NT 4/Novell netware to AD migration

[ssampier]

I want to migrate both Netware and NT 4 to Active Directory.

My biggest reason for the change is my lack of understanding about Novell. I could take classes and read books, but it seems like a lost-cause. I might as well learn Windows and AD which is what most of world uses.

My environment:

2 /24 public IPs

1 Novell Netware 6.5 (file & print, shared directories, and DHCP)

4 Windows 2000 servers, including 1 Dell NAS (3 are running IIS)

1 beefy Windows 2008 server with sql server 2008

7 Linux servers

1 external public BIND DNS server

and various firewalls and switches (the partridge and pear tree).

I have been reading a lot of documentation on the subject. I created a virtual Windows 2k3 R2 server to test. I also created a two-way trust with NT 4.

Goals for the migration:

1. Remove NT 4 server ASAP (it's old and taking up space)
2. Learn about Windows ad quirks and authenticate my Windows and Linux machines and servers.
3. Use Windows AD for primary authentication and printing.
4. Gradually phase out Novell Netware server. Keep the fileshares on Novell for now. I don't have a replacement fileserver yet to migrate to. I will soon (30-60 days).

My design scheme:
I decided on a single forest and domain. One employee OU. Group policies does everything else. AD handles DNS for the domain. Bind is the forwarder DNS.

I have identified possibly two Linux servers that can be migrated to Windows 2003 AD. I have thought of separating DHCP into the Nas box.

Any particular advice you want to give me if you have been through this process before?

 

[SimonDavies]

What are you authenticating to at the moment? Do you have the Novell client on the workstations (rather than the MS Client for Novell).

There is no reason that your AD DC can't run the DNS and DHCP (you would need to have AD Integrated DNS to utilise AD properly anyway).

Are you planning an upgrade or a complete green field approach?


Simon

The real world is not about exam scores, it's about ability.

 

[ssampier]

Hi Simon.

Thanks for your reply. I am currently using NT 4 and Novell Netware 6 for user authentication. Printers are mostly IP based; really annoying, but Novell printing stinks and I can't figure out annoying issues. I have a thread on this issue somewhere.

Yes, I know AD requires DNS. I plan to have each DC have dns installed and working. However, real world DNS should be handled by the forwarder.

I also was reading in my Windows Server 2008 Inside Out book that dhcp should ideally not be installed on a domain controller. There are work-arounds, of course, but I'd rather not bother.

If I can, I'll just let the windows 2000 Dell NAS handle dhcp. There is no failover. DHCP is only used for a few desktops and laptops, anyway. In the event of a dhcp meltdown, I can statically assign those machines.

As for upgrades, NT 4 machine is really old (Dino from Flintstones). It also has a really weird domain. I am going to migrate our NT 4 information with ADMT (olddomain.org to company.local).

Novell machine also can't be upgraded, so it also needs to be migrated to a different box. I am using MDSS for this.