270 likes | 436 Views
Chapter 12. UPGRADING AND MIGRATING TO WINDOWS SERVER 2003. UPGRADE OR MIGRATE. Clean installation Upgrade Migrate. FROM WINDOWS NT 4.0 TO WINDOWS SERVER 2003. Upgrading Preparing to upgrade Upgrading the PDC Upgrading any BDCs Completing post-upgrade tasks Migrating.
E N D
Chapter 12 UPGRADING AND MIGRATING TO WINDOWS SERVER 2003
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 UPGRADE OR MIGRATE • Clean installation • Upgrade • Migrate
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 FROM WINDOWS NT 4.0 TO WINDOWS SERVER 2003 • Upgrading • Preparing to upgrade • Upgrading the PDC • Upgrading any BDCs • Completing post-upgrade tasks • Migrating
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 PREPARING TO UPGRADE • Set up a test environment. • Document the existing environment. • Back up your data. • Ensure all Windows NT 4.0 versions are running service pack 5.0 or later.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 ADDITIONAL UPGRADE PREPARATIONS • Verify hardware meets requirements • winnt32 /checkupgradeonly • Microsoft Web site • Prepare DNS environment • Plan to create a new zone • Delegate DNS zone, if necessary • NS record for new zone • Host record (glue record)
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 LAN MANAGER REPLICATION • Used to propagate read-only information. • Typically user profiles and logon scripts to backup domain controllers (BDCs) • May be used to copy other information to other servers and workstations • Lbridge.cmd is used to copy files from Windows Server 2003 domain controllers to the Windows NT 4.0 export server. • The export server copies to all remaining import servers on the Windows NT 4.0 domain.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 WINDOWS SERVER 2003 MEMBER SERVERS • You can add or upgrade member servers before you upgrade the Windows NT 4.0 domain. • Upgrade any Windows NT 4.0 RAS servers. • Windows NT 4.0, RAS servers make NULL sessions. • If you must support Windows NT 4.0 RAS, you must weaken security.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 UPGRADING THE PDC • Domain structures: • Single-domain strategy • Multi-domain strategy • Upgrade the PDC of the largest accounts’ domain first.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 A. DATUM CORPORATION’S WINDOWS NT 4.0 NETWORK
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 A. DATUM CORPORATION’S WINDOWS SERVER 2003 DOMAIN
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 MIGRATING EXTERNAL RESOURCES Source Domains Trust the Target Domain
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 UPGRADE PROCESS
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 MIGRATION TYPES • Interforest • Intraforest
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 INTERFOREST MIGRATION • Windows NT 4.0 to Active Directory • Between two different Active Directory forests • Cloning is usually the process for this type of migration • Active Directory Migration Tool (ADMT) • ClonePrincipal • Netdom
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 INTRAFOREST MIGRATION • Does not include Windows NT 4.0 domains • Windows 2000 or Windows Server 2003 domains only • Objects are typically moved (destructive) • ADMT • Movetree • Netdom
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 ACTIVE DIRECTORY MIGRATION TOOL (ADMT) • ADMIGRATION.MSI • Windows Server 2003 CD-ROM in the i386\admt folder • Microsoft Web site • Run from PDC emulator • Source domain Windows NT 4.0 Service Pack 4 (SP4) • Target domain in Windows 2000 native functional level
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 PREPARING TO USE ADMT • Source domain must trust the target domain • Source Domain Admins must be Administrators on destination domain • Migrating SID History • Domain$$$ group • Success and Failure auditing for user and group management must be enabled on source domain • TcpipClientSupport key must be set to 1
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 ADMT AND MIGRATING SID HISTORY
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 PASSWORD OPTIONS AND MIGRATION ERRORS
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 PASSWORD MIGRATION PROCEDURES
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 MULTI-DOMAIN DOMAIN STRATEGY
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 MULTI-DOMAIN STRATEGY STEPS • Create a Windows Server 2003 empty forest root domain. • Modify the domain and forest function levels. • Create delegation entries in DNS, as needed. • Upgrade the Windows NT 4.0 PDC. • Create delegation entries for BDCs and upgrade them.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 MULTI-DOMAIN STRATEGY STEPS (continued) • Raise domain functional level. • Upgrade remaining domains using same procedure. • Raise forest functional level.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 PREPARING WINDOWS 2000 FOR THE UPGRADE • Error message appears if you do not first run Adprep before a Windows 2000 upgrade • Adprep /forestprep • Adprep /domainprep
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 UPGRADING TO WINDOWS SERVER 2003 • Either Windows 2000 or Windows NT 4.0 operating systems • Required user rights • Back up files and directories • Modify firmware environment values • Restore files and directories • Shut down the system • Default Administrator and Administrators group should have all needed permissions
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 WINDOWS 2000 TO WINDOWS SERVER 2003 • Can be interforest or intraforest. • Prerequisites for using ADMT. • Administrator rights are required on all objects to be migrated • Must also be a Domain Admins group member in both source and target domain • Source domain must trust the target domain • As discussed earlier, there are additional requirements for migrating passwords and SID History.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 SUMMARY • Upgrade or migration decisions. • Test and document before you begin. • What functional level is required for migrations? • What can you use to keep a Windows NT 4.0 domain replication in sync with a partially migrated network? • What are the extra requirements for migrating SID History? • How do you prepare a Windows 2000 forest/domain for upgrade?