11 UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 Chapter 12.
-
Upload
mervyn-chandler -
Category
Documents
-
view
229 -
download
0
description
Transcript of 11 UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 Chapter 12.
1
UPGRADING AND MIGRATING TO WINDOWS SERVER 2003
Chapter 12
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 2
UPGRADE OR MIGRATE Clean installation Upgrade Migrate
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 3
FROM WINDOWS NT 4.0 TO WINDOWS SERVER 2003 Upgrading
Preparing to upgrade Upgrading the PDC Upgrading any BDCs Completing post-upgrade tasks
Migrating
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 4
PREPARING TO UPGRADE Set up a test environment. Document the existing environment. Back up your data. Ensure all Windows NT 4.0 versions are
running service pack 5.0 or later.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 5
ADDITIONAL UPGRADE PREPARATIONS Verify hardware meets requirements
winnt32 /checkupgradeonly Microsoft Web site
Prepare DNS environment Plan to create a new zone Delegate DNS zone, if necessary
NS record for new zone Host record (glue record)
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 6
LAN MANAGER REPLICATION Used to propagate read-only information.
Typically user profiles and logon scripts to backup domain controllers (BDCs)
May be used to copy other information to other servers and workstations
Lbridge.cmd is used to copy files from Windows Server 2003 domain controllers to the Windows NT 4.0 export server. The export server copies to all remaining import servers on the Windows NT 4.0 domain.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 7
WINDOWS SERVER 2003 MEMBER SERVERS You can add or upgrade member servers
before you upgrade the Windows NT 4.0 domain.
Upgrade any Windows NT 4.0 RAS servers. Windows NT 4.0, RAS servers make NULL
sessions. If you must support Windows NT 4.0 RAS,
you must weaken security.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 8
UPGRADING THE PDC Domain structures:
Single-domain strategy Multi-domain strategy
Upgrade the PDC of the largest accounts’ domain first.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 9
A. DATUM CORPORATION’S WINDOWS NT 4.0 NETWORK
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 10
A. DATUM CORPORATION’S WINDOWS SERVER 2003 DOMAIN
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 11
MIGRATING EXTERNAL RESOURCES
Source Domains Trust the Target Domain
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 12
UPGRADE PROCESS
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 13
MIGRATION TYPES Interforest Intraforest
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 14
INTERFOREST MIGRATION Windows NT 4.0 to Active Directory Between two different Active Directory
forests Cloning is usually the process for this type
of migration Active Directory Migration Tool (ADMT) ClonePrincipal Netdom
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 15
INTRAFOREST MIGRATION Does not include Windows NT 4.0 domains Windows 2000 or Windows Server 2003
domains only Objects are typically moved (destructive)
ADMT Movetree Netdom
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 16
ACTIVE DIRECTORY MIGRATION TOOL (ADMT) ADMIGRATION.MSI
Windows Server 2003 CD-ROM in the i386\admt folder
Microsoft Web site Run from PDC emulator Source domain Windows NT 4.0 Service
Pack 4 (SP4) Target domain in Windows 2000 native
functional level
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 17
PREPARING TO USE ADMT Source domain must trust the target domain Source Domain Admins must be
Administrators on destination domain Migrating SID History
Domain$$$ group Success and Failure auditing for user and
group management must be enabled on source domain
TcpipClientSupport key must be set to 1
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 18
ADMT AND MIGRATING SID HISTORY
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 19
PASSWORD OPTIONS AND MIGRATION ERRORS
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 20
PASSWORD MIGRATION PROCEDURES
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 21
MULTI-DOMAIN DOMAIN STRATEGY
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 22
MULTI-DOMAIN STRATEGY STEPS Create a Windows Server 2003 empty forest
root domain. Modify the domain and forest function
levels. Create delegation entries in DNS, as
needed. Upgrade the Windows NT 4.0 PDC. Create delegation entries for BDCs and
upgrade them.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 23
MULTI-DOMAIN STRATEGY STEPS (continued) Raise domain functional level. Upgrade remaining domains using same
procedure. Raise forest functional level.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 24
PREPARING WINDOWS 2000 FOR THE UPGRADE Error message appears if you do not first
run Adprep before a Windows 2000 upgrade
Adprep /forestprep Adprep /domainprep
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 25
UPGRADING TO WINDOWS SERVER 2003 Either Windows 2000 or Windows NT 4.0
operating systems Required user rights
Back up files and directories Modify firmware environment values Restore files and directories Shut down the system
Default Administrator and Administrators group should have all needed permissions
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 26
WINDOWS 2000 TO WINDOWS SERVER 2003 Can be interforest or intraforest. Prerequisites for using ADMT.
Administrator rights are required on all objects to be migrated
Must also be a Domain Admins group member in both source and target domain
Source domain must trust the target domain As discussed earlier, there are additional
requirements for migrating passwords and SID History.
Chapter 12: UPGRADING AND MIGRATING TO WINDOWS SERVER 2003 27
SUMMARY Upgrade or migration decisions. Test and document before you begin. What functional level is required for migrations? What can you use to keep a Windows NT 4.0
domain replication in sync with a partially migrated network?
What are the extra requirements for migrating SID History?
How do you prepare a Windows 2000 forest/domain for upgrade?