Re: Basic NT4 to w2k3 migration questions

"Danny Sanders" <Danny.Sanders@xxxxxxxxxxxxxxxxx> wrote in message
> The easiest way and the least disruptive is to upgrade your existing PDC
> first. If you can't do that then use the "advice".
>> I'm seeing a lot of "advice" that talks about building a NT server on new
>> hardware and then upgrading it to w2k3 which sounds a bit idiotic to me.
>> First, I doubt we even still have our NT4 CDs and second, you're aware
>> that NT4 has been obsolete for quite some time, right?
> It might sound idiotic to a person that doesn't know about Win 2k3 and AD,
> but to a person that knows, this would be your easiest and least
> disruptive way to move from NT to AD.
> It's your choice.
> hth
> "Frank Saxton" <Frank.Saxton@xxxxxxxxxxxxxxxxxx> wrote in message
> news:d43h9g01k26@xxxxxxxxxxxxxxxxxxxxx
>> It seems like there is a lot of confusing misinformation flying around on
>> this topic. I have read scores of white papers, postings, etc. and if
>> anything is clear, it's that very few people (including Microsoft) know
>> how to do this in the real world. Having said this, I'm hoping that I
>> can get some advice from someone who knows what they are talking about
>> that is more substantative than just sending me to yet another URL to
>> read something that isn't even on point. And with all respect to those
>> who seek to be helpful, a copy and paste "procedure" placed by someone
>> who obviously didn't even read my posting is not going to be helpful at
>> all. Sorry for the terse tone, but I've been a Systems Engineer since
>> before Bill Gates was born and I have to say that Windows 2003 is proving
>> to be a real challenge to deal with.
>> The environment: NT4.0 PDC, one NT BDC, Exchange 5.0 on NT5. About 50
>> users. DNS, file servers, print services and most everything else is on
>> Linux. Workstation clients are almost 100% w2k. When users log on, they
>> are NFS mounted to certain UNIX filesystems depending on their job
>> function.
>> The objective: To build a new Microsoft enviornment to replace the
>> currently legacy systems. This includes a Windows 2003 Exchance server.
>> The legacy systems will be turned down once the new infrastructure is
>> deployed and proven problem free.
>> Requirements: This project must be totally transparent to the users.
>> This upgrade must present minimal or no disruption to our production
>> environment. The risk of introducing problems into our existing network
>> while building out new environment must be zero. I'd prefer to build the
>> new server using our existing domain name but this doesn't seem possible
>> and is not a huge problem for us. Our Exchange mail goes to a Linux mail
>> server before hitting the outside world anyway. I do NOT want to have to
>> manually create 50 new AD user accounts and/or umti-dump zillion Exchange
>> mailboxes. We are a Government site and are required to keep old e-mail
>> long after the person who sent/receievd them have left the agency. I
>> realize that this is not an Exchange forum, however whatever is
>> recommended here cannot prevent our ability to accomplish our Exchange
>> 2003 upgrade plans.
>> So, the first question becomes, what approach should I take to accomplish
>> these objectives? Consider that on the advice of our Microsoft sales
>> guy, I built a w2k3 SBS server only to find out that it will not support
>> trusted relationships, migrations or some of the other things that need
>> to be done. I now have Windows 2003 standard server built on new hardware
>> and I am currently stuck trying to migrate the PDC user info over to AD.
>> I'm seeing a lot of "advice" that talks about building a NT server on new
>> hardware and then upgrading it to w2k3 which sounds a bit idiotic to me.
>> First, I doubt we even still have our NT4 CDs and second, you're aware
>> that NT4 has been obsolete for quite some time, right?
>> I don't particularly care about AD but I don't see any way around it
>> other than doing something like LDAP on Linux. The user accounts on our
>> current domain controller work just fine and I wish that Microsoft just
>> allowed that architecture to continue. But, since they didn't, I
>> apparently need to migrate this info over to AD which is a lot easier
>> said than done. I downloaded ADMT 2.0, established and verified a
>> bi-directional trust relationship between the PDC and the new w2k3
>> server. I'm doing this as Administrator on the w2k3 server.
>> Administrator is a member of the Domain Admin and Enterprise Admin
>> groups. But on the last step of the ADMT wizard, I get an access denied,
>> error=5, domain= pdc_domainname error. Someone from Microsoft said it
>> looks like I have a permissions problem. Duh. Now that was helpful :(
>> If I try to do this from a fully priviliged mortal account, I never even
>> get this far.
>> Question: responding in a clear, detailed way and assumingthat I know
>> nothing about w2k3 except what I've read in the past 2 weeks
>> 1) What is the correct, best and most bullet proof strategy for obtaining
>> my end goal?
>> 2) I'm guessing that I am already pretty close to success if someone can
>> tell me what (SPECIFICALLY) I need to do to get over this ADMT access
>> denied log jam.
>> Thanks very much in advance to whoever resonds with useful information
>> that helps move me forward!

Not to be argumentative, but if that's truly the case, why didn't Microsoft
include an NT4.0 CD in the distribution?

>From everything I've read and heard, ADMT was created to do just what I need
done... migrate the NT4.0 DC info into an AD environment. This being the
case, what exactly is the rationale behind having to install a 7 year old
operating system onto new hardware before w2k3 can be installed? true, I
don't understand w2k3 or AD which I admitted to from the get go. But if
this is the kind of thinking that went into the design, I don't know that
this is a product that I would ever want to be an expert with.

As I said earlier, one thing I learned with my earlier w2k3 SBS experience
is that there are a lot of people offering "advice" in these MS forums who
are just talking through their hats. Since I've gotten this far following
other people's advice, I'd prefer to see if I can get past this access
denied issue rather than going back to the CD as you suggest I do. I've
read other threads written by otehrs who followed advice similar to your
only to also wind up at a dead end.

This is why I asked for help from someone who actually understands our end
objective and who actually knows how this stuff words.

I'm happy to see that Microsoft has chosen to level the playing field with
Linux by also providing frustrating, confusing, poorly documented software
that doesn't work unless you send in enough box tops to get your very own
decoder ring.