comments on my plan
From: schmeckendeugler (schmeckendeugler_at_discussions.microsoft.com)
Date: 03/18/05
- Next message: Mike Culver: "Re: NT4 BDC to Win2k3 server"
- Previous message: Gerry Hickman: "Re: EFS - Encryption and User Migration"
- Next in thread: Rebecca Chen [MSFT]: "RE: comments on my plan"
- Reply: Rebecca Chen [MSFT]: "RE: comments on my plan"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 18 Mar 2005 06:43:15 -0800
I wish I had discovered this user group a month ago. I migrate TOMORROW
unless the Gods intervene. However, perhaps you all can help me do some
last-minute streamlining. :)
Let me lay down my plan, and you tell me if anything seems fishy. OK?
Migrating from NT 4.0 domain to Server 2003 AD. In the NT domain, users use
local profiles on workstations, but also connect to a variety of shares on
some file servers. THESE MUST REMAIN INTACT.
0. Create BDC, pull offline. (Rollback strategy Plan A)
1. Install server 2003, establish DNS, DHCP, WINS. Make DNS works and WINS.
2. Install Active Directory on this server. Establish trust with NT domain,
Trusting and trusted in both.
3. Perform necessary steps for user/password migration (run password wizard
with key on a floppy, change "allow" reg key from 0 to 1, etc.)
4. Migrate groups from NT domain into AD.
5. Migrate user accounts & passwords into AD. (Users are aware weak
passwords will have to be changed on login Monday morning.)
5a. Add the "Domain Users" group to the "NEW_Domain Users" group. Same for
Domain Admins. (See my other post concerning this issue.)
6. Migrate a couple test workstations. Ensure that users can log in and
access Local Profiles.
7. Migrate a "Least-important" file server. ensure users can access data on
the shares.
7. Migrate ever more important file servers, continuing to ensure that users
can access data on them. If at any given point, this appears to be failing,
abandon plan. Remove file servers from AD and add back into NT domain.
8. Begin migrating workstations in batches. Any workstations that do not
migrate either are turned off or some permissions are not set right (I have
run into this). Make the administrators of the new AD Local Admins on the
workstation, try again. Ensure firewall is not restricting, and that RPC
service is enabled if any problems occur.
That's the plan!!!! What do you think?
p.s. Last night I found some guy's web page who had laid out nearly exactly
what I just described, with screen shots and all. I think he's been reading
my mind.
Schmeckendeugler the 1st
- Next message: Mike Culver: "Re: NT4 BDC to Win2k3 server"
- Previous message: Gerry Hickman: "Re: EFS - Encryption and User Migration"
- Next in thread: Rebecca Chen [MSFT]: "RE: comments on my plan"
- Reply: Rebecca Chen [MSFT]: "RE: comments on my plan"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
