The process for migrating your user accounts/security groups to a 2000 domain controller is relatively simple.
- Take the server you want to be your win2k domain controller and install NT4 and configure it as a BDC.
- Connect it to your current network and let it replicate with the PDC.
- Take it offline, (pretty important that it is off the network at this point) and promote it to a PDC.
- Now that this server is a PDC, insert your win2k CD and upgrade the OS.
- Active directory will then want to install itself, go ahead and do all of this as well as DNS. If you wish to run this domain controller on your current network you'll need to demote your current NT4 PDC to a BDC (I recommend taking it off the network entirely and storing it in a safe location).
You now have a 2000 domain controller with all of your user accounts and security groups from your NT4 PDC.
This was just a quick run through off the top of my head from personal experience. There are papers written on NT4 PDC to Win2k DC migrations. It isn't a very difficult process. The steps I list are an example of what you will want to do if you wish to use a new server for your Windows 2000 domain controller.