Re: Win2k to Win2k3 AD Upgrade

Just wanted to thank you for your excellent tips, the scripts are great.
Everything looks OK so i have run adprep /forestprep and /domainprep and
that has finished successfully. When i run dcpromo on the new Win2k3 DC, does
that install DNS/DHCP, i assume that once this has been run, replication will
occur between the 1 Win2k DC that is left and the new Win2k3 DC

Thanks
--
lewisma


"Paul Bergson" wrote:

run dcdiag on a good dc

Run diagnostics against your Active Directory domain.

If you don't have the support tools installed, install them from your server
install disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
-> dnslint /ad /s "ip address of your dc"

**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's
in the forest. If you have significant numbers of DC's this test could
generate significant detail and take a long time. You also want to take into
account slow links to dc's will also add to the testing time.

If you download a gui script I wrote it should be simple to set and run
(DCDiag and NetDiag). It also has the option to run individual tests without
having to learn all the switch options. The details will be output in
notepad text files that pop up automagically.

The script is located on my website at
http://www.pbbergs.com/windows/downloads.htm

Just select both dcdiag and netdiag make sure verbose is set. (Leave the
default settings for dcdiag as set when selected)

When complete search for fail, error and warning messages.

Description and download for dnslint
http://support.microsoft.com/kb/321045

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"lewisma" <lewisma@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5582413B-1903-4773-AA4F-9AA2BBE1C7C3@xxxxxxxxxxxxxxxx
The cleanup is all done and looks good, you talked about running dcdiag
and
netdiag from the CMD prompt on the old dead DC, i assume that step is not
necessary for my situation as it's no longer there.

I guess i can now run the adprep commands against the current Win2k DC ?

Thanks
--
lewisma


"Meinolf Weber [MVP-DS]" wrote:

Hello lewisma,

This error is just informational and correct.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


Cool that seems to have worked, it did give me errors telling me that
both operations have failed due to connectivity problems to the dead
DC, but then again it is literally dead, If i run a netdom query fsmo
on the live DC i can see all 5 roles assigned to that DC.

I'll proceed with the AD database cleanup.

Thanks

"Meinolf Weber [MVP-DS]" wrote:

Hello lewisma,

Yes, the running one must take over the missing ones.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Meinolf

May sound a silly question, but i do the seize on the live DC ?

Does this transfer the 2 roles that are still assigned on the dead
server to the live DC ?

I did go through with the operation but ducked out after the
confirmation as the message was a little misleading.

Thanks

"Meinolf Weber [MVP-DS]" wrote:

Hello lewisma,

You have to seize the FSMO roles to the running DC and then cleanup
the AD database and AD sites and services. See here how to:
http://support.microsoft.com/kb/555846/en-us

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Thanks for the quick response again.

The old DC is still present in the AD database. If i run up Sites
and Services i can see the dead server still listed, expanding
NTDS settings/Properties it does say it's also a Global catalog
server as well.

The current working Win2k DC is also a global catalog server and
is running the following roles.

Schema Owner
Domain Role Owner
Infrastructure Owner
The following 2 roles are still assigned to the dead Win2k DC,
(hard
disk dead)
PDC Role
Infrastructure Owner
How do i reassign those 2 roles that are alloacted to the dead
Win2k
DC ?
Can i just delete the dead DC manually from Sites and Services ?
I assume that the 2 roles still assigned to the dead DC need to be
moved, not sure how to do that as it's died. When you are moving
roles does it need to reference the server you are moving roles
from ?

Thanks

"Meinolf Weber [MVP-DS]" wrote:

Hello lewisma,

As said before, is the old DC removed from the AD database?

Is the running 2000 DC holding the 5 FSMO roles and a Global
catalog server? Run "netdom query fsmo" in a command prompt to
see which DC is the FSMO roles holder, MUST be the running one if
the other never comes back.

For Global Catalog see here:
http://support.microsoft.com/?id=313994
For the new server you can use the list from my previous posting.
It includes also the schema upgrade with adprep and DNS
replication with AD integrated zones.

During normal work you can do most steps Copying data that is
used by your users you should do after close of business. Also
the DHCP anbd WINS database i would do at close of business. All
other you can do during working hours, schema update or AD
databse cleanup will not need a reboot of the server or effect
the users. Also if needed you can seize the FSMO roles.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
Thanks for your response, what i have done so far is.

