SBS 2003 to @008 Enterprise

[Mwinn]

Hi,
I need to install a new server running 2008 Enterprise and make it the PDC. We are currently running 3 servers, the current PDC is running win2K3 SBS, the file server is win2K3 Enterprise and the Data Base server is win2K3 Standard.

We are using DNS, DHCP, WINS, Routing and remote Access, and SLQ express 2005 (will upgrade this to 2008 manually), and Group Policies on the current PDC. We out sourced our Exchnage Server so I do not need to migrate that to the new server.

I need to migrate all of the services and security settings to the new server and my main concern is that the current PDc being an SBS server, takes control as the DC and I'm not sure I can just promote the new 2008 server to be the PDC.

One other thing, I would like to keep the same domain name so I don't have to redo all the workstations etc.

Any help would be appreciated.

Thanks,
Michael D. Winn

 

[Adeyp]

There are no such things as PDCs and BDCs in an active directory domain, you can quite happily bring the 2008 server online as a second DC and the active directory will replicate over by itself, you can transfer most things over such as DNS etc without any issues. The only problem you will have is that when the SBS server is online it must hold all five FSMO roles, these could be seized by the 2008 server when the SBS server is decommissioned (although I'd be tempted to keep it online as a secondary DC, dns backup etc.). You could quite happily run both together, if you did want to take the SBS offline i'd keep it nearby and intact for at least a couple of weeks to make sure everything is working properly.

Regards

Adrian

http://freeithelp.co.uk

 

[58sniper]

You don't have to seize the roles if the SBS box is going offline. You can gracefully transfer them. You just need to shut that SBS box down within 60 minutes of doing so or it gets angry and starts rebooting.

I'd be interested in knowing the requirement for Enterprise over Standard.

Stop by the new Tek-Tips group at LinkedIn. Come say hi, look for a job, have some fun.

http://www.linkedin.com/groups/Networking-TekTipscom-forums-members-3952395

Pat Richard MVP

http://www.exchangeblogs.com/

 

[upstatepc]

You have 30 days to remove the SBS from the network after you transfer everything to the new servers.
Mike

http://www.upstatecomputers.biz

 

[TechyMcSe2k]

Migrating to Windows Small Business Server 2008 from Windows Small Business Server 2003

http://www.microsoft.com/download/en/details.aspx?id=4023

http://www.samtechconsulting.com

_______________________________________
Great knowledge can be obtained by mastering the Google algorithm.

 

[Mwinn]

Thanks for all the advice, I also was wondering if the Routing and Remote Access would transfer over as well or if I need to re-create it.

58Sniper,
we are going with Enterprise for 2 reasons, first we got a killer deal on the software, but were also looking at clustering in the future.

As far a "transferring" the FSMO Roles, I was under the impression that they would not transfer well from SBS.

My main concern is that we don't lose the ability to login to the network should something go hinky during this transfer.

BTW, I plan on retiring the existing server, its been running continuously since 2005 with the same hard drives, no RAID, just software mirroring.

Thanks,
Michael D. Winn

 

[58sniper]

You can certainly transfer the FSMO roles. I've done it before. upstatepc is probably right on the timeline for shutting down the SBS box. You can certainly add the new server to the domain as a DC and let it cook for a while to work any issues. If you run into a problem transferring the FSMO roles, you can always shut down the SBS box and just seize the roles. But that should be a last resort.

Stop by the new Tek-Tips group at LinkedIn. Come say hi, look for a job, have some fun.

http://www.linkedin.com/groups/Networking-TekTipscom-forums-members-3952395

Pat Richard MVP

http://www.exchangeblogs.com/

 

[Mwinn]

OK, I have got the new server and I just loaded Windows Server 2008 R2 Enterprise. Can I add all the required roles, DHCP, DNS RRAS, WINS, IIS etc, before I join it to the domain and make it a DC, or will that all transfer over from the current DC (SBS 2003)?

Thanks,
Mike

 

[58sniper]

Do you really need WINS?

You won't get DNS zone transfers if you install DNS before it's a DC. I'd be inclined to wait.

Stop by the new Tek-Tips group at LinkedIn. Come say hi, look for a job, have some fun.

http://www.linkedin.com/groups/Networking-TekTipscom-forums-members-3952395

Pat Richard MVP

http://www.exchangeblogs.com/

 

[Mwinn]

Thanks, I have WINS on the existing DC (was setup before I started here) so I thought I woould keep. What about RRAS, will it transfer everything over as well?

