Re: In-place upgrade steps and concern...

From: Frances [MSFT] (v-franhe_at_microsoft.com)
Date: 02/15/05 

Date: Tue, 15 Feb 2005 07:45:45 GMT

Hello Mugen,

Good to hear from you.

According to your message, your in-place upgrade plan is good.

I notice you have some related questions. I will answer them in order.

Q1. When do I need to take the (Original PDC) offline?

A: You can take it offline after the temp BDC is promoted to PDC. As Don
said, it is best to take a BDC offline for the failure of the upgrade.
As a kind reminder, please backup the whole system before you take any
action. Also, it is best if you perform the upgrade process during a
non-business time such as the weekend.

Q2. What if I don't take the original PDC offline? Will users authenticate
through BDC or new AD?

A: If you don't take the original PDC offline, now you have a network with
a win2k3 DC and a BDC. If you add the NT4Emulator registry key before you
upgrade the PDC, then all the clients will still think it is a NT domain.
They will authenticate with the nearest DC, that is to say, they can
authenticate with the BDC or the win2k3 DC. On the other hand, if the
registry key is not added, all win2k-based computers (win2k, winXP, win2k3)
will authenticate with the win2k3 DC. Other down level computers (win9x)
will still authenticate with the nearest DC.

Q3. Is that true the Infrastructure master need to be separated from GC?

A: Yes, it is best to separate GC and Infrastructure Master. If the
infrastructure master and the global catalog are on the same computer, the
infrastructure master does not function because it does not contain any
reference to objects that it does not hold. In addition, the domain replica
data and the global catalog server data cannot exist on the same domain
controller.

Refer to the following article, snippet "Infrastructure FSMO Role", for
more information. It also applies to win2k3 AD.
Windows 2000 Active Directory FSMO roles
http://support.microsoft.com/default.aspx?scid=kb;en-us;197132

As for setting DNS in subdomain, it is almost the same. You can choose to
let the UNIX DNS resolve the subdomain FQDN or create an ad-integrated DNS
in the subdomain. In other word, let the sumdomain DNS server host its own
FQDN. If you choose the latter, you can install AD-integrated zone when
creating the subdomain. You can install the DNS when promoting the
subdomain DC or install the DNS service from Add/Remove Program which is
addressed in the following article:

To install a DNS server
http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/p
roddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/stan
dard/proddocs/en-us/sag_DNS_pro_InstallServer.asp

In addition, I strongly suggest you taking a look at the following article
to design your subdomain DNS:
How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/default.aspx?scid=kb;en-us;255248#2

More information:

HOW TO: Create a New Zone on a DNS Server in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;323445

How DNS Works
http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/techre
f/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/all/techre
f/en-us/w2k3tr_dns_how.asp

Hope this helps. If you have any further questions, don't hesitate to get
in touch!

Best regards,

Frances He

Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

=====================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

Relevant Pages

  • RE: DNS question, NT inplace upgrade to 2003 AD
    ... The A record and the NS records are in DNS ... After the upgrade doing the tests spelled out in one of the MS Word doc's I ... address is registered correctly with the DNS server. ... Microsoft is providing this information as a convenience to you. ...
    (microsoft.public.windows.server.migration)
  • Re: rpc servser not available
    ... "There are also a bunch of AD errors in the event log saying that the root dns server refuses connection from the subdomain for replication." ... You may have DNS setup correctly but errors created by firewall issues could easily be the problem. ... I recently created a new subdomain for my company. ...
    (microsoft.public.windows.server.active_directory)
  • RE: In-place upgrade to AD 2003
    ... point to itself as the primary DNS server. ... During the upgrade, name the internal DNS name different from Public DNS ... When you set up a new Windows 2003 DC and transfer the FSMO roles, ...
    (microsoft.public.windows.server.migration)
  • Re: speech recognition & e-mail messages probs !!!
    ... it's just the periodic upgrade to DNS ... During the installation process you activate it over the ... With regard to the KnowBrainer program, it will work exactly the same ...
    (microsoft.public.windows.vista.general)
  • DNS in seperate forests
    ... We recently did an in place upgrade to Active directory. ... current DNS and placed several DNS server at specific sites. ... The forest in question is still Windows NT the plan is to also does an in ... DNS server that I’m setting up on a windows 2003 server just have an entry to ...
    (microsoft.public.windows.server.dns)
Loading