Windows 2K3 on NT Network 1

[bash3r]

I have 20 user network, 2 NT servers, NT1 (file/print server, PDC) & NT2 (Lotus Domino, BDC), they are OLD servers and we want to replace them with new Windows 2003 servers. We will not be performing any upgrade or migrations. I want to start by replacing the PDC which is NT1 with a new W3K file server, while keeping NT2 on the network for email until we are ready to replace it.

My question, what issues are there to look out for when replacing a NT PDC with a W3K server and putting NT2 server on the W3K network? Any one have a setup like this with advice or links to information? I don't want to run the upgraded race, I'd like to just do clean install of W2k3.

Thank you very much!

 

[xmsre]

You choices are migrate or upgrade. You could stand up a new W2K3 domain and use ADMT to bring the accounts over with SID history. I'm not sure how gnoats will play with that.

The other route would be to load the new server as an NT4 BDC, make it a PDC, and upgrade from there. It'll run in mixed mode. After you remove the downlevel BDCs, you can switch to native.

 

[cmeagan656]

We did a clean install of a W2K3 DC to replace our failing NT4.0 SP6a PDC. Our other 4 servers are NT 4.0 SP6a.

We're running the W2K3 server in hyrbrid mode and haven't had any problems. We run the W2K3 as the DNS/WINS server, active file server, and print server. Our RRAS is on an NT4 server which also serves as our file server for files older than 3 years. We run another NT4.0 server for our Exchange 5.5 server and XWall (our spam filter). The remaining two servers are NT4 SP6 Terminal Servers.

See this thread: Thread55-717213.

Cheers.

 

[bash3r]

cmeagan, this is what I'm wanting to here. Could I ask you a few questions on your setup. You did no kind of migrate or upgrading correct, just new box and W2K3 added to your existing network?

Your W2K3 server is now your global catalog server and did you have to make changes to any of your NT servers once the W2K3 server was online? Your domain name stayed the same, yes, and did you change the hostname of the W2K3 server different from the failing NT PDC server?

Thanks for your help..!!

 

[cmeagan656]

Hi bash3r,

Quote: You did no kind of migrate or upgrading correct, just new box and W2K3 added to your existing network?

It was a new box added to the exisiting domain. Since we wanted minimal disruption to our network we did bring in a loaner NT4.0 BDC (not originally on our network)and upgrade it to PDC then to W2K3 since the PDC should be the first to be upgraded to W2K3.

Quote: Your W2K3 server is now your global catalog server

Our W2K3 is now our global catalog server, DNS server, and WINS server.

Quote: did you have to make changes to any of your NT servers once the W2K3 server was online?

Because we'd only used WINS before we had to configure DNS on all our servers and clients. We also had to change our Primary WINS server address to point to the new server.

Quote: Your domain name stayed the same

Yes, it doesn't need to change.

Quote: Did you change the hostname of the W2K3 server different from the failing NT PDC server?

Yes, only because we wanted to keep our network up until it was time to move the W2K3 server into place. Our actual down time was less than 8 hours including data transfer. We used Snapshot for 26GB of data.

One gotcha, if you don't alredy know, W2K3 doesn't seem to like NETBUI, at least not in hybrid mode. We removed it from all servers and clients and use only TCP/IP.

Move all your data files to a usrshr directory and your drive mappings can remain the same (i.e. E:\ drive on your old server can still be mapped as E:\ on your W2K3 server). If you map your drives through your logon script you just have to change the name of your server there. We went from HQ to HQ2 for server names. You will only have to remap the Win9x clients manually and UNC file paths may need to be reconfigured depending on your set up.

We're having a minor problem with our Exchange 5.5 Internet Mail Service not wanting to restart immediately after a system hard boot. There's no problem if the DNS server hasn't been shutdown and restarted but otherwise it takes 35 -40 minutes before the IMS will start. However, we believe this to be an issue with our spam filter which uses localhost 127.0.0.1.

Cheers.

 

[xmsre]

Wow; someone still used Netbui at this late date. Did you know that when Netbui was originally designed by IBM in the early eighties it was expected to sell less than 200K units? Oops.

 

[cmeagan656]

Yep, I know. The last thing I was expecting to find anywhere was NETBUI. It was configured on the clients and the older servers but wasn't really serving any useful purpose. I hadn't built the original clients or servers and since the network was humming along until the PDC decided it didn't like to boot with any reliablity after the last set of M$ patches (no it wasn't the patches that caused the problem) I hadn't paid as much attention as I probably should have to what was configured. I was more concerned with locking down the clients and terminal servers to prevent unauthorizied software installation ("Everyone" had full control) and getting a strong password policy in place (the user name was the password).

Surprisingly, I found that the previous tech had configured a couple of clients for NETBUI as recently as a two years ago.

Cheers.

 

[bash3r]

cmeagan, the loaner box, is it now your w2k3 box? or did it go away once your new w2k3 server was online? What happens if you add a w2k3 server(with out upgrading) to a network that ony has 1 other NT BDC, and the original PDC is dead?