Thanks,
Mike

 

[kzn]

Hi Mwinn

AD on small business is different to AD standard and enterprise. This exercise that you are doing is not easy. I have moved from SBS 2003 to Server 2008 R2 Standard, it was a headache. If you are still looking to do it let me know and I will try dig up documentation I had created. The problem is mainly caused by exchange/AD/SBS. Even doing what I did still leaves bits of the old AD and some times I wish I had just created a whole new domain. Any how let me know ... and best to test this in a virtual environment.

 

[kzn]

One more note ... seriously think about creating a whole new domain.

 

[Mwinn]

KZN,

Creating a new domain would be a last resort for us. We are not going to use Exchange Server, which is currently disabled on SBS, so if I can just get the new DC to handle the security, group policies, RRAS, DNS etc. I think I should be good. My main concern is transferring the FSMO roles over smoothly.

I will probably add this DC to the existing domain next week, then promote to a DC. I'll run this with the exiting DC to see what comes over to the new DC automatically and what needs to be setup manually.

We work 7 days a week, 5 AM to 10 PM, so I cannot take the DC down on the weekend or after 5:00 PM like most companies, so doing this on the fly is basically my only option.

I am making sure that the SBS server has all of the latest updates and will run the ADprep on the SBS server.

 

[kmcferrin]

we are going with Enterprise for 2 reasons, first we got a killer deal on the software, but were also looking at clustering in the future.

You will not want to make a cluster node of your DC/DHCP/DNS/etc server.

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCSE:Security 2003
MCITP:Server Administrator
MCITP:Enterprise Administrator
MCITP:Virtualization Administrator 2008 R2
Certified Quest vWorkspace Administrator

 

[kzn]

Hi Mwinn

Its nearly a year since we moved to server 2008. I dont have the polished document, but I do have some notes. They are as follows:

Upgrade path SBS2003 to Server 2008 R2

Raise forest level to Server 2003 on Server1
Raise domain level to Server 2003 on Server1

Insert Server 2008R2 cd into Server1 browse to -> support -> adprep -> and run the following
Adprep32 /forestprep
Adprep32 /domainprep
Adprep32 /domainprep /gpprep
Adprep32 /rodcprep

Add new DC
Check replication
Changed the dc dns to point to itself

Transfer FSMO roles
Transfer pdc
Transfer rid master
Transfer schema master
Transfer naming master
Transfer infrastructure master

*** make sure the roles are transfered not seized

On new FSMO Master run: netdom /query fsmo
Check replication


I would do a dummy run if I were you in a test enviroment because we did have loads of trouble, but if I remember correctly it might have been more to do with exchange but I cant 100 percent remember.

Its a shame you could not start from scatch but some times thats life. Just be aware a lot of crap from AD 2003 will come over to the new 2008 AD things like GPO's will carry the format of AD 2003 etc. Its not a train smash GPO's are working great for us but they are just not how they should be.

Best of Luck btw I will never ever recomend SBS to anyone ever again

Have a look at

http://www.petri.co.il/transferring_fsmo_roles.htm

 

[kzn]

This if people who have exchange, like I said above I dont have the polished version any more and these were some notes I found on my pc. Maybe it will help someone

Add new mail server to domain

Ensure SBS 2003 Exchange set to organisation -> native mode

On new mail server add features -> .Net framework 3.5,
install all IIS
office filter pack
Power shell if needed

### (Ensure dates and times are correct on all servers before proceeding)
On mail run the following to update the AD in preparation for Exchange
Insert exchange 2010 iso ->
Setup.com /preparelegacyexchangepermissions (run on Mail)
Setup.com /prepareschema (run on Mail)
Servermanagercmd –i rsat-adds
Restart server
Setup.com /prepareschema (run again)
Setup.com /preparead
Setup.com /preparedomain
Snapshot all servers

Run setup on mail server
If there is a problem with net. TCP not set to automatic do the following:
1. Start Windows powershell.
2. Run the command and hit enter
Set-Service NetTcpPortSharing -StartupType Automatic (or start in services)

Run adsiedit
Right click select connect to and change to: select a well known naming context and choose configuration:

Navigate to: cn=configuration/cn=services/cn=Microsoft exchange/cn=companyx/cn=address list container/cn=recipient update services and delete update services in the right pain.