Installed and patched Win2k3 Std Server on new hardware.
Server is called the same name as the old Win2k DC that has
died.
The
Server
is still in a default workgroup. There is no Exchange used.
Do i need to prepare the current Win2k DC so it can run on
Win2k3
(adprep etc.)
At the moment i have a new Win2k3 Std sever that is currently
nothing, just in default workgroup and i have the other Win2k DC
that is running AD etc.
So i just need a list of things that need to be done in order,
any
preparation etc on the current Win2k DC, when do i run dcpromo
etc
on the new Win2k3. I need the new Win2k3 DC to have the same
IP/name etc as the Win2k DC that has died. Once the new Win2k3
DC
is up and running and everything is good, i have new hardware to
install Win2k3 on so i can make that another DC, this will be
then
identical to the current Win2k DC that is running at the moment.
How much preparation can i do in the normal working day, if any
?

Sorry for the questions, just i have never done this before and
want to be sure i get it right.

Thanks in advance

"Meinolf Weber [MVP-DS]" wrote:

Hello lewisma,

Did you remove the old DC according to this, before using the
new
machine
with the old settings:
http://support.microsoft.com/kb/555846/en-us
I assume the old DC is still listed in AD database and DNS.
If it is complete removed you can start here:
!!!NEVER START BEFORE HAVING CREATED AND TESTED A BACKUP OF
YOUR
DATA/MACHINE!!!
One question first:
Is there also Exchange installed in the domain?
- On the old server open DNS management console and check that
you
are running Active directory integrated zone (easier for
replication,
if you have more then one DNS server)
- run dcdiag and netdiag from the command prompt on the old
machine
to check for errors, if you have some post the complete output
from
the command here or solve them first. For this tools you have
to
install the support\tools\suptools.msi from the 2000 or 2003
installation disk.
- run adprep /forestprep and adprep /domainprep from the 2003
installation disk against the 2000 server, with an account that
is member of the Schema admins, to upgrade the schema to the
new
version
- Install the new machine as a member server in your existing
domain

- configure a fixed ip and set the preferred DNS server to the
old DNS server only

- run dcpromo and follow the wizard to add the 2003 server to
an existing domain

- if you are prompted for DNS configuration choose Yes (also
possible that no DNS preparation occur), then install DNS after
the reboot

- for DNS give the server time for replication, at least 15
minutes. Because you use Active directory integrated zones it
will automatically replicate the zones to the new server. Open
DNS management console to check that they appear

- if the new machine is domain controller and DNS server run
again replmon, dcdiag and netdiag on both domain controllers

- if you have no errors, make the new server Global catalog
server, open Active directory Sites and Services and then
double-click sitename, double-click Servers, click your domain
controller, right-click NTDS Settings, and then click
Properties, on the General tab, click to select the Global
catalog check box (http://support.microsoft.com/?id=313994)

- Transfer, NOT seize the 5 FSMO roles to the new Domain
controller (http://support.microsoft.com/kb/324801)

- you can see in the event viewer (Directory service) that the
roles are transferred, also give it some time

- reconfigure the DNS configuration on your NIC of the 2003
server, preferred DNS itself, secondary the old one

- if you use DHCP do not forget to reconfigure the scope
settings to point to the new installed DNS server

- export and import of DHCP database (if needed)
(http://support.microsoft.com/kb/325473)
- backup WINS
(http://technet.microsoft.com/en-us/library/cc727901.aspx)
.

Relevant Pages

  • RE: SBS 2003 R2 - Please Help
    ... computers be slow after you install the full SBS 2003 R2 components. ... log on slow is probably refer to incorrect DNS ... as the DNS server on the clients rather than the ISP DNS servers. ...
    (microsoft.public.windows.server.sbs)
  • Re: Upgrading of 2003 domain to 2008 domain, checklist, questions?
    ... Personally i always use the way of fresh install where possible. ... Exchange 2007 will work in the 2008 domain on a 2003 server. ... On the old server open DNS management console and check that you are running ... you can check the version with "schupgr" in a command prompt. ...
    (microsoft.public.windows.server.setup)
  • Re: where is the outlook 2003 product key on the SBS2003 R2 DVD
    ... dynamic updates and create PTR records in DNS. ... tracking is easier from the server. ... I don't install dhcp on the servers, ... I couldn't get the client to ...
    (microsoft.public.windows.server.sbs)
  • Re: where is the outlook 2003 product key on the SBS2003 R2 DVD
    ... tracking is easier from the server. ... The only time I have seen the connectcomputer error you mentioned about DNS ... I don't install dhcp on the servers, ... I couldn't get the client to ...
    (microsoft.public.windows.server.sbs)
  • Re: Upgrading of 2003 domain to 2008 domain, checklist, questions?
    ... Personally i always use the way of fresh install where possible. ... Exchange 2007 will work in the 2008 domain on a 2003 server. ... On the old server open DNS management console and check that you are running ... and "netshell dhcp restore" command ...
    (microsoft.public.windows.server.setup)
Quantcast