My organization currently has Exchange 5.5 Server running in an old NT Domain. We currently have a live 2000 Domain running now. The only thing holding back a complete 2000 Domain migration is the Exchange server. Can anyone shed light on the best method of changing the domain membership from the old nt domain to our new 2000 domain. The Exchange 5.5 server is running on a NT Server now and will so when migrated to the 2000 domain. I then plan on upgrading to Exchange 2000. My biggest concerns are migrating mailbox and other old domain user info from "username.NTdomain" to "username.2000domain" Any help on the best methods found and what other items I may need, for example Active Directory Connector is appreciated. Thanks
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Exchange 5.5 NT to 2000 Domain Migration
- Thread starter vescetec
- Start date
get the active directory connector working and running for a couple of weeks. make sure everything is fine...
Here is what I did...
I removed the mirrored hard drives from the server running 5.5...
confirmed everything was operational
installed exchange 2000 as an upgrade
never had a problem
after about a week i remirrored the drives.. all has been well..
I think the key was the making sure the active directory connector was working and had snycrnized properly...
Here is what I did...
I removed the mirrored hard drives from the server running 5.5...
confirmed everything was operational
installed exchange 2000 as an upgrade
never had a problem
after about a week i remirrored the drives.. all has been well..
I think the key was the making sure the active directory connector was working and had snycrnized properly...
Don't take the migration too lightly. (Sorry, I'm looking at your title- IT Management) Larger and more experienced organizations (500+ mailboxes) tend to use an online migration. This is where you set up a new server, install Win2000 and Ex2000, connect the Ex5.5 server to AD, then move the mailboxes 1 by 1, or in groups.
- Thread starter
- #4
My main task right now is too change the domain membership of the 5.5 Exchange server from NTDomain to 2000domain. All email users currently authenicate to NTDomain. There is a full domain trust between my two domains. Will these users have issues entering their existing mailboxes once the Exchange server is in the 2000 domain? Once this is completed I would then want to remove their respective machines and user accounts from the NT Domain and join them to the 2000 domain keeping their existing mailboxes and finally complete the domain consolidation to a single 2000 domain environment.
I did this exact same thing and let me tell you it is so seamless and easy.
You set up exchange 5.5 on your 2K domain controller, and you make it all functional, set it up like you would during an inital install but you must make sure you have the SAME NAME of the server of your old NT box on your 2K box. After you all install it and get the accounts going, you then must add a server in your Exchange 5.5 server folder on the NT box, and then do the same on your 2K box. Then ensure you can get to both servers, click on server a and then click on server b.. Now on server a you highlight all mailboxes, and go to file and move and move them to server b, this also creates a pointer for all mailboxes to make the migration over to the new server. It's all essentially all drag and drop, I strongly suggest your users are not logged into their email and of course back everything up.
A few caveats:
Exchange 5.5 and Windows 2K don't quite get along in terms of the AD, so when you add a new mailbox, don't create a new account using Exchange, use the AD Users and computers instead and then associate the account.
Public folders.. it's tough not to get items orphaned by moving the mailboxes over to the new server, so what you do is move all public folders to a mailbox (preferrable the administrators mailbox) and then put them back into the public folders.
You must re-setup all internet accounts if you host your own mail, I've heard stories this doesn't follow through.. It did for me but I was told I'm lucky.
Time.. grab a sandwich and relax as you move all mailboxes over, it takes a lot of it. (200 mailboxes took 4 hours for me) Depends on you network setup.
Leave the server a and b in the same tree tree for a few weeks and after you are sure everyone has migrated through, kill off your NT server and bid adieu!
Side note:
You need to ensure all user accounts are fresh 2K accounts, otherwise down the road you will notice that the old NT accounts that you migrated over to the 2K domain server will not work on 2K workstations, to the point it crashes the OS.
Hope this helps!
Rgrds!
You set up exchange 5.5 on your 2K domain controller, and you make it all functional, set it up like you would during an inital install but you must make sure you have the SAME NAME of the server of your old NT box on your 2K box. After you all install it and get the accounts going, you then must add a server in your Exchange 5.5 server folder on the NT box, and then do the same on your 2K box. Then ensure you can get to both servers, click on server a and then click on server b.. Now on server a you highlight all mailboxes, and go to file and move and move them to server b, this also creates a pointer for all mailboxes to make the migration over to the new server. It's all essentially all drag and drop, I strongly suggest your users are not logged into their email and of course back everything up.
A few caveats:
Exchange 5.5 and Windows 2K don't quite get along in terms of the AD, so when you add a new mailbox, don't create a new account using Exchange, use the AD Users and computers instead and then associate the account.
Public folders.. it's tough not to get items orphaned by moving the mailboxes over to the new server, so what you do is move all public folders to a mailbox (preferrable the administrators mailbox) and then put them back into the public folders.
You must re-setup all internet accounts if you host your own mail, I've heard stories this doesn't follow through.. It did for me but I was told I'm lucky.
Time.. grab a sandwich and relax as you move all mailboxes over, it takes a lot of it. (200 mailboxes took 4 hours for me) Depends on you network setup.
