+ Post New Thread
Results 1 to 6 of 6
Windows Server 2008 R2 Thread, Migration to R2 domain - advice needed please in Technical; Hello, We currently have a Server 2008 domain. We have a server providing AD and DNS services, with a second ...
  1. #1

    Join Date
    Jan 2007
    Location
    The Console
    Posts
    236
    Thank Post
    22
    Thanked 29 Times in 23 Posts
    Rep Power
    22

    Migration to R2 domain - advice needed please

    Hello,

    We currently have a Server 2008 domain. We have a server providing AD and DNS services, with a second server replicating these roles.

    Over the years our domain controller has been upgraded from previous versions of Windows Server (not by me) and we are now left with this 2008 machine with a legacy AD / group policy set up which does not suit the current design of our network. We have also found that our secondary server seems to take over on the network, and does not properly replicate group policy settings anymore (for example, the domain controller has new group policy proxy settings to push to clients, when the secondary server is online it becomes the logon server and pushes out old proxy settings refusing to replicate the new settings...odd).

    My plan is to build a new Server 2008 R2 domain controller, and re-do our group policy to fit the needs of the school from the ground up. My question is, is there a way to migrate user accounts from the old 2008 machine to the new 2008 R2 machine? We do not want any of the old groups / group policy stuff, just the user accounts to save on re-making them. Can anyone offer advice on if there is a way to do this, or if we are better off just recreating user accounts etc.

    As a side issue, we also run Citrix XenApp 5.5 which is running on 4 other Server 2008 machines. I understand that 5.5 does NOT run on R2. Seeing as these Citrix servers are just standard / member servers, there shouldn't be any problems leaving these as 2008 machines in the 2008 R2 domain, correct?

  2. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,572 Times in 1,252 Posts
    Rep Power
    340
    I would say the first thing is resolve the replication issue. Typically DNS problems can be the root cause, but looking at Active Directory Sites and Services should give you some ideas why it's not working, along with checking the event logs.

    Once you've resolved this, you'll need to update the Schema to 47 (for a 2008 R2 DC). Then you can join a 2008 R2 server to your domain and promote it to a DC.

    I don't think your problem justifies starting from scratch. You're just as well to create new OUs, link new GPOs to these OUs and test accordingly. You can then delete the old OUs and GPOs once everything has been migrated over.

    And to answer your question, yes you can leave 2008 members in a 2008 R2 domain, but manage GPOs and other settings from 2008 R2 or Windows 7 SP1 + RSAT.

  3. Thanks to Michael from:

    iSteve (1st May 2012)

  4. #3

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    6,804
    Thank Post
    1,298
    Thanked 1,659 Times in 1,112 Posts
    Blog Entries
    22
    Rep Power
    507
    Personally I wouldn't ditch everything to start over but add the new R2 server to the domain (make sure you use R2 AD schema), create new OUs where you can create your new GPOs then move things across when you are ready.

    Though I would want to resolve the replication issues before embarking on this, check event logs and useDCDiag to help troubleshoot.
    Specifially running dcdiag /replsource:<partner DC> will check if everything is as it should be.
    Last edited by sparkeh; 1st May 2012 at 10:36 AM.

  5. #4

    Join Date
    Jan 2007
    Location
    The Console
    Posts
    236
    Thank Post
    22
    Thanked 29 Times in 23 Posts
    Rep Power
    22
    Thanks Michael, so just to be clear in my mind:

    1). Fix the replication
    2). Update the schema on the current/old 2008 server
    3). Build the 2008R2 machine, and promote to DC
    4). Build second R2 box and have this replicate the new DC
    5). Get rid of old 2008 machine

    Then adapt / remake GPOs etc to suit

  6. #5

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,572 Times in 1,252 Posts
    Rep Power
    340
    1). Fix the replication
    2). Update the schema on the current/old 2008 server (only on your FSMO role holder, not all DCs, as it'll replicate out automatically)
    3). Build the 2008R2 machine, and promote to DC, transfer FSMO roles
    4). Build second R2 box and have this replicate the new DC
    5). Then adapt / remake GPOs etc to suit
    6). Get rid of old 2008 machine (optional), but if you plan on keeping Citrix, you'll need to explore upgrade options
    7). Raise Forest/Domain functional levels to 2008 R2
    Last edited by Michael; 1st May 2012 at 11:35 AM.

  7. #6

    Join Date
    Jan 2007
    Location
    The Console
    Posts
    236
    Thank Post
    22
    Thanked 29 Times in 23 Posts
    Rep Power
    22
    Thanks for your reply.

    The only Citrix component on our DC is the part that puts your published applications on to a web page. I believe that if we move this to one of the other servers that we are leaving alone, things should be ok, but I will check.

SHARE:
+ Post New Thread

Similar Threads

  1. Advice needed please - Need to purchase a car
    By bodminman in forum General Chat
    Replies: 8
    Last Post: 17th February 2012, 11:04 AM
  2. Moving to new domain - advice please.
    By Number6 in forum Windows
    Replies: 19
    Last Post: 15th December 2010, 11:28 AM
  3. Advice needed please
    By Raja in forum Windows
    Replies: 5
    Last Post: 15th October 2007, 12:15 PM
  4. SIMS - Migration to new Domain
    By Gatt in forum Windows
    Replies: 2
    Last Post: 20th December 2006, 01:06 PM
  5. Sophos advice needed please.
    By Kyle in forum How do you do....it?
    Replies: 6
    Last Post: 1st February 2006, 09:40 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •