+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
How do you do....it? Thread, Move from CC3 to Vanilla in Technical; Hey guys, If I have a large CC3 network 500ish XP clients and I want to move to a vanilla ...
  1. #1

    Join Date
    Mar 2010
    Posts
    41
    Thank Post
    1
    Thanked 10 Times in 4 Posts
    Rep Power
    11

    Move from CC3 to Vanilla

    Hey guys,

    If I have a large CC3 network 500ish XP clients and I want to move to a vanilla XP/7 network in 6 weeks how is best to go about it? My initial ideas are to:
    1. Setup a brand new server 2008 R2 as a new DC for a brand new domain.
    2. Some how try to migrate existing active directory over to new DC
    3. Simular process for mail server etc
    4. Run some script on the existing clients to join them to a new domain.
    5. Test things are working
    6. Gradually upgrade to 7 a classroom at a time and provide staff training to be relayed to students.

    What do you think? Is this the best way to go about it or is there any kind of inplace upgrade path I can make?

    Thanks

  2. #2


    Join Date
    Feb 2007
    Location
    Northamptonshire
    Posts
    4,692
    Thank Post
    352
    Thanked 797 Times in 716 Posts
    Rep Power
    347
    6 weeks isn't a very long time but if you have this time dedicated you should be fine.

    I'd firstly tell you you won't be able to run any script to move them from a CC3 domain to your vanilla one without incurring problems with the RM Software so it's going to be a reinstallation of windows job which probably isn't a bad idea and your PC's will thank you for it. It does however mean you need to have a plan in place for your builds ... consider something like FOG (free opensource ghost) if you want to do it for free en-mass.

    My personal view again from an RM perspective would be to build your domain on a separate network switch with a couple of workstations, get it up and working and sort out your policies etc to cover application deployment and all that other stuff CC3 does for you. Be aware that Windows 7 has different requirements for profiles (v2) than XP so it won't be a 'smooth' transition between these meaning everyone will end up with two profiles. Unless you go mandatory in which case it's less relevant, have you considered your profiles?

    You're going to have a busy time ahead, do you have a 'deadline' of 6 weeks or is this a target on yourself?

    There's a lot to be done but there's lots of helpful people on here to assist, how much downtime have you factored in?

  3. #3

    Join Date
    Mar 2010
    Posts
    41
    Thank Post
    1
    Thanked 10 Times in 4 Posts
    Rep Power
    11
    Well we have the unofficial go ahead from SLT I was hopeing to implement over summer 2011 but if I could do it any sooner than that would be better. I haven't yet considered profiles as I will stay at XP until the CC to vanilla transition is complete.

    I was planing on asking all of our staff to copy any documents that they cant bare to be without over the transition period onto a memory stick and leave there laptops alone over the holiday, so that they can do there work. This would mean though that after the holiday no staff laptops will be working which is a big problem.

    After the CC to vanilla transition I hope to upgrade a classroom at a time (to start with) and ensure everythings working.

  4. #4

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    Important question: What's the "mail server"? Exchange or something else? And do you have any other service kicking around on CC3 domain member servers?

    I would recommend a new domain, but subject to what you've got now that might involve truckloads of icky migration work you could avoid by recycling the current one. It's not too hard to keep AD with the bits you want and ditch the RM stuff (apart from a few completely harmless attributes), but I wouldn't contemplate that if the system has had a rocky history. In either case you will need to rebuild all workstations/laptops with whatever tech you pick for your new system.

    PS: Personally I'd either go to Win7 everywhere (which may kill some of your apps), or XP everywhere and leave Win7 as an incremental phase #2 when it's all settled down

    PPS: Make an R2 VM and a couple for workstations and start designing/playing with file system structure, AD structure and GPOs (hint: especially GPPs) ASAP.

  5. #5


    Join Date
    Feb 2007
    Location
    Northamptonshire
    Posts
    4,692
    Thank Post
    352
    Thanked 797 Times in 716 Posts
    Rep Power
    347
    Further to before what is the driving force behind switching (nobody need chip in here with RM bashing), cost? functionality? existing problems?

    I think it's going to be a bit of a nightmare at this time of year and it may serve you better hanging fire until the summer or at the very least spending this time researching alternative functionality providers for the bits RM does.

    Not trying to kill joy your plan but I think not long into the term it's a little bit wild to do this (unless there's some rationale behind it other than because it looks shiny) and don't rely on your users to back up their data, they will say they did but won't have and it will be a large problem to fix.

    I do think getting this set up either virtualised or in its own isolated area will be a good start for you and will take a lot of the stress out of the situation when you go live.

    I also completely echo everything PiqueABoo says above.

  6. #6

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,212 Times in 761 Posts
    Rep Power
    394
    This summer I completed a transition from CC3 to a vanilla network. My approach was different: I kept the existing domain. Having done it I can say it is absolutely feasible, and actually much less hassle in my opinion. The first step was simply to create new OUs with inheritance disabled in GPMC and then linked/created only the group policies I wanted that were not RM specific. In this way you can essentially set up a 'fresh' subsection of AD that isn't affected by any RM policies.

