Re: Over-the-Wire Migration Plan
- From: "kj" <kj@xxxxxxxxxxx>
- Date: Tue, 14 Mar 2006 13:49:31 -0700
OK CPR, you've got a couple of little twists.
First Netbios should be OK, but since it is changing remember all those
things that use it.
Second, I'd set your DHCP leases down to about 2 hours on the Linux box.
It'll make sense later.
Then I'd build out your DC1 server, but not dcpromo it just yet.
Add DNS services to your DC1 server. Configure it to be a DNS secondary for
company.com and transfer the zone from the DNS primary server.(no need to do
it manually) Remember that Active Directory requires Dynamic DNS (OK, well
for all practical purposes it requires it).
Add WINS and start it
Now change your DHCP lease options and any static IP configured DNS hosts to
point to the new server as the primary DNS server and new WINS server.
After all static and DHCP clients are using DC1 as the DNS server, stop the
DNS services on the Linux box and change the DNS ZONE on DC1 to be primary
WITH Dynamic updates (not secure dynamic updates - do that post migration).
Now you can do your Dcpromo of your DC1 creating a new domain in a new
forest called company.com.
Add DHCP services, create a suitable scope, authorize the DHCP server in the
domain, stop the DHCP on Linux, start the DHCP on DC1. If you are able to
create a new scope that doesn't overlap the old scope then you needn't
reboot your clients. Just wait the two hours and they're good to go.
Otherwise you'll need to force them to give up their current lease.
I don't think the existing dns domain pre and post migration are going to be
a problem since you are at NT4. Any AD domain would have a problem. You
might also follow up in the microsoft.public.windows.server.migration
newsgroup
...on to the migration!
--
/kj
"CPR" <CPR@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FC2A9A99-E96D-41E7-BBDC-5041A3428B28@xxxxxxxxxxxxxxxx
Thanks kj for your quick response!
You got me on the Netbios name issue. Current domain name is COMPAN new AD
domain will be company.com. Sorry I missed this in my description. I
assume
this will alleviate your concerns over Netbios naming then?
I appreciate your advice on WINS and will run it in the AD until all is
wrapped up.
Our current DNS structure actually uses company.com as it's naming scheme
even though our netbios name is COMPAN Can you foresee any issues running
DNS
in the new domain while it is still running in the old one? My thought is
to
basically replicate the DNS structure manually in AD then turn off the
linux
services. Does this makes any sense to you?
I'm also planning to turn off DHCP on linux, then turn it on in AD and
re-boot all my clients and devices to avoid duplicate addresses.
Regards,
CPR
"kj" wrote:
Pretty much on target.
You still might want to have WINS around. If the current WINS is
problematic, then just Install WINS on the new DC1 and configure the
existing clients to it. It will help in your migration. Afterwards you
can
always turn it off, if you want.
Are you migrating from DomainA, TLD-netbios name DomainA to DomainA.com -
netbios name DomainA? You'll need to rethink this as duplicate netbios
names
won't fly "over the wire". If you are changing netbios names then there's
a
bunch of other gotch'as along the way. Consider all netbios dependent
resources in your environement and how you will have to change them.
When migrating, servers and workstations will need to be able to DNS
resolve
both domains. Suggest adding secondaries to to each others native domains
so
they can resolve pre migration, durring migration, and post migration.
You'll need to add the account running admt to the local administrators
group on the migrating workstations. Search around, methods have been
discussed at length recently.
--
/kj
"CPR" <CPR@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1FBE26DB-B176-418C-8237-FB4FD876B29C@xxxxxxxxxxxxxxxx
I would appreciate any comments or experiences from anyone who has done
an
"over-the-wire" migration.
I am doing an "over-the-wire migration" of my current nt4 domain
"domainA"
to win2K3 AD "domainA.com. A few details; no more than 100 users and
computers (win2K/XP), DNS and DHCP are currently running from a Linux
box
which I want turn off and use the new AD domain to carry out these
functions.
WINS is running on the nt4 domain and I want remove it completely.
Migration plan is as follows:
1. Install and configure domainA.com DC1 with AD, DNS and DHCP
2. Establish two-way trust between domains using NETDOM
3. Add Win2K3 administrator account to nt4 domainA
4. Install and configure replication partner, DC2
5. Use ADMT to migrate global groups from domainA to domainA.com
6. Use ADMT to migrate users. SID History on.
7. Use ADMT to migrate any domain local groups
8. Use ADMT to migrate computers/servers
9. When everything is working I will shutdown the PDC and BDCs in
domainA
and raise functional level to Win2K3
.
- Follow-Ups:
- Re: Over-the-Wire Migration Plan
- From: CPR
- Re: Over-the-Wire Migration Plan
- References:
- Re: Over-the-Wire Migration Plan
- From: kj
- Re: Over-the-Wire Migration Plan
- From: CPR
- Re: Over-the-Wire Migration Plan
- Prev by Date: Re: Enabling a disabled Domain Administrator
- Next by Date: Re: Authenticate against AD
- Previous by thread: Re: Over-the-Wire Migration Plan
- Next by thread: Re: Over-the-Wire Migration Plan
- Index(es):
Relevant Pages
|
