Re: Do I Have To Rejoin WS to Domain If I Rollback to NT Domain After ADS Upgrade

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Scott Harding (scrockel_at_NO_SPAM_hotmail.com)
Date: 02/03/05

• Next message: braydan_99: "MSDSS Tool"
• Previous message: Neil: "ADMT 2.0 Question"
• In reply to: Frances [MSFT]: "Re: Do I Have To Rejoin WS to Domain If I Rollback to NT Domain After ADS Upgrade"
• Next in thread: eric z: "Re: Do I Have To Rejoin WS to Domain If I Rollback to NT Domain After ADS Upgrade"
• Reply: eric z: "Re: Do I Have To Rejoin WS to Domain If I Rollback to NT Domain After ADS Upgrade"
• Messages sorted by: [ date ] [ thread ]

---

Date: Thu, 3 Feb 2005 10:38:36 -0700

I wa thinking about that too. Also if you upgraded and a client succesfully
logs into the upgraded domain than your migration is already succesfull.
There would be no need to revert back. You should be fine.

-- 
Scott Harding
MCSE, MCSA, A+, Network+
Microsoft MVP - Windows NT Server
"Frances [MSFT]" <v-franhe@microsoft.com> wrote in message 
news:6EWuYscCFHA.2096@cpmsftngxa10.phx.gbl...
> Hello Eric,
>
> I agree with Scott that the BDC offline is used to backup NT domain in 
> case
> the upgrade is not successful. The issue you mentioned when you rolled 
> back
> to NT domain may be due to the client's OS. What are the clients' OS'? I
> assume they are all win2000 or winxp. Is this correct?
>
> I would like to explain the issue. When you upgrade to Windows 2003 
> domain,
> all the Windows 2000/XP clients may only authenticate with the new Windows
> Server 2003 DC with Kerberos as the authentication protocol. When you took
> down the 2003 servers, these work stations would not reuse NTLM protocol 
> to
> authenticate with PDC again. So they cannot log onto the domain. 
> Down-level
> clients do not change the authentication protocols, so they would contact
> the PDC and log onto the domain. So if you use a win98, if can still logon
> to the NT domain.
>
> To resolve the problem, you may add NT4Emulator on Windows NT 4.0 PDC
> before you upgrade it to win2k3. In this situation, a Windows 2000/XP
> client will no longer receive group policy nor will it do Kerberos
> authentication. The Windows 2003 domain controller may just work like a
> Windows NT 4.0 PDC. You can roll back the domain without rejoining the
> workstations into domain.
>
> The registry key is used to prevent overloading issue addressed in the
> article below.
> 298713 How to prevent overloading on the first domain controller during
> domain
> http://support.microsoft.com/?id=298713
>
> In addition, you need to make sure clients point to the correct DNS and
> WINS server when you roll back.
>
> As for moving the computer accounts to another domain in batch, you can
> refer to the following article to rejoin the clients to the NT domain.
>
> Resetting computer accounts in Windows 2000 and Window s XP
> http://support.microsoft.com/kb/216393/EN-US/
>
> Description of Netdom.exe Syntax and Versions
> http://support.microsoft.com/default.aspx?scid=kb;en-us;329721
>
> The post titled "Rollback an NT to 2003 upgrade" has addressed a similar
> issue. I guess it could be the post you have seen. :)
>
> Hope this helps. If you have any further questions, don't hesitate to get
> in touch!
>
> Best regards,
>
> Frances He
>
>
> Microsoft Online Partner Support
> Get Secure! - www.microsoft.com/security
>
> =====================================================
>
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
>
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no 
> rights.
> 

---

• Next message: braydan_99: "MSDSS Tool"
• Previous message: Neil: "ADMT 2.0 Question"
• In reply to: Frances [MSFT]: "Re: Do I Have To Rejoin WS to Domain If I Rollback to NT Domain After ADS Upgrade"
• Next in thread: eric z: "Re: Do I Have To Rejoin WS to Domain If I Rollback to NT Domain After ADS Upgrade"
• Reply: eric z: "Re: Do I Have To Rejoin WS to Domain If I Rollback to NT Domain After ADS Upgrade"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: Update on serial port redirection and advice needed ... Would you know if there is a way to upgrade CE to XP Embedded on clients? ... running on Windows XP Embedded, ... MCSE, CCEA, Microsoft MVP - Terminal Server ... (microsoft.public.windows.terminal_services) Re: Upgrading NT4.0 To Windows Server 2003 ... When performing an in-place upgrade of a Windows NT 4.0 domain to Windows ... the first domain controller upgraded is the Windows NT 4.0 PDC. ... authentication, the negotiation of the authentication protocol will reveal ... (microsoft.public.windows.server.active_directory) Can Analysis Services be used by application service providers? ... the country so windows authentication seems like it is out. ... Microsoft has done such a good job with Sql Server in the past of making it ... competitive with Oracle and DB2 for all clients, ... (microsoft.public.sqlserver.olap) Weird IAS error with EAP-TLS ... computer certificates to authenticate Wireless clients a while back. ... Proxy-Policy-Name = Use Windows authentication for all users ... NT-SAM Authentication handler received request for TEST\LAPTOP$. ... I've made sure that the certificates listed on http://support.microsoft.com/kb/293781/ ... (microsoft.public.internet.radius) Re: Do I Have To Rejoin WS to Domain If I Rollback to NT Domain After ADS Upgrade ... What are the clients' OS'? ... When you upgrade to Windows 2003 domain, ... all the Windows 2000/XP clients may only authenticate with the new Windows ... Server 2003 DC with Kerberos as the authentication protocol. ... (microsoft.public.windows.server.migration)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.migration  > 2005-02