I'm planning an upgrade a network of 35 users(1 office) from Winnt 4.0 servers (1pdc, 2 bdc, 1 member) and 1 exchange 5.5 server(member) to Windows 2000 and Exchange 2000. We are purchasing all new hardware! What would be the easier or best route,upgrade them...or start from scratch, creating new users? Any info would be glady appreciated. The upgrade can happen during a weekend!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Upgrading to W2k/exchange 2000 from NT4.0/exchange 5.5
- Thread starter bartibog
- Start date
What you're planning is a pretty major operating and I wouldn't recommend doing it from what someone says in a forum!
Migrating or starting from scratch is really down to your needs, i.e. migrating is probably easier and quicker and less change for your users, but starting from scratch is always nice to try and remove any crap built up in the old domain etc.
I strongly recommend you read some white papers on this from the MS website. For Active Directory, go to and then click on the Planning & Deployment Guides link.
For Exchange 2000, go to the Exchange 2000 Home Page at
Cheers, Antony
Migrating or starting from scratch is really down to your needs, i.e. migrating is probably easier and quicker and less change for your users, but starting from scratch is always nice to try and remove any crap built up in the old domain etc.
I strongly recommend you read some white papers on this from the MS website. For Active Directory, go to and then click on the Planning & Deployment Guides link.
For Exchange 2000, go to the Exchange 2000 Home Page at
Cheers, Antony
To true, the instructions for this operation will warrent an entire web page to its self.
And you ARE NOT going to complete this in a weekend!
But coming from someone that has just completed the very same operation as you are intending, this how i did it, and i am not going to go into any great detail just point in the right direction.
Promote one of the BDCs and take the current PDC off the LAN (for roll back purposes incase it all goes 'Pete Tong')
Do an 'Upgrade in place' on the newly promoted PDC (follow instruction by the letter), also turn off the other BDC.
When done the Newly upgraded machine will be as accessable as house with no doors until you Promote it First Active Directory Domain controller (Start>Run> type 'DCPROMO')
'You need to make VERY carefully consideration when promoting because you need to create a DNS naming structure'
i have seen people that haven't and it is a B****** to resolve 'After' the muck up.
Next start doing clean installs on the new hardware and then 'DCPROMO' these as well (i'll get to why you should do this in a minute)
This enables your Active Directory on the first machine to Replicate its self across to the new machines (makes for good failover in the event of a DC going POP!)
Is the Exchange 5.5 machine on a Member server or on one of the previous BDCs or PDCs? i ask because you are going to have install an ADC on it (Active Directory Connector) to synchronise the Exchange 5.5 machine with the AD because in preperation for the upgrade the Exchange 5.5 Directory is going to be moved into the Active Directory because Exchange 2000 doesn't have a Directory Service of its own like 5.5, Active Directory IS ITS Directory service.
Again get detailed instructions on configuring the Recipient Connection Agreement (ADC can be installed from the Exchange 2000 CD and think there are instructions as well if i recall)
Next Install Exchange 2000 on one of the New Machines and also install (as well as the Exch2000 System manager component) the Exchange 5.5 Administrator Component (this is needed later when you are about to turn off the 5.5 box), when all configured and happy, you are going to start migrating (this can be done in batch BUT there are potential mine fields when it comes to Legacy accounts)
To move any Public Folders you want to create Public Folder replication between the 5.5 and Exch2000 machines, and when satisfied that replication is OK (this takes time), opt to 'Re-Home' Public Folders onto New machine and take the 5.5 machine out of the loop.
Next using the AD Users and Computers Snap-In you are going to do a 'Move Mailbox' for each User and move them to the Exch2000 box (again one at a time is probably best, i killed the Managing Directors account by doing this in bulk, and talk about legacy account WHaT a KniGHtMare!)
Turning off the 5.5 machine is too much to list here and we will also need to know how you have been sending emails and how you intend to send them after the upgrade.
Onto the Multiple DCs, before you ask, with Active Directory there is no PDC (one machine rules all! type setup) each DCPROMO'd machine is a PDC (if you will) that replicates identical copies of itself between each machine so that incase of a machine going down then the others take over (for a while anyway, just long enough for you to fix the broken one)
But you want to turn off the upgraded NT4>2000 machine?