    I chose this having done a domain migration once in the past, and knowing that moving user accounts and other AD objects from one AD to another is not a trivial process. File share permissions are also a hassle; if you are planning a slow transition, you have to allow for both domains to have access to the same set of user files at the same time as there is no guarantee a student wouldn't log on to a Windows 7 machine one lesson and then a CC3 machine the next.

    As well as eliminating these hassles, my method also meant I could introduce Windows 7 clients without having a separate DC. I actually moved an entire quarter of our clients to Windows 7 while still running on the RM DCs. Only once it came to the 'big push' in the summer did I introduce new DCs and phase out the RM ones.

  7. 2 Thanks to AngryTechnician:

    Butuz (13th October 2010), Oaktech (15th August 2013)

  8. #7

    MK-2's Avatar
    Join Date
    Oct 2006
    Location
    Nottingham
    Posts
    3,237
    Thank Post
    149
    Thanked 581 Times in 307 Posts
    Blog Entries
    8
    Rep Power
    200
    I have to agree with kmount here. We are doing a CC4 > vanilla switch and had been asked if it would be possible to do it in the october half term. while this is possible it's not ideal so we've requested it be put off until summer when we will have time to do it and fix any errors that may arise, and also gives time for us to plan a best course of action.
    if you could get a server in before the summer, you could then build it as a DC for the new domain, re-create active directory (i'd do that rather than migrate) and import users (from MIS) and you can then hook up a machine to test it with and see it works as expected.
    if budget allows, buy in as many servers as possible if you can replace them to start rebuilding to vanilla. also try to take machines out of action now to build ghost images, which you can then archive and rebuild the machine to cc3 after.
    we are implementing a hybrid system in october that will see us through to summer, PM me if you want more details as i'd rather not go into RM bashing here as kmount said, so a PM would be easier

  9. #8
    Butuz's Avatar
    Join Date
    Feb 2007
    Location
    Wales, UK
    Posts
    1,579
    Thank Post
    211
    Thanked 220 Times in 176 Posts
    Rep Power
    63
    That sounds like a really good way of doing it AngryTechnician!!!! Any chance you could take a screenie of your new OU layout in AD U & C's?

    Cheers

    Butuz

  10. #9

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,292
    Thank Post
    226
    Thanked 406 Times in 303 Posts
    Rep Power
    162
    @AngryTechnician: Incredibly cheeky, but if you were to do a write up or have any documentation about the process you went through I would be hugely interested.

  11. Thanks to TechMonkey from:

    Butuz (13th October 2010)

  12. #10

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,212 Times in 761 Posts
    Rep Power
    394
    This is what ADUC looks like now at the top level:



    OUs in red are ones I added.
    • Clients contains all the Windows 7 computer accounts
    • Groups contains all the non-CC3 groups I created
    • People now houses all my user accounts
    • Robots contains accounts used by automated tasks or devices that require an AD auth
    • Servers contains all my non-CC3 member servers


    Obviously you'll only have the Exchange one if you have onsite Exchange. Each of the OUs that contains accounts of some kind has Block Inheritance ticked in GPMC.

    Most of the CC3 stuff is actually still sitting dormant inside Establishments... just haven't gotten around to clearing anything out yet except the Computer and User accounts. The OUs I use only have links to GPOs that I have created at this point.

    Dealing with the user accounts is an interesting (but easily solved) problem since until you migrate everything away from CC3, you still need all the user accounts sitting under Establishments with all the RM GPOs applying. To get around trying to deal with RM user policies applying on a Windows 7 workstation, I attached my own user GPOs to the OUs with the computer accounts in, and used Loopback processing with replace. This means it will basically ignore the RM user policies whenever that user logged onto a Windows 7 machine, and use the settings I had defined instead.
    Attached Images Attached Images

  13. 3 Thanks to AngryTechnician:

    Butuz (13th October 2010), PiqueABoo (13th October 2010), Tara (7th August 2013)

  14. #11

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    I'm hoping to get the go ahead for this in the coming weeks. Hope to have 2 brand new servers arrive before the end of the year which I will configure on their own network, setting up accounts, permissions, services etc etc.

    Also create images for machines, MSI's etc without affecting anyone. Was part of a team that did this at my old school in 8 days - because everything was done server side before the change over the hardest part was copying data across and imaging machines.

    My plan is also for summer, but hoping to be completed within a couple of weeks if everything is configured correctly.

    It was tough with 3 of us. Gonna be even harder on my own for a similar size network.

    God loves a tryer!