Leave the server a and b in the same tree tree for a few weeks and after you are sure everyone has migrated through, kill off your NT server and bid adieu!
Side note:
You need to ensure all user accounts are fresh 2K accounts, otherwise down the road you will notice that the old NT accounts that you migrated over to the 2K domain server will not work on 2K workstations, to the point it crashes the OS.
Hope this helps!
Rgrds!
- Thread starter
- #6
Dyadmin, I am not replacing the Exchange server, I just want to change its domain membership. Exchange 5.5 is staying on the existing NT4 Server. The NT4 Server needs to move from my NTDOMAIN to my 2000DOMAIN and existing NTDomain accounts must still be able to obtain mail on this 5.5exchange/4.0 NT server when it is added to the 2000 domain.
zoeythecat
Technical User
Vescetic,
I would recommend going through the white paper documents from this site.
In short, I believe you need to upgrade your NT4 server to Windows2000. When you upgrade your NT4 server to Windows2000 your users will migrate over. But you need to read the white paper document. Check out the white paper document for an "in place upgrade from Exchange 5.5 to Exchange 2000". There are critical step by step procedures and preparation you have to follow to make this work seamlessly. This is not an easy process as some people are portraying this to be. One thing you will need to do is change the LDAP protcol port in Exchange 5.5 from 389 to an unused port (I.E Port390) because Active Directory uses Port389. You will also need to setup Active Directory Connector (From the Exchange 2000 CD) and many other preparation steps that (again I say this) are listed in the White Paper.
Let me know how you make out and good luck.
Zoey
I would recommend going through the white paper documents from this site.
In short, I believe you need to upgrade your NT4 server to Windows2000. When you upgrade your NT4 server to Windows2000 your users will migrate over. But you need to read the white paper document. Check out the white paper document for an "in place upgrade from Exchange 5.5 to Exchange 2000". There are critical step by step procedures and preparation you have to follow to make this work seamlessly. This is not an easy process as some people are portraying this to be. One thing you will need to do is change the LDAP protcol port in Exchange 5.5 from 389 to an unused port (I.E Port390) because Active Directory uses Port389. You will also need to setup Active Directory Connector (From the Exchange 2000 CD) and many other preparation steps that (again I say this) are listed in the White Paper.
Let me know how you make out and good luck.
Zoey
Whoops,
I thought you were dumping the NT domain, and all users will upgrade to the 2000 domain. In my case I abandoned my old domain and created a new one. I trusted between both domains and migrated my users over to the 2000 domain only to leave the old NT domain behind. It was really no trouble. I did leave out the migration wizard which is a key step. My apologise.
Sorry for the confusion.
Rgrds!
I thought you were dumping the NT domain, and all users will upgrade to the 2000 domain. In my case I abandoned my old domain and created a new one. I trusted between both domains and migrated my users over to the 2000 domain only to leave the old NT domain behind. It was really no trouble. I did leave out the migration wizard which is a key step. My apologise.
Sorry for the confusion.
Rgrds!
- Thread starter
- #9
I am sorry I must be confusing everyone. I have no concerns of 2000 Exchange at this time. I only want to move my NT4.0 Server with Exchange 5.5 from its existing NT domain to a new 2000 Domain. All existing mailboxes are owned by users still authenticating to the old NT domain. Will they have an issue retrieving email while continuing to authenticate to the old domain? Will the accounts have to move to active accounts on the 2000 domain? Will Exchange 5.5 successfully communicate with the 2000 DC?
Question 1; Is there only one or two domains. If there are two is there a trust?
FYI - Exchange 5.5 doesn't care about the domain in the same way NTFS does.
I am not sure if the active directory connector is designed to work in a domain only. You need to go to MS technet and see if the ADC is domain specific of forest specific. My guess is it is part of the active directory, so as long as you are not in native mode and your nt4 domain is part of the forest then you should be able to do what you are trying to do.
The real question is WHY? Why not keep everything in the same domain and upgrade? It is safe and been done over and over again. Your way of doing it sounds like you are trying to phase out a domain. which if you are and you have all the trusts set up, then you should be able to do it...
Here is how you test it. After the trust is set up, with in nt4 terms means make the 2000 domain the master domain, you need to take one client and join it to the 2000 domain. THen see if you can get your email. there is no reason you won't get mail.
I am thinking your problem will be moving the mailboxes from the resource domain to the 2000 adc... Which is why is say research adc on technet.
good luck
FYI - Exchange 5.5 doesn't care about the domain in the same way NTFS does.
I am not sure if the active directory connector is designed to work in a domain only. You need to go to MS technet and see if the ADC is domain specific of forest specific. My guess is it is part of the active directory, so as long as you are not in native mode and your nt4 domain is part of the forest then you should be able to do what you are trying to do.
The real question is WHY? Why not keep everything in the same domain and upgrade? It is safe and been done over and over again. Your way of doing it sounds like you are trying to phase out a domain. which if you are and you have all the trusts set up, then you should be able to do it...
Here is how you test it. After the trust is set up, with in nt4 terms means make the 2000 domain the master domain, you need to take one client and join it to the 2000 domain. THen see if you can get your email. there is no reason you won't get mail.
