We are in the process of migrating a PDC NT4 Server with SP6 to a new server with Server 2003 using ADMT v2. The new server (target) has not been setup yet. We are hoping to be able to use the same domain name as with our NT4 network. We have over 400 workstations on this network and obviously we want to make sure they will all continue to log into the new Server 2003 environment once we do the migration. We are OK with the other aspects of ADMT as of right now but our one stumbling block is with the domain naming. Is there a way that we can perform this migration with ADMT v2 using the same domain name? Thank you for your reply.
Re: ADMT v2
It is possible to have two domains with the same name and even servers with the same name of the network at the same time. It's even possible to access one from the other by using the IP address rather than the name. The log files will show errors, and workstations may not log on correctly, but that should not matter if you are doing a migration.
Having said all that, I doubt that ADMT will migrate from one domain to another with the same name. I'm NOT an ADMT expert however. It might be worth looking at the latest version of ADMT (here) which is 3.
Re: ADMT v2
A thought occurs. If you are using ADMT, then it will move your computer accounts from the source domain to the target domain. There is no particular need in that respect to keep your existing domain name. I assume you are aware the every PC will need to have an 'agent' loaded and be switched on when you do the migration...
Re: ADMT v2
Thank you for the reply. I was NOT aware of any agent that needs to be installed on the workstations. I would appreciate more info on this or if you can direct me to where I can obtain more info regarding this agent to be installed if possible. Getting back to the domain naming, basically we are not looking to change or create a NEW domain name to our existing network. Our goal is to migrate users, computers etc. to the new server that has Windows Server 2003 pre installed from the factory. The server does need to be set up as any computer out of the box with an OS on it. Of course, Active Directory needs to be deployed with a domain name. The question is, what domain name do I use? Can I use my existing domain name for example, DOMAIN-A or do I have to create a new domain entirely? Will ADMT migrate the domain name also?
Re: ADMT v2
Have you read the documentation that comes with ADMT? I would suggest that if you are new to ADMT, then it would not be wise to use it in a live situation. If possible, try doing a migration in a test lab to get familiar with ADMT.
If you are not creating a new domain, then there is no need to migrate user and computer accounts, as these will remain on the existing domain. The new server would become the domain controller. I don't know if ADMT will migrate user data between servers within the same domain. I suspect that it might.
If your existing NT4 server can take an upgrade to Windows 2000, you could do the following... (this method does not involve ADMT and you would have to do it all by hand or with scripts)
0 - Backup ALL data (including any databases) and check backup is restorable
1 - Upgrade NT4 to 2000. This will convert the NT4 domain to 2000 domain.
2 - Switch the domain to 'native' mode - This is a simple but non-reversable change
3 - ADPREP the domain ready for the first 2003 server DC
4 - DCPROMO the new 2003 server into the domain
4.1 - Ensure replication is working and that the servers have synchronised.
5 - Transfer FSMO roles and Global Catalog to the new server
5.1 - Check replication again
6 - Transfer all data from the old server to the new server - ROBOCOPY is useful here as it will retain permissions
7 - Un-DCPROMO to old server (so it's no longer a DC)
8 - Remove the old server from the domain (change to WORKGROUP)
9 - At this point, it is possible to rename the new server with the same name as the old server if you wish (change the name of the old server first though)
10 - Recreate shares on the new server as required
In summary, if this is your first server migration (and forgive me for saying so but it sounds like it might be), then there is lots to consider. I would strongly recommend that you produce a migration plan which would include every step to be taken. You should also have a back-out plan in case it all goes wrong which would bring the system back to a working state as quickly as possible (This might simple be re-install NT on the old server and restore from backup - although this in itself is no trivial task). It's impossible to give you an exact list of what you need to do without knowing exactly what's on your old server. In my experience, you sometimes only find out what is on your server as a result of going through this kind of migration!
Re: ADMT v2
For transfering data between servers you can use Secure Copy. Copying with permissions & security settings, migrating shares, users & local groups - it's the most important features in this tool & the most important things in server migration. So, I hope this helps. Secure Copy is avialable from: http://www.scriptlogic.com/products/securecopy
Re: ADMT v2
You should be aware that this route requires you to create a trust between
the two domains, which you can not do if they have the same name. If you
need to keep the same domain name you need to work out how to rename the NT 4.0 domain before you start or rename the AD domain afterwards.
You should also be aware that you need to set the AD domain to native mode. In native mode info is not replicated from the AD DC to an NT 4.0 BDC.
I personally wouldn’t use ADMT to migrate a domain from NT4 but install a fresh AD then export the users and computers from the NT4 server, create well formatted csv files and use a scripts with DSADD to create the user and computer accounts.
Re: ADMT v2
I just realised you have over 400 workstations!
Your best option is the "swing migration" method (no dancing involved I promise)
The swing method allows you to keep all the SIDs for users and computers, keep the domain name, server name, share names and permissions, etc.
You will not have to go to each workstation to remove it from the old domain and put it into the new domain. If your workstations use DHCP, then you should not have to touch them at all.
Server down time will only be as long as it takes to move the data to the new server.
These are the basic steps:
1) Install a TEMP NT4 BDC
2) Promote the TEMP NT4 BDC to PDC, the old PDC was demoted to BDC
automatically make sure all user accounts replicated between the PDC and BDC
3) In-place upgrade the TEMP NT4 PDC to W2K3
4) Configure AD following the on-screen wizard
5) Run DCPromo on the PERM W2K3
6) Transfer roles to the PERM W2K3
7) Data transfer from old NT4 (now running as BDC in the W2K3 AD)
8) Demote the TEMP W2K3server
Re: ADMT v2
I agree with DJM968 that a sort of swing migration is the best way forward, other wise you have a lot of work todo...
When I first got my job it was one week before an October half term.. they had a old unreliable NT4 server.. and a newer windows 2000 server that was not configured, and I needed to move the data and the domain onto the Win2k box. The first thing I did was take a ghost image of the Boot drive of the NT4 PDC (there was only one server.. No BDCs) if its small enough this is a fast way to roll back to the start point if it all goes ***s up.. I setup a BDC on a virtual PC so that i had a copy of the Users and Computers... I then upgraded the NT4 PDC to windows 2000 it went ***s up the first time.. so used the Ghost image and tried again...
I then, once I had the server at 2K i DCPROMO’ed the new server. Then transferred all the FSMO rolls to the New server, I moved the home drives over to the new server using a piece of software I found NTmanagment or something.. cause on2K you couldn’t multiple change users properties easily... But you could easily do it using NTBackup and then restore it.. this keeps the security info and just in 2K3 you can change the home drive path on mass..
Once you have it all moved over you can use DCPromo.exe to demote the Original server and remove it from the domain... I didn’t remove my original server from the domain straight away but it was rather soon after since it was rather unreliable...
You need to plan your migration extremely well and make sure people know there will be some down time.. I did it when we only had support staff in and the total migration took me about 2 days.. I managed to get minimal downtime by using the BDC to authenticate logins whilst the upgrade was happening.. at the time we had about 150 ish Computers in the school... obviously i moved the Support staff over first... (I may have even used NTManagent to move the home drives before I did the in place upgrade I can’t remember now)
Do your workstations use DHCP... I only ask cause windows makes extensive use of DNS and well mine weren’t I spent days finding pc’s and changing them over to DHCP before I did the said upgrade otherwise it would have been a disaster!!!