  15. Thanks to Hightower from:

    Butuz (13th October 2010)

  16. #12

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,212 Times in 761 Posts
    Rep Power
    394
    Quote Originally Posted by TechMonkey View Post
    @AngryTechnician: Incredibly cheeky, but if you were to do a write up or have any documentation about the process you went through I would be hugely interested.
    The documentation I have for the final migration is basically just my internal checklist of things to do... some of it has links to documentation, but a lot of it is stuff that I already knew by heart so didn't write down how to do it (maybe lazy practice but how many of us document all of our one-time processes?)

    If I have time (hah!) to clean it up at some point I will get back to you. It's also not a complete checklist as I'd been making gradual changes in advance for about a year with the eventual migration in mind...

  17. 2 Thanks to AngryTechnician:

    Butuz (13th October 2010), TechMonkey (14th October 2010)

  18. #13

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    My approach was different: I kept the existing domain.
    Well I did allow for existing CC3 domain recycling in my earlier post It's a case of weighing up a variety of pros and cons for each approach and those are overwhelmingly site specific (to include local politics). I wouldn't want to do gradual at all, but as above an Exchange would give me pause for thought re. a new domain, as would any serious investment in account/group permissions in any network service or parts of the file system. Anyway since you're doing the recycle angle..

    What I like best about a new domain is almost psychological in nature i.e. there seems to be a much better chance of folk using different, and one hopes better, approaches when they start with a blank slate. More pragmatically you know what *all* the deltas are i.e. you made all those changes to the OOTB defaults and know why you changed them.

    Share/folder permissions wouldn't bother me simply because I wouldn't have very many shares. You can design it so you don't have a zillion per user shares, especially if it's Win7 & 2008 R2 where thanks to SMB2 you can get sensible numbers for folder quotas from sub-folders below shares. I would also want a script (or something) that resets user profile/home folder permissions regardless - one you might make to sort out permissions after copying lots of user folders from the CC3 domain can be reused later should for instance, an Admin need to start fling folder/files into user folders and subsequently need to get the permissions/ownership reset to the relevant users.

    --
    With either approach, I will always maintain that the most significant area in terms of time & effort is the GPOs/GPPs. CC3 has a lot of policy settings for generally good reasons and if you want a credibly comparable D-I-Y system you'll need a similar number .. and likely have to think quite hard about the best approach to more than a few of them.
    Last edited by PiqueABoo; 13th October 2010 at 10:14 PM.

  19. #14

    Join Date
    Nov 2008
    Location
    Derby, UK
    Posts
    169
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    12
    I did something similiar last summer hols, only we moved from a server 2003/XP network to a Server 2008/7 network. This involved new servers for domain controllers. We did as has been previously mentioned and built the DC before the hols and had a workstation setup to iron out all the GPO's (which we were building afresh), it also involved a new cab for all the switches which meant repatching.

    I`m happy to say we did and all 80 workstations and 30 laptops were built and running and users could log in by the start of term, we did have to work an extra day at weekends here and there.

    We did plan it like a military operation and has certain jobs to be complete by certain dates. What I also found really usefull while we were building we had flip chart paper on the walls of our ict suite (our base of work) detailing all the jobs and when they needed to be compled by, we simply put a cross through the ones we'd finished, this helped me keep track of where we were in the build.

    It can be done, just it needs planning really well, and documenting well (cause u`ll forget what you'v decided).

    One more thing take pictures of the work your doing so you can show staff, some of them think the fairies come over the hols while techies put thier feet up, and it shows them all how much work is involved in these types of projects.

  20. #15

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,935
    Thank Post
    138
    Thanked 290 Times in 210 Posts
    Rep Power
    193
    We've just gone from CC3 to vanilla xp (700)/7 (300) and 2008r2. However we spead the transition out over an entire year running two in parellel and trasitioned staff and their laptops before any students. During the year we nailed down student GPOs and software, images, duplicated packages and support systems before summer rebuild to new domain and just moved the file servers over and used scripts to correct any mistakes.

    Biggest issue was exchange 2010 running on new domain and farming mail out to the old 2003 exchange servers, fiddly but possible.

    Currently decommisioning the old RM servers with no clients now. Which brings a smile to my face.
    Last edited by Theblacksheep; 20th January 2011 at 03:09 PM.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. CC3 to Vanilla....costing
    By mcnallyfc in forum How do you do....it?
    Replies: 8
    Last Post: 8th October 2010, 10:39 AM
  2. Moving from CC3 to Vanilla.....
    By mcnallyfc in forum Network and Classroom Management
    Replies: 16
    Last Post: 30th July 2010, 09:52 AM
  3. CC3 and Vanilla (non RM) Terminal Servers???
    By Butuz in forum Network and Classroom Management
    Replies: 3
    Last Post: 9th February 2010, 09:50 PM
  4. CC3 Start Menu and Vanilla machines
    By mikeglover in forum Windows
    Replies: 1
    Last Post: 20th October 2009, 03:25 PM
  5. Vanilla Server on CC3
    By gybe78 in forum Network and Classroom Management
    Replies: 5
    Last Post: 31st July 2008, 12:46 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •