Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Windows_Server_2008_Migration_Plan

advertisement 
Windows Server 2008 Migration Plan

STEP 1: Get the 2008 server installed into location and powered up.
 DO NOT join it to the domain. That is done later in this document.

STEP 2: UPDATE ACTIVE DIRECTORY - Run Adprep.exe from the Windows Server
2008 or Windows Server 2008 R2 installation DVD on your existing domain controller that
hosts the schema operations master role.
Use the following procedure to update the Windows Server 2003 or Windows 2000
Server Active Directory schema for Windows Server 2008 or Windows Server 2008 R2.
1. Administrative credentials
a. To perform this procedure, you must use an account that has membership in all of
the following groups:
i. Enterprise Admins
ii. Schema Admins
iii. Domain Admins for the domain that contains the schema master
To prepare the forest schema for Windows Server 2008 or Windows Server 2008 R2
1. Log on to the schema master as a member of the Enterprise Admins, Schema Admins,
and Domain Admins groups.
a. Note: If you are unsure which domain controller hosts the schema master role,
you can run netdom query fsmo on any domain controller.
2. Insert the Windows Server 2008 or Windows Server 2008 R2 DVD into the CD or DVD
drive.
3. Click Start, click All Programs, click Accessories, right-click Command prompt, and
then click Run as administrator.
4. If you are using the Windows Server 2008 DVD, type the following command, and then
press ENTER:
D:\sources\adprep\adprep /forestprep
a. If you are using the Windows Server 2008 R2 DVD, type the following
command, and then press ENTER:
D:\support\adprep\adprep /forestprep
 Important: Windows Server 2008 R2 includes a 32-bit and 64-bit
version of Adprep.exe. The 64-bit version runs by default. If you want
to run one of the Adprep.exe commands on a 32-bit computer, use the
32-bit version of Adprep.exe (Adprep32.exe).
5. Allow the operation to complete, and then allow the changes to replicate throughout the
forest before you prepare any domains for a domain controller that runs Windows Server
2008 or Windows Server 2008 R2.
a. For more information about running adprep /domainprep, see the DOMAIN
PREP section or “Prepare a Windows 2000 or Windows Server 2003 Domain for
a Domain Controller That Runs Windows Server 2008 or Windows Server 2008
R2” [ http://technet.microsoft.com/en-us/library/cc754670(WS.10).aspx ] .
b. Note: If you plan to add a read-only domain controller (RODC) to the forest, you
can run adprep /rodcprep right after you run adprep /forestprep and then verify
that both operations have replicated throughout the forest. Both commands
Windows Server 2008 Migration Plan
require Enterprise Admin credentials; therefore, you might prefer to run them
consecutively.

STEP 3: DOMAIN PREP - Prepare a Windows 2000 or Windows Server 2003 domain for
domain controllers that run Windows Server 2008 or Windows Server 2008 R2.
Use the following procedure to prepare a Windows 2000 or Windows Server 2003
domain for domain controllers that run Windows Server 2008 or Windows Server 2008
R2
1. Administrative credentials
a. To perform this procedure, you must be a member of the Domain Admins group.
Membership in the Enterprise Admins group is not sufficient to perform this
procedure.
To prepare a domain for Windows Server 2008 or Windows Server 2008 R2
1. Identify the domain infrastructure operations master (also known as flexible single master
operations or FSMO) role holder as follows:
a. In the Active Directory Users and Computers snap-in, right-click the domain
object, click Operations Masters, and then click Infrastructure.
2. Log on to the infrastructure master as a member of the Domain Admins group.
3. Insert the Windows Server 2008 or Windows Server 2008 R2 DVD into the CD or DVD
drive.
4. Click Start, click All Programs, click Accessories, right click Command prompt, and
then click Run as administrator.
5. If you are using the Windows Server 2008 DVD, type the following command, and then
press ENTER:
D:\sources\adprep\adprep /domainprep /gpprep
a. Where D: is the drive letter of your CD or DVD drive.
b. If you are using the Windows Server 2008 R2 DVD, type the following
command, and then press ENTER:
D:\support\adprep\adprep /domainprep /gpprep
 Important: Windows Server 2008 R2 includes 32-bit and 64-bit
versions of Adprep.exe. The 64-bit version runs by default. If you
want to run one of the Adprep.exe commands on a 32-bit computer,
use the 32-bit version of Adprep.exe (Adprep32.exe).
6. Allow the operation to complete, and then allow the changes to replicate throughout the
forest before you install a domain controller that runs Windows Server 2008 or Windows
Server 2008 R2.
Instructions above compiled from
Prepare a Windows 2000 or Windows Server 2003 Forest Schema for a Domain Controller That
Runs Windows Server 2008 or Windows Server 2008 R2

