles from ExtraS to Win2K. It's very easy.
8) Power down ExtraS and leave it turned off. Reformat it later.
Now your old NT server is functioning as a BDC, but you now have an AD environment and the W2K server doing most of the directory database work for you.
ShackDaddy
to augment ShackDaddy's idea
If you don't have a spare computer laying around just get a spare hardrive and do a drive copy of the pdc onto another harddrive and then upgrade.
If all H. E. double hockey sticks break loss then you just stick the drive copied harddrive in and set it as Primary IDE master you never loose any settings.
Thats what i do plus you don't have to worry about a backup or creating a NT 4 BDC.
If you don't have a spare computer laying around just get a spare hardrive and do a drive copy of the pdc onto another harddrive and then upgrade.
If all H. E. double hockey sticks break loss then you just stick the drive copied harddrive in and set it as Primary IDE master you never loose any settings.
Thats what i do plus you don't have to worry about a backup or creating a NT 4 BDC.
- Thread starter
- #6
I have investigated ShackDaddy's response and this seems to be the most logical but can I:
just take down the NT Server(even though its the primary domain controller....I don't need this machine at all any more to be in this loop)
promote my new Win2K server to be a PDC and/or add Active Directory to this server (again note: all other servers are on Win2k) and be OK...
also note: the new Win2K server can be reformatted, I have not moved any SQL or Web stuff to that machine already and technically my other two machines are only on the domain because users need to login to the domain for functionallity (we are on a Novell Network). So if I temporarily took those machines off of the domain and then promoted my new Win2k Server with the same domain name (with the old NT server down) would that work without setting up a new machine and/or hard drive?
just take down the NT Server(even though its the primary domain controller....I don't need this machine at all any more to be in this loop)
promote my new Win2K server to be a PDC and/or add Active Directory to this server (again note: all other servers are on Win2k) and be OK...
also note: the new Win2K server can be reformatted, I have not moved any SQL or Web stuff to that machine already and technically my other two machines are only on the domain because users need to login to the domain for functionallity (we are on a Novell Network). So if I temporarily took those machines off of the domain and then promoted my new Win2k Server with the same domain name (with the old NT server down) would that work without setting up a new machine and/or hard drive?
ShackDaddy
MIS
Here's the deal.
1) Right now you have an NT server PDC with the SAM database on it. That database IS your domain.
2) Your W2K server does not have a copy of the database. You need to get a copy of that database onto the W2K system before you take your NT server offline.
3) You can only safely take your NT4 PDC out of the network AFTER you have moved the SAM over to the W2K server.
4) The W2K server CANNOT be a backup domain controller for your NT4 server. W2K is either the king, or he isn't playing. The only way to get your SAM database onto that W2K server you mentioned is to run DCPROMO in an environment WHERE THERE IS ALREADY A W2K DOMAIN CONTROLLER.
5) The only way to keep your domain without jacking your network up is to (drum roll) UPGRADE AN NT4 PDC TO W2K. When this is done, you will have migrated to Active Directory and there will be a continued peace in your network.
Having made these points, go back and read my earlier post, which explains how to avoid upgrading your current NT4 PDC.
ShackDaddy
1) Right now you have an NT server PDC with the SAM database on it. That database IS your domain.
2) Your W2K server does not have a copy of the database. You need to get a copy of that database onto the W2K system before you take your NT server offline.
3) You can only safely take your NT4 PDC out of the network AFTER you have moved the SAM over to the W2K server.
4) The W2K server CANNOT be a backup domain controller for your NT4 server. W2K is either the king, or he isn't playing. The only way to get your SAM database onto that W2K server you mentioned is to run DCPROMO in an environment WHERE THERE IS ALREADY A W2K DOMAIN CONTROLLER.
5) The only way to keep your domain without jacking your network up is to (drum roll) UPGRADE AN NT4 PDC TO W2K. When this is done, you will have migrated to Active Directory and there will be a continued peace in your network.
Having made these points, go back and read my earlier post, which explains how to avoid upgrading your current NT4 PDC.
ShackDaddy
ShackDaddy
MIS
someone was wrong. A w2k server can be a member server in an NT4 domain, but not a domain controller. If you have an NT4 domain, here is the important principle to remember: the NT4 primary domain controller must die (ie, be upgraded to w2k) and be reborn as a w2k domain controller. This is the only way for a domain that is running on nt4 to make the change to an AD domain. An upgraded DC like I mentioned will bring a mixed-mode AD environment into being, but it will also be the only AD DC in existence until 1) dcpromo is run on other existing w2k servers or 2) other backup domain controllers are upgraded from NT4 to W2k.
