Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Netware to Windows 2003 Migration

Status
Not open for further replies.
billc124

billc124

MIS
Jan 10, 2006
9
US
I am working on a project to migrate our Netware 5.1 environment over to Windows Server 2003 and Active Directory. My situation is that most of the step by step tools and things I am finding are setup as if you don't have an AD already in place. I already have my AD in place with all the users setup as we are an Exchange shop this was necessary. All I am looking to do is move my Netware volumes and shares over to Windows and grant the matching permissions. Doing it manually is not an option as I have several thousand folders with different permissions applied. Is there an easy way to do this? I am just looking for some guidance or someone to point me to an article I am missing. I have tried out Quest NDS migrator but that seems much too complicated and I was hoping to do this without spending any or much money. Any advice would be greatly appreciated.

Bill
 
Sort by date Sort by votes
Getting the files over is easy (robocopy), but replicating permissions is likely going to require a third party solution like the Quest tool you mentioned.

Are you doing some e-Directory>AD sync?

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Upvote 0 Downvote
I am not doing any sync right now and we don't run eDirectory.
 
Upvote 0 Downvote
think this is a mix up in terms
the fact you have a netware 5.1 tree means you have an nds -
(know as edir for ages now but technically not for 5.1)

i assume you have no idm or nds for nt or such like they are seperate?

quest to be truthful is expensive and aint very good at the rights - especially as i imagine your group structure etc will change

the rights etc are totally different
if you are keeping excat structure then you could run a trustbar or such like and then modify this into ms language - run a robocopy as suggested above then rune the script to pop rights etc on

obviously i'm from the anti microsoft bricade - but you may want to look at their rights migrator - i only assume they have one - but basically you are in for pain

and i certainly would suggest looking at abe
 
Upvote 0 Downvote
I would think that for any successful migration, there needs to be some sort of synchronization between the two.

Quest stuff works ok, but I'm no fan of their tech support.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Upvote 0 Downvote
Well I have used both the Quest tools and the MSDSS package free from Microsoft. Ours was a complete migration but as the file migration is concerned I was left unimpressed by Quests differentiating features when it compares the the MSDSS package in regards to the FMU utility.

If I was you what I would do, since you have a domain already in place, is setup a dummy domain and do a fake migration using the MSDSS package in order to generate an FMU log (that is, if your eDir tree is a replica of your AD tree). At this point you will have the ability to modify this log file to represent the correct cn's that you will need.. example: if you had setup a test.domain.local, you would be able to find and replace the "test" part, which would then map appropriately to your AD tree..

This would leave you the ability to use the FMU utility to map the permissions as best as it can, this is a bit of a hand holding process but from my experience it has worked decently ok.

Pros: Its free, it does an ok job (again compared the the Quest tool I found it does pretty much the same thing but looks a bit less refined)

Cons: Takes a log of elbow grease to get used to the steps involved in order to make this work appropriately..

Warning: If you use the MSDSS tool, do it IN THE LAB first, you can REALLY jack up your eDir if you use it incorrectly... (Dont be jonny fast fingers when punching "Next"). This warning applies to when you do directory synchronization!

If youre not budget minded, I am sure there are other tools out there (I heard of NetCopy from jrkutils or something) but overall I think its worth looking at this toolset.

Cory
 
Upvote 0 Downvote
As far as tech support from Quest I have had nothing but good things to say for the way they handled us. Their KB is full of useful articles and their tech support was very prompt even before we had bought the products. I would honestly say this is one of the better experiences I have had with a vendor in this regard..

I am sure everyones mileage varies however. Just thought I would throw in my 2 cents too :)

Cory
 
Upvote 0 Downvote
Would you suggest making my AD structure match my NDS as close as possible? I don't have any OUs in AD and some in NDS. I didn't setup the NDS end, inherited it and the original domain that was migrated to 2003 recently. There are only about 200 users so it isn't that big a deal to move things around in AD if necessary.
 
Upvote 0 Downvote
I would probably say, to use this tool the way you have it currently, if it wouldnt be to big of a discrepancy that would possibly be one solution. Eventually though you would have to find a way to generate the FMU log that you would need. Again this would mean setting up a dummy domain or something to that extent as it would populate the AD environment to mirror your edir structure. From here you could verify the logs if you had missed anything (its just a txt file but depending on your environment can be huge)..

I would highly recommend setting up a lab for you to play with this in, you dont need to replicate your edir tree if you dont know how or have the time/resources but I would setup a Novell server and a Windows domain environment (probably just a blank one if you do end up using the MSDSS tools as this will populate AD).. You can use VMServer to create snapshots and the like which I found extremely time saving.

This can and probably will be a large project that will involve alot of preplanning and a TON of testing. I would also recommend maybe finding some consultants with experience doing this to at least bounce some questions off of.

In any case, good luck with how you proceed!

Cory
 
Upvote 0 Downvote
Cory,

Thanks. I do have a lab setup already so I can play around anyway I want, just thinking how best to proceed. I think I will duplicate my structure on both ends and see how it plays out. Thanks all for your advice.

Bill
 
Upvote 0 Downvote
Good to hear! If you have questions about the tools dont hesitate to ask. I am actually in the process of a long term migration and we are restarting our file migration project after deviating to our Exchange project since we implemented our Cisco voip system in the middle of everything.

If I find anything else interesting or tips along the way I will be sure to post for ya.

Take care!

Cory
 
Upvote 0 Downvote
@Terry712

No, I do not have Zen. On another note, I am trying to figure out how to export all the users from my production NDS environment and import it into my lab. Does anyone know of a way to do that?
 
Upvote 0 Downvote
you can ldif them out
modify it a bit in notepad and then ice it in

although cant remember if ice was with nds 8 or ? (afraid i havent used 5.1 for a long time)
in console 1 it is under nds import or something like that

you will have to look at the field mapping though as some are phrased differently
 
Upvote 0 Downvote
I managed to find a Novell cool tool that would generate a report of my Netware permissions for each folder on a server so I think I am going to just copy everything over to my Windows server using the same structure as in Netware, then run a script to assign the permissions in Windows. Does anyone have any recommendations for a good script or tool to do it for me. I found several via Google search but since I am not the first person to do this I am sure that there are preferred methods, you have all offered great advice so far so I figured I would ask for more. Also, any suggestions on what to use for the copy? I have heard RoboCopy mentioned more then once recently.

Bill

 
Upvote 0 Downvote
yep must confess i'm a robocopy fan
just make sure you use the /r:
the 1 million retry is a bit excessive
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
464
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
600
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
392
antonio_dsanchez
antonio_dsanchez
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
501
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
843
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top