STEP 4 - Join the 2008 server to the domain
Windows Server 2008 Migration Plan

STEP 5 - DCPromo it to a DC
1. Log on to the computer that is running Windows Server 2008 by using the local
administrator account.
2. Click Start, type dcpromo, right-click dcpromo, and then click Run as administrator.

The Microsoft Active Directory® Domain Services Installation Wizard appears.
3. Click Next to advance through the wizard until you arrive at the Choose a Deployment
Configuration page.
4. On the Choose a Deployment Configuration page, select Existing forest, select Add a
domain controller to an existing domain, and then click Next.
5. On the Network Credentials page, type the name of your Windows 2003 domain (e.g.,
contoso.local), and then click Set. The Windows Security dialog box appears.
6. Type the user name and password for the Windows 2003 domain administrator, click
OK, and then click Next.
7. On the Select a Domain page, ensure that the domain name you typed in step 5 appears
in the list of domains.
8. Click Next to advance through the wizard until you arrive at the Additional Domain
Controller Options page.
9. On the Additional Domain Controller Options page, clear the DNS server check box,
and then click Next until you arrive at the Directory Services Restore Mode
Administrator Password page.
10. On the Directory Services Restore Mode Administrator Password page, type the
password to use when starting the computer that is running Windows Server 2008 in
Directory Services Restore Mode.
11. Continue through the wizard and accept all remaining default settings.
12. After finishing the wizard, restart the server.

STEP 6 - Install the DNS service
o Don't worry about creating a zone, DCPromo should take care of replicating that over.

STEP 7 - Give it some time to replicate
o Check event logs to see if anything went wrong

STEP 8 - Move the FSMO roles to the new server as seen here:
Transferring FSMO Roles
You can transfer FSMO roles by using the Ntdsutil.exe command-line utility or by using an
MMC snap-in tool. Depending on the FSMO role that you want to transfer, you can use one
of the following three MMC snap-in tools:
Windows Server 2008 Migration Plan
 Active Directory Schema snap-in
 Active Directory Domains and Trusts snap-in
 Active Directory Users and Computers snap-in
To transfer the FSMO role the administrator must be a member of the following group:
FSMO Role
Schema
Domain Naming
RID
PDC Emulator
Infrastructure
Administrator must be a member of
Schema Admins
Enterprise Admins
Domain Admins
Transferring the RID Master, PDC Emulator, and Infrastructure Masters via GUI
To Transfer the Domain-Specific RID Master, PDC Emulator, and Infrastructure Master
FSMO Roles:
1. Open the Active Directory Users and Computers snap-in from the Administrative
Tools folder.
2. If you are NOT logged onto the target domain controller, in the snap-in, right-click
the icon next to Active Directory Users and Computers and press Connect to Domain
Controller.
3. Select the domain controller that will be the new role holder, the target, and press OK.
4. Right-click the Active Directory Users and Computers icon again and press Operation
Masters.
5. Select the appropriate tab for the role you wish to transfer and press the Change
button.
6. Press OK to confirm the change.
7. Press OK all the way out.
Transferring the Domain Naming Master via GUI
To Transfer the Domain Naming Master Role:
1. Open the Active Directory Domains and Trusts snap-in from the Administrative
Tools folder.
2. If you are NOT logged onto the target domain controller, in the snap-in, right-click
the icon next to Active Directory Domains and Trusts and press Connect to Domain
Controller.
3. Select the domain controller that will be the new role holder and press OK.
4. Right-click the Active Directory Domains and Trusts icon again and press Operation
Masters.
5. Press the Change button.
6. Press OK to confirm the change.
7. Press OK all the way out.
Transferring the Schema Master via GUI
Windows Server 2008 Migration Plan
To Transfer the Schema Master Role:
1. Register the Schmmgmt.dll library by pressing Start > RUN and typing:
regsvr32 schmmgmt.dll
1.
2.
3.
4.
5.
6.
Press OK. You should receive a success confirmation.
From the Run command open an MMC Console by typing MMC.
On the Console menu, press Add/Remove Snap-in.
Press Add. Select Active Directory Schema.
Press Add and press Close. Press OK.
If you are NOT logged onto the target domain controller, in the snap-in, right-click
the Active Directory Schema icon in the Console Root and press Change Domain
Controller.
7. Press Specify .... and type the name of the new role holder. Press OK.
8. Right-click right-click the Active Directory Schema icon again and press Operation
Masters.
9. Press the Change button.
10. Press OK all the way out.
Transferring the FSMO Roles via Ntdsutil Command Prompt
To transfer the FSMO roles from the Ntdsutil command:
Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of
Active Directory functionality.
1. On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and
then click OK.
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\WINDOWS>ntdsutil
ntdsutil:
1. Type roles, and then press ENTER.
ntdsutil: roles
fsmo maintenance:
Note: To see a list of available commands at any of the prompts in the Ntdsutil tool, type
?, and then press ENTER.
1. Type connections, and then press ENTER.
fsmo maintenance: connections
Windows Server 2008 Migration Plan
server connections:
1. Type connect to server <servername>, where <servername> is the name of the
server you want to use, and then press ENTER.
server connections: connect to server server100
Binding to server100 ...
Connected to server100 using credentials of locally logged on user.
server connections:
1. At the server connections: prompt, type q, and then press ENTER again.
server connections: q
fsmo maintenance:
1. Type transfer <role>. where <role> is the role you want to transfer.
For example, to transfer the RID Master role, you would type transfer rid master:
Options are:
Transfer domain naming master
Transfer infrastructure master
Transfer PDC
Transfer RID master
Transfer schema master
1. You will receive a warning window asking if you want to perform the transfer. Click
on Yes.
2. After you transfer the roles, type q and press ENTER until you quit Ntdsutil.exe.
3. Restart the server and make sure you update your backup.

