I got the OK today to move ahead with our domain upgrade

[DnetMHZ]

We are currently running an NT 4.0 domain with a PDC and BDC that are pushing their
life span (6-7 years old).

I got the ok today to order 2 new Dell servers to act as primary and backup Active directory
domain controllers. (Windows 2003)

Next comes the planning! Our domain is fairly small (30 users/30 PCs and 7-8 Servers)

If anyone has any good advice on migrating, I'd appreciate it.

Thanks
DnetMHZ

 

[imported_Phil]

Start afresh 😉

Seriously, we're in the process of doing exactly this at work, and the amount of crap we have to go through to get old software working just isn't worth it. It'd be much easier if we were replacing everything with new versions, but ....

 

[stash]

First, there is no primary and backup in AD. Second, you will need to start with the PDC unless you want to make a new domain. Here's what I would recommend. First, backup everything and sync the domain. Then take the BDC offline and store it in a safe place. If something goes wrong, you can make it the PDC and still have your NT domain. Next, install 2003 on the PDC and then run through the dcpromo wizard to make it a DC. Once you are sure everything is ok, you can either upgrade the BDC to 2003 or wipe it and install 2003 clean, then dcpromote it to be an additional DC.

 

[Smilin]

Pick your domain naming convention carefully when you transition from a netbios name to a FQDN.

Have a good rollback plan. If you do it's impossible to truly fail.

Be sure to practice your restores. Do NOT skimp on this. Do it and know it works!
put those two new servers in as BDCs, practice a backup and restore with them.

Then take one of them offline and lock it away.
Take the other, promote to PDC, upgrade it to 2003, let dcpromo run and you're done.

If the fit hits the shan, you know you can restore or merely take the promoted 2003 server offline and reintroduce the BDC you tucked away. Domain is rolled back to NT 4.0 and you can analyze what went wrong.

Don't try to upgrade your existing domain controller. A failed upgrade due to some old software installed or some other unknown variable is a common cause of failure. Perform the OS upgrade on a clean install of NT 4.0 that you have introduced as a new PDC in your old domain. A practice run upgrading that particular hardware while it's merely a member server is also wise.


edit: clarify and bold

 

[DnetMHZ]

Originally posted by: STaSh
First, there is no primary and backup in AD. Second, you will need to start with the PDC unless you want to make a new domain. Here's what I would recommend. First, backup everything and sync the domain. Then take the BDC offline and store it in a safe place. If something goes wrong, you can make it the PDC and still have your NT domain. Next, install 2003 on the PDC and then run through the dcpromo wizard to make it a DC. Once you are sure everything is ok, you can either upgrade the BDC to 2003 or wipe it and install 2003 clean, then dcpromote it to be an additional DC.

We will be creating a new domain, and I understand there are no primary and backups.. that was just poor wording on my part. What I meant was 2 DC's

 

[n0cmonkey]

A friend of mine was doing this on a contract about a year ago. Big PITA. 😛

 

[stash]

We will be creating a new domain

If you are creating a new domain, you'll need to check out ADMT.

 

[Smilin]

Originally posted by: STaSh

We will be creating a new domain

If you are creating a new domain, you'll need to check out ADMT.

Definately ADMT if you choose this route.

However, I would like to ask: Why not just inplace upgrade? It requires the least work, has the least risk, is completed the quickest. The only reason for a new domain is if yours is a complete mess.

Pickup a copy of "Active Directory for Microsoft Windows Server 2003 technical reference" from Microsoft Press (Stan Reimer, Mike Mulcare)