ShackDaddy
ShackDaddy
-
1
- #10
tertone100
IS-IT--Management
Step:
1)Add a BDC to the domain
2)Document configs of services and apps on PDC'S & BDC'S
3)Back-up services & apps to tape
4)Fully syncronize all BDC'S with PDC
5)Take one fully syncronized BDC off line (put in closet)
6)Keep this BDC offline and available until after migration
7)Upgrade the PDC (this will establish the forest root domain)
8)Upgrade BDC's (any order)
*If you have problems you can remove all w2k and promote the offline BDC to PDC and then bring it back into your network. This new PDC will replicate to any BDC'S that you add to your network , returning the domain to it's previous state.
*Make sure that you do not upgrade your back-up BDC to w2k until your migration is a success.
*Do not switch to native mode until you are sure everything works because you canno't revert back to your old NT 4.0 once you are in native mode.
1)Add a BDC to the domain
2)Document configs of services and apps on PDC'S & BDC'S
3)Back-up services & apps to tape
4)Fully syncronize all BDC'S with PDC
5)Take one fully syncronized BDC off line (put in closet)
6)Keep this BDC offline and available until after migration
7)Upgrade the PDC (this will establish the forest root domain)
8)Upgrade BDC's (any order)
*If you have problems you can remove all w2k and promote the offline BDC to PDC and then bring it back into your network. This new PDC will replicate to any BDC'S that you add to your network , returning the domain to it's previous state.
*Make sure that you do not upgrade your back-up BDC to w2k until your migration is a success.
*Do not switch to native mode until you are sure everything works because you canno't revert back to your old NT 4.0 once you are in native mode.
tertone100
IS-IT--Management
He's is right you must upgrade the pdc. (sam data base)
- Thread starter
- #12
Thanks guys! I've tried everything and I am still having DNS issues. My Win2K server is my PDC with Active Directory. From here everything seems fine. I still have the NT BDC if this doesn't work completely but, There are two issues that I can't resolve! In trying to add an additional Domain to the Existing Domain:
1. My DNS server under Forward Lookup has only the domain name and its attributes, but doesn't have any subdirectories (ie...._tcp, etc...)which all documentation said should be resident. I've tried to stop and restart NetLogon but that doesn't help.
2. Our DNS server at my job is only EXTERNAL which means that even though I have entries in my preferred and secondary DNS server properties of "TCP/IP" settings nothing is resolving internally. I've tried 2 things a)manually adding entries to the LMHosts.sam file with no luck and b) adding the IP address of the PDC to the secondary DNS server entry of the "TCP/IP" setting with no luck either.
1. My DNS server under Forward Lookup has only the domain name and its attributes, but doesn't have any subdirectories (ie...._tcp, etc...)which all documentation said should be resident. I've tried to stop and restart NetLogon but that doesn't help.
2. Our DNS server at my job is only EXTERNAL which means that even though I have entries in my preferred and secondary DNS server properties of "TCP/IP" settings nothing is resolving internally. I've tried 2 things a)manually adding entries to the LMHosts.sam file with no luck and b) adding the IP address of the PDC to the secondary DNS server entry of the "TCP/IP" setting with no luck either.
- Thread starter
- #13
ShackDaddy
MIS
I don't have the time to tangle very deeply, but one thing you need to do is take the '.sam' extension off of your lmhosts file if you want it to work.
If your DNS server is not a W2K DNS server with dynamic updating enabled, what you are trying to do won't work. You need two DNS servers, one internal and one external. Something that hadn't been mentioned earlier, but would have been easy to notice with a little research, is that you need to have a W2K (in the best scenario) DNS server up and ready when you move your domain to AD. That way when AD is first generated, the proper entries will be created in your DNS zone file. If I were you, I think I might take your new AD server offline and reformat it, promoting your NT4 BDC back to a PDC. Then install NT4 on the system that was your AD server, and install it as a BDC. Install DNS on it too. Then promote it to W2K and let it create the Active Directory. All the proper DNS entries will be generated at that point.
ShackDaddy
If your DNS server is not a W2K DNS server with dynamic updating enabled, what you are trying to do won't work. You need two DNS servers, one internal and one external. Something that hadn't been mentioned earlier, but would have been easy to notice with a little research, is that you need to have a W2K (in the best scenario) DNS server up and ready when you move your domain to AD. That way when AD is first generated, the proper entries will be created in your DNS zone file. If I were you, I think I might take your new AD server offline and reformat it, promoting your NT4 BDC back to a PDC. Then install NT4 on the system that was your AD server, and install it as a BDC. Install DNS on it too. Then promote it to W2K and let it create the Active Directory. All the proper DNS entries will be generated at that point.
ShackDaddy
- Status
Similar threads
- Locked
- Question
- Locked
- Question