I am thinking your problem will be moving the mailboxes from the resource domain to the 2000 adc... Which is why is say research adc on technet.
good luck
- Thread starter
- #11
There is two domains, me have undergone a 90% 2000 migration leaving the exchange server pretty much the only server in the old domain. The 2000 Domain is in native mode, the only issue with this would be adding any NT Domain controllers into the single 2000 Domain. There should be no issues installing a NT Member Server into the 2000 domain for we currently already NT Member Terminal Servers in the domain. My main concern is exchange 5.5 communicating with Active Directory if it is joined to the 2000 domain. Obviously right now it retrieves authenication and user accounts from the NT PDC in the old domain. I want emailusername1.ntdomain to become emailusername1.2000domain while continuing to retrieve email from a 5.5 exchange server that has moved to the the 2000 domain. Thanks for any more info or experience anyone can share with me.
We looked into managing a domain migration with Exchange 5.5 in a similar way and ultimately abandoned it for a different approach, due to the following issue that would cause an inordinant amount of work.
For starters,
1. Your users are currently in the NT domain A and you want them in 2k domain B. Ignoring exchange for the moment, you ultimately want all of the users to authenticate in 2k domain B. Without going into detail, You can use the migration tool to duplicate all of the users from NT A to 2K B domain, including SID, but now you must associate all of these new users, with the exchange 5.5 server. OK you got your two way trust working and that is fine.
Then each user has to login with the new replicated domain account (with a new password No, the passwords do not follow) Are these users loging into computers in the old domain, or the new domain? If the old domain, guess what?, all of the NTFS permissions do not follow the migrated user accounts, and would have to be recreated. Or if you were planning to move the user's computers into the new domain as well, you have the same problem. Then you want to be sure to move each users login profile (assuming they do not have roaming profiles) on each computer one by one. Either scenario is a big headache. (even if you script the profile migration)
Realizing the enormity of the the work involved and the possible headaches, problems and issues even though we already had the new domain setup and the trust relationship working, and was about to replicate the mail boxes from one exchange server to the other, we abandoned this approach for that of a domain upgrade migration.
Also, how much user down-time can you afford while you are doing this? If you try to do this with only one exchange server, it will still take a long time. Why?
OK, so you shut down your server and move it to the new domain (assuming it is only a "member server" role, and is not a BDC) you bring it up in the new domain. Are the users accounts still in the old domain? If so, guess what? you need to visit everyone's computer and reset the Outlook profile to point to the "new" exchange server in the new domain. (The netBIOS name has changed)
Are the users going to stay in the old domain forever? probably not, you want them in the new 2K domain. Now you are back to reassociating each new account with the old mailbox. Remember since it is exch 5.5 not 2000 you are using ADC not AD. Let's visit every user again.
Do you want the least trouble? my suggestion is that you consider looking into a domain upgrade migration path. This can be done in a way that is seamless (unnoticed) to the users and is easy to undo if you make a major mistake or discover some incompatibility. (when done right)
Good Luck,
Dana
For starters,
1. Your users are currently in the NT domain A and you want them in 2k domain B. Ignoring exchange for the moment, you ultimately want all of the users to authenticate in 2k domain B. Without going into detail, You can use the migration tool to duplicate all of the users from NT A to 2K B domain, including SID, but now you must associate all of these new users, with the exchange 5.5 server. OK you got your two way trust working and that is fine.
Then each user has to login with the new replicated domain account (with a new password No, the passwords do not follow) Are these users loging into computers in the old domain, or the new domain? If the old domain, guess what?, all of the NTFS permissions do not follow the migrated user accounts, and would have to be recreated. Or if you were planning to move the user's computers into the new domain as well, you have the same problem. Then you want to be sure to move each users login profile (assuming they do not have roaming profiles) on each computer one by one. Either scenario is a big headache. (even if you script the profile migration)
Realizing the enormity of the the work involved and the possible headaches, problems and issues even though we already had the new domain setup and the trust relationship working, and was about to replicate the mail boxes from one exchange server to the other, we abandoned this approach for that of a domain upgrade migration.
Also, how much user down-time can you afford while you are doing this? If you try to do this with only one exchange server, it will still take a long time. Why?
OK, so you shut down your server and move it to the new domain (assuming it is only a "member server" role, and is not a BDC) you bring it up in the new domain. Are the users accounts still in the old domain? If so, guess what? you need to visit everyone's computer and reset the Outlook profile to point to the "new" exchange server in the new domain. (The netBIOS name has changed)
Are the users going to stay in the old domain forever? probably not, you want them in the new 2K domain. Now you are back to reassociating each new account with the old mailbox. Remember since it is exch 5.5 not 2000 you are using ADC not AD. Let's visit every user again.
Do you want the least trouble? my suggestion is that you consider looking into a domain upgrade migration path. This can be done in a way that is seamless (unnoticed) to the users and is easy to undo if you make a major mistake or discover some incompatibility. (when done right)
Good Luck,
Dana
- Status
Similar threads
- Locked
- Question
- Locked
- Helpful tip
- Locked
- Question