STEP 9 - Check again for any issues in the event logs.

STEP 10 - Run DCDiag to check for any replication issues.

STEP 11 - So as of now, you have 2 DC's up and running, service DNS.
o If you want to move DHCP over now, should be a fairly easy process
o Open the DHCP console on the old server
o Right-click the server and Backup
o Copy the file to the new server
o Install the DHCP role
o Open the DHCP console, and restore the file.
o Authorize the new server, then unauthroize and stop the old server.

STEP 12 - Make the older server a secondary Domain Controller.
Windows Server 2008 Migration Plan
o If the old server was not near death or anything, leave it up as a secondary DC.
o It is ALWAYS a good idea to have more than one DC in a network.
o If one goes down, the entire AD system doesn't go down and you're not scrambling to
get a backup restored.
o If you want to leave it up, change the DHCP options and having your new server as
the primary DNS, the old server as secondary DNS.
o If you want to remove the old server anyway, then just put the new server as the only
DNS entry.

STEP 13 - Run DCPromo and decommission the old server.

STEP 14 - Printer/File Shares/User Folders.
o Assuming you're not using DFS Namespaces (which would make the job pretty
easy!), you will need to update the clients with the new sharenames.
o This can be done with some scripting most of the time.
o There are lots of examples of this on the 'net, or someone here may have some
already written up that they could post.
That's it in a nutshell. Most likely you will experience a little hiccup here or there, just check
over event logs.
Related documents
Restore Active Directory on Windows 2003
Restore Active Directory on Windows 2003
(FSMO) roles
(FSMO) roles
reading
reading
RECHARGE JOURNAL ENTRY DESCRIPTIONS When looking in
RECHARGE JOURNAL ENTRY DESCRIPTIONS When looking in
MVC the concept
MVC the concept
Construction Check List for The Preserve, Delwood Point, and
Construction Check List for The Preserve, Delwood Point, and
Has Miley Cyrus gone to Number 1 in the singles and
Has Miley Cyrus gone to Number 1 in the singles and
Flexible Single Master Operation Roles (FSMO)
Flexible Single Master Operation Roles (FSMO)
Schema Upgrade from Windows Server 2003 to Windows Server
Schema Upgrade from Windows Server 2003 to Windows Server
Download
advertisement