This machine was the first! so in the 'Schema' of things (no Pun intended, you will understand in a mo')
This machine is the Active Directory FSMO (Flexible Single Master Owner)
AD is in essence split into 5 roles and a Catalog!
Your first AD DC owns the following Directory roles;
Schema owner server1.yourdomain.com
Domain role owner server1.yourdomain.com
PDC role server1.yourdomain.com
RID pool manager server1.yourdomain.com
Infrastructure owner server1.yourdomain.com
and also be the 'Global Catalog'
to see this information type in a DOS prompt on one of the servers (or an XP machine)
'NETDOM QUERY FSMO'
Or search the AD snap-ins for the GUI version
You will need to find instruction on moving/migrating these roles to the other machines before you can Demote and turn off the old machine.
There is so much more to all this, as mentioned you are not going to complete this in a weekend. Probably best to the OS's first, verify the stability and then start the Exchange replication stuff the next weekend, thencheck how stable it is running in a Mixed Mode environment go from there over the next few weekends.
I ran a Exchange system (due to work load!) on Win2k AdvSvrs with a duel Exchange5.5/2000 environment for nearly 3 weeks because the work needed ABSOLUTE concentration and your full attention (no distractions please!)
And you ARE NOT going to complete this in a weekend!
But coming from someone that has just completed the very same operation as you are intending, this how i did it, and i am not going to go into any great detail just point in the right direction.
Promote one of the BDCs and take the current PDC off the LAN (for roll back purposes incase it all goes 'Pete Tong')
Do an 'Upgrade in place' on the newly promoted PDC (follow instruction by the letter), also turn off the other BDC.
When done the Newly upgraded machine will be as accessable as house with no doors until you Promote it First Active Directory Domain controller (Start>Run> type 'DCPROMO')
'You need to make VERY carefully consideration when promoting because you need to create a DNS naming structure'
i have seen people that haven't and it is a B****** to resolve 'After' the muck up.
Next start doing clean installs on the new hardware and then 'DCPROMO' these as well (i'll get to why you should do this in a minute)
This enables your Active Directory on the first machine to Replicate its self across to the new machines (makes for good failover in the event of a DC going POP!)
Is the Exchange 5.5 machine on a Member server or on one of the previous BDCs or PDCs? i ask because you are going to have install an ADC on it (Active Directory Connector) to synchronise the Exchange 5.5 machine with the AD because in preperation for the upgrade the Exchange 5.5 Directory is going to be moved into the Active Directory because Exchange 2000 doesn't have a Directory Service of its own like 5.5, Active Directory IS ITS Directory service.
Again get detailed instructions on configuring the Recipient Connection Agreement (ADC can be installed from the Exchange 2000 CD and think there are instructions as well if i recall)
Next Install Exchange 2000 on one of the New Machines and also install (as well as the Exch2000 System manager component) the Exchange 5.5 Administrator Component (this is needed later when you are about to turn off the 5.5 box), when all configured and happy, you are going to start migrating (this can be done in batch BUT there are potential mine fields when it comes to Legacy accounts)
To move any Public Folders you want to create Public Folder replication between the 5.5 and Exch2000 machines, and when satisfied that replication is OK (this takes time), opt to 'Re-Home' Public Folders onto New machine and take the 5.5 machine out of the loop.
Next using the AD Users and Computers Snap-In you are going to do a 'Move Mailbox' for each User and move them to the Exch2000 box (again one at a time is probably best, i killed the Managing Directors account by doing this in bulk, and talk about legacy account WHaT a KniGHtMare!)
Turning off the 5.5 machine is too much to list here and we will also need to know how you have been sending emails and how you intend to send them after the upgrade.
Onto the Multiple DCs, before you ask, with Active Directory there is no PDC (one machine rules all! type setup) each DCPROMO'd machine is a PDC (if you will) that replicates identical copies of itself between each machine so that incase of a machine going down then the others take over (for a while anyway, just long enough for you to fix the broken one)
But you want to turn off the upgraded NT4>2000 machine?
This machine was the first! so in the 'Schema' of things (no Pun intended, you will understand in a mo')
This machine is the Active Directory FSMO (Flexible Single Master Owner)
AD is in essence split into 5 roles and a Catalog!