 

[cmeagan656]

The loaner box was pulled once the new w2k3 box was online.

Sorry for any misunderstanding. Our PDC was still online right up to the time that it was replaced by the new w2k3 server. We just couldn't trust it to boot anymore. As luck would have it, we tried to reboot it after pulling it from the network and it failed totally. Talk about perfect timing! I think it made my boss feel better about the money he'd just spent on the new server, licensing, and installation.

Cheers.

 

[bash3r]

If the NT2 server is not a BDC, then I should not have any issues correct? My goal is to have the NT2 Server act as just another client on the new W2K3 server which all it will do is act as an application server for Lotus Domino.

Can you think of any?

 

[cmeagan656]

I can't think of any issues whether the NT2 box is a BDC or not. We just left our BDC as a BDC, it wasn't doing any harm in our case.

Cheers.

 

[xmsre]

Cmeagan656, that's still an in-place upgrade path.

1. "bring in a loaner NT4.0 BDC (not originally on our network)and upgrade it to PDC then to W2K3 since the PDC should be the first to be upgraded to W2K3."

2. I assume you then did a clean install of W2K3 on the new box, DCPROMO, transferred all the FSMO roles to it, and demoted the "loaner" so you could eventually give the "loaner" back.

3. "Our PDC was still online right up to the time that it was replaced by the new w2k3 server." This implies that you did the upgrade process on a hub or isolated network until the swap.

4. You can't switch to native mode until all the NT4 BDCs are gone.

 

[cmeagan656]

xmsre,

Here's what we did:

1. install/configure hardware on two servers (one loaner)
2. install W2K3 on NEW server
3. install NT4 as BDC on loaner
4. install all SP and security patches
5. promote to PDC
6. upgrade to W2K3
7. join NEW server to domain
8. move all FSMO roles and global catalog to NEW server
9. remove loaner from domain
10. copy all data files from OLD server to NEW server
11. remove OLD from network

Yes, it was a clean install on W2K3 on a new box. That was the reason for the loaner, so that we could get a clean install.

It wasn't done on a hub or isolated network.

I know you can't switch to native mode until all the NT4 BDCs are gone, but we've only got one BDC and we're not planning on replacing it at the moment. The next to move to W2K3 will probably be the backup terminal server with what is now our main TS becoming our backup TS in case of a main TS failure and for those applications which can't be run on W2K3.

We're an accounting firm so we have to run the applications which our clients use, which includes several accounting programs dating back 5 plus years.

Cheers.

 

[rythmstr]

I think xmsre is just pointing out it's a matter of semantics. The procedure you ran would be considered an "in place" migration. If I'm reading this right, it seems like Bash3r is either trying to implement the Win3K server as a member server, or trying to get it "involved" in the network somehow doing authentication without going through the process of some type of migration. I would imagine it could take part of an NT environment a member server as Win2K servers do...?

Since I jumped into this - has anyone seen any straightforward docs on doing the Win3K migration when Linux is running DHCP and DNS? I've done some searching and haven't really found anything that I really like yet.

Also, cmeagan - did you find the migration fairly simplistic once undergoing the effort. Did you do a lot of documenting, planning and preparing including a backout plan?

Thanks,
Ryth

 

[jappo]

As most of the guys\girls (Being politically correct) have stated you have two options. Migrate or Upgrade.

As you are not currently using Exchange 5.5 or 2000 i would recommend that you do an inplace upgrade. This will keep all of your current user SID's intact.

1. Build a staging server as an NT4 domain controller.
2. Upgrade staging server to Windows 2003 server. For this exercise we will call the server DC-Stage
3. Run DCPROMO.EXE to upgrade new server to Windows 2003.
Follow prompts and install DNS etc....
4. Install second Fresh Windows 2003 server named DC01 (or whatever you like) and run DCPROMO.EXE. Also install DNS on this server. (This server should be built from scratch so you have a clean install without all of the funky NT4 stuff left over.)
5. Ensure that DC01 hosts all of the FSMO roles.
6. Decomission staging server.
7. Rebuild staging server as new server Windows 2003 server DC02. Install DNS, blah blah blah.
8. Migrate data, applications, and install required services to the new servers.
9. Decommission old NT4 infrastructure.
10.Change from mixed mode to native mode once you have killed the old NT4 Domain Controllers.

This plan is really simplified but follows along the same lines as what i have recently completed for one of my clients. It is also nice to note that this method works with both Windows 2000 and 2003.

Hope that this helps.

JAPPO.



Jappo's here to help.

 

[rythmstr]

Jappo,
Sounds good and reasonable -- but if you're running Exchange 5.5 --- can't you do the same thing until you're ready to upgrade/migrate Exchange?

 

[jappo]

Hi rythmstr,

You are correct, it is just that you need to perform a few more steps to migrate all of the mailboxes and public folders to a new server.

The installation of Exchange itself is fairly simple (Follow the bouncing ball).

Cheers,

JAPPO

Jappo's here to help.