NT 4.0 to Win2k Migration question?

[kahmelion]

Here's my scenario.

I have about 7 seven sites that all point to a core location via a fram relay. At the core site I have an NT 4.0 pdc, a WINS server(also a BDC), two citrix servers running WIN2k, and a few other win2k member servers that are a combination of file servers and some run a few in- house applications. All of the remote sites have NT 4.0 bdc servers at their locations. I want to install a WIN2K server with AD at the core location. My proposed solution is:

1.Build a server with NT 4.0 on it as a BDC with all Patches and updates.

Thanks in advance
Kahmelion
2.Promote this new BDC and demote the old PDC so that they will change roles on the current network.
3.Install Win2k on the new PDC and run dc promo.

Now our ISP just gives us an IP address to use for our DNS server. I know that AD is very DNS orientated, so My main question is: first Am I doing the upgrade correctly? and second How would I go about configuring DNS for the domain.

 

[AJP69]

I think you need to give much more consideration to DNS and active directory.

W2k is not just DNS oriented, DNS are the wheels of the car and without a correct implementation you are in for a lot of grief.

The biggest mistake is to confuse W2k DNS with the DNS that runs the internet. It is best to keep these completely seperate otherwise your whole network is open to every hacker out there. Essentially this means that your Primary DNS server is the authorative DNS server for your domain this should be active directory integrated which allows you do control who it responds to. You can choose to have no internet presence or have a seperate internet presence on a web server between a couple of firewalls.

So if your domain is called Kahmelion.net you would register it on the net to prevent it being used in case you do go public one day. The ISP housing

http://www.Kahmelion.net

on the internet will respond to any DNS queries from the outsite world (later you can point it to a web server if you want). Meanwhile hidden away from the outside world your DNS server will respond to it's clients, because your DNS server is authorative and only handles internal requests it does not need to link to external DNS servers.

You could upgrade your existing NT infrastructure but this means you will inherit every good and bad setting from your old network. If you do this try it out in the lab, take a BDC as you suggest, put it on it's own unconnected lan and promote it to PDC then upgrade as you say. Then test the hell out of it.

I guess it depends on what you want from the old network, if it is just usernames etc there are tools that can export these. The thing is that W2k does things so much better, you configure things centrally. For instance a server share becomes a Domain DFS link. Printers can get clever and be put into the active directory.

My preferred method would be to create a new W2k domain, then duplicate services until you can migrate users or switch them "en masse".

As an NT5 purist I prefer to update the clients to W2k or Xp as they join the lan, again I do this by installing a fresh build on their PC in a seperate partition, this new build uses AD to install software and dictate the settings I want for users.

Have you looked at the Active Directory deployment planning guide or the operations guide. It is sober reading!

Hope this helps

AJ

 

[hewissa]

kahmelion,

Yes to answer your question, you are planning your upgrade correctly. I would remove a BDC before you upgrade though, in the event things go wrong, you can bring that BDC online and move it to PDC status.

http://support.microsoft.com/?kbid=298107

Upgrade or create new, both have their pros and cons. Although tools are available, that are not aways the easiest things to use and can prove to be troublesome at the most inopertune times....

For DNS, you need it for AD so you will have to create a Domain DNS. Reove the "." Forward Lookup Zone and create a forwarder to your ISP's DNS. See this FAQ for more info on how to do it.


faq96-3017

Hewissa

MCSE, CCNA, CIW

 

[AJP69]

I am sure that there are pro's and cons to Upgrade or Create New, good idea to keep a BDC if you do choose to upgrade.

I guess it depends on whether you want to design a shiny new network that takes advantage of all W2k features from day one. The problem with upgrading is that your design has to fit in with the old NT design to a certain extent, having said that, you can take your time to migrate things over.

I prefer new because you have no baggage, but it is not always feasible.

Those web links from Hewissa are useful, but there are much more indepth white papers from MS.

Let us know how you get on.

AJ

 

[kahmelion]

Thanks Everyone this thread is very helpful

 

[Windowz2000]

One big thing i would do if i were you is not use a windows 2000 pre sp1 cd to upgrade. make sure the disk has sp1 intergrated in to it. If not your DC's may not pick up the full compter name correctly. Ex. svr1.dns.com
If it does not change the full computer name properly you will have a lot of dns problems.

If you do use a pre sp1 disk here is a link to upgrade properly.

http://support.microsoft.com/?kbid=262376