Your first AD DC owns the following Directory roles;
Schema owner server1.yourdomain.com
Domain role owner server1.yourdomain.com
PDC role server1.yourdomain.com
RID pool manager server1.yourdomain.com
Infrastructure owner server1.yourdomain.com
and also be the 'Global Catalog'
to see this information type in a DOS prompt on one of the servers (or an XP machine)
'NETDOM QUERY FSMO'
Or search the AD snap-ins for the GUI version
You will need to find instruction on moving/migrating these roles to the other machines before you can Demote and turn off the old machine.
There is so much more to all this, as mentioned you are not going to complete this in a weekend. Probably best to the OS's first, verify the stability and then start the Exchange replication stuff the next weekend, thencheck how stable it is running in a Mixed Mode environment go from there over the next few weekends.
I ran a Exchange system (due to work load!) on Win2k AdvSvrs with a duel Exchange5.5/2000 environment for nearly 3 weeks because the work needed ABSOLUTE concentration and your full attention (no distractions please!)
- Thread starter
- #4
Probably a safer bet than working with the live environment would be to build another BDC for the current live environment, then take this off the network onto your test lab and promote to a PDC. You can then plan and test what you're going to do.
Cheers, Antony
Cheers, Antony
- Thread starter
- #7
Thanks Antony for your replys...
That's what I was thinking of doing, was to bring up a BDC then remove it from the live network..then upgrade it into our test network...then install W2K onto the new server, then remove the BDC...switch W2K to native mode,now would this be like a fresh install(by removing the BDC)? except I will have all my user information..Then I was thinking of install Exchange 2000 on another server, create the mailboxes(only 35), then PST there mail over!
What do you think?
Thanks for any replys!
Steve
That's what I was thinking of doing, was to bring up a BDC then remove it from the live network..then upgrade it into our test network...then install W2K onto the new server, then remove the BDC...switch W2K to native mode,now would this be like a fresh install(by removing the BDC)? except I will have all my user information..Then I was thinking of install Exchange 2000 on another server, create the mailboxes(only 35), then PST there mail over!
What do you think?
Thanks for any replys!
Steve
Possibly a little confused, but are you expecting to install W2K and make it a member of the existing domain which will then transfer the user accounts to your W2K server? If so, it doesn't work like this I'm afraid. You've got two options to get the user accounts into the AD domain:
1. Upgrade the BDC you take off the network to a PDC. Then, install W2K onto this server effectively upgrading your NT domain to an AD domain with all the user accounts in it. You can then switch to Native mode (NB - in the live environment, you need to decommision your BDCs first before switching to Native mode).
2. Install W2K server on a new server with a fresh install and run dcpromo to create a new AD domain. Promote your BDC you've taken off the network to a PDC. Now, use the ADMT (Active Directory Migration Tool) to migrate user accounts, groups, computers, service accounts etc. to the new AD domain (NB, if you migrate the groups first and use SID history, when you migrate the user accounts, they will automatically be put into the correct groups they were in before. Also, using SID history buys you some time as users will still be able to access all shares etc. they could before. You can then go through slowly and re-permission everything with the new AD groups and use the SID history clean-up tool to tidy up the new domain).
The ADMT comes with documentation and is available as a free download from the MS website. You will need to do some configuration on each of the user accounts after migration as it's a bit clumsy in the way it works.
Not sure about Exchange as we're a Lotus Notes house so haven't had much experience with it, but I used method 2 above (with some scripting to do the post migration configuration on users) to migrate some 2500 users from four old NT domains and it went surprisingly smoothly! We did spend about 6-8 months planning the whole thing though and getting our AD design correct so I still recommend reading those white papers I listed above about depolying AD before you start.
Hope this helps
Cheers, Antony
1. Upgrade the BDC you take off the network to a PDC. Then, install W2K onto this server effectively upgrading your NT domain to an AD domain with all the user accounts in it. You can then switch to Native mode (NB - in the live environment, you need to decommision your BDCs first before switching to Native mode).
2. Install W2K server on a new server with a fresh install and run dcpromo to create a new AD domain. Promote your BDC you've taken off the network to a PDC. Now, use the ADMT (Active Directory Migration Tool) to migrate user accounts, groups, computers, service accounts etc. to the new AD domain (NB, if you migrate the groups first and use SID history, when you migrate the user accounts, they will automatically be put into the correct groups they were in before. Also, using SID history buys you some time as users will still be able to access all shares etc. they could before. You can then go through slowly and re-permission everything with the new AD groups and use the SID history clean-up tool to tidy up the new domain).
The ADMT comes with documentation and is available as a free download from the MS website. You will need to do some configuration on each of the user accounts after migration as it's a bit clumsy in the way it works.
Not sure about Exchange as we're a Lotus Notes house so haven't had much experience with it, but I used method 2 above (with some scripting to do the post migration configuration on users) to migrate some 2500 users from four old NT domains and it went surprisingly smoothly! We did spend about 6-8 months planning the whole thing though and getting our AD design correct so I still recommend reading those white papers I listed above about depolying AD before you start.
Hope this helps
Cheers, Antony
Blimey, i would kill to have 6-8 months to plan an upgrade!
I could re-structure Microsoft in that time (kidding)
I had 'Upgrade to Win2k AD Domain, Exch2000, SQL2000, Fax System, and many other solutions e.t.c.' dumped on me on the 3rd of January with a month time limit (i.e. running to expectations by Feb 1st).
On top of doing my actual job!
I'd love to get into a consultancy position for this because it is second nature to me, but i am at a DB Consultancy and AD Consultancies ask for things like MCSEs which i neither have or have time for, Paper or Proven!
I could re-structure Microsoft in that time (kidding)
I had 'Upgrade to Win2k AD Domain, Exch2000, SQL2000, Fax System, and many other solutions e.t.c.' dumped on me on the 3rd of January with a month time limit (i.e. running to expectations by Feb 1st).
On top of doing my actual job!
I'd love to get into a consultancy position for this because it is second nature to me, but i am at a DB Consultancy and AD Consultancies ask for things like MCSEs which i neither have or have time for, Paper or Proven!
- Thread starter
- #10
Thanks for the reply Antony!
What I mention before was the same thing that you mention in your #1 answer...I think that will be my best bet..So here is the plan...
1.Install NT4.0 as a BDC in live environment.(Lets call it "test"
2.Take it off the live, put it in the test environment.
3.Promote it to a PDC, Install W2K Server, AD.
4. Install new server with W2K, add it to AD "Lets call it "New".
5. Switch to native mode.
6. I then can get ride of the "test" server.
Voila..I should have a fresh install with all my users!
What do you think?
Thanks!!!!!!!!!!
What I mention before was the same thing that you mention in your #1 answer...I think that will be my best bet..So here is the plan...
1.Install NT4.0 as a BDC in live environment.(Lets call it "test"
2.Take it off the live, put it in the test environment.
3.Promote it to a PDC, Install W2K Server, AD.
4. Install new server with W2K, add it to AD "Lets call it "New".
5. Switch to native mode.
6. I then can get ride of the "test" server.
Voila..I should have a fresh install with all my users!
What do you think?
Thanks!!!!!!!!!!
I know exactly where your coming from, haven't bothered doing my MCSE either cos it's a waste of time and money to get the ability to actually do a job, it's just a requirement to get a job!
By the way, 6-8 months planning was something I dictated to the company so we'd get it right - was actually given 3 months originally (by managers who knew nothing about what actually needed to be done) to plan and then migrate 5000 users worldwide from some 10-12 old NT 4 domains into one AD domain plus decommision the old domains, file servers etc. Migrating in the UK is now done but still ongoing in other areas of the world and decommisioning is still ongoing and we started over a year and half ago! This 3 months also included upgrading all 5000 users to new machines running Windows 2000!
But what can you do except tell them where to go!!
By the way, 6-8 months planning was something I dictated to the company so we'd get it right - was actually given 3 months originally (by managers who knew nothing about what actually needed to be done) to plan and then migrate 5000 users worldwide from some 10-12 old NT 4 domains into one AD domain plus decommision the old domains, file servers etc. Migrating in the UK is now done but still ongoing in other areas of the world and decommisioning is still ongoing and we started over a year and half ago! This 3 months also included upgrading all 5000 users to new machines running Windows 2000!
But what can you do except tell them where to go!!
- Thread starter
- #13
- Thread starter
- #15
- Status
Similar threads
