NT4 to 2003 problem w/ Mandatory profiles

I recently performed an in-place NT4-to-2003 migration. The NT4 domain had
just a single PDC and like 10 Windows XP clients. I backed up all the data
and added a (virtual) BDC for redundancy and then upgraded the PDC to
Windows Server 2003. Before I upgraded I made sure to follow the steps
outlined in the Windows Server 2003 Migration Guide (mostly).

The upgrade went smoothly and I brought the new AD domain up with no
problems. I then added a brand new Windows Server 20003 R2 computer with
more up to date hardware. The schema needed to be extended for the R2 DC so
I did that and then removed the BDC and brought several more client
workstation (WinXP) into the domain.

The Windows XP client machines are operator stations for a phone answering
service and they are very much like a kiosk station so as part of their new
lockdown I implemented mandatory profiles. After some tinkering the profiles
are working correctly and everyone gets a consistent desktop if they logon
with the opstation accounts.

The original PDC which is now running Windows Server 2003 needs to be
repurposed and so I removed the FSMO roles (Schema Master, Domain naming
master, Infrastructure master, RID master, and PDC emulator) and moved them
to the new R2 computer. I then reset the client workstations to use the R2
computer for their primary DNS and made sure that the mandatory profiles
were located on the R2 server.

As a test I turned off the PDC/Windows Server 2003 computer and discovered
that if clients try to logon they can authenticate (eventually) but they do
not locate the mandatory profiles and throw an error message. (Can't find
roaming profiles will load a default profile etc...) I flushed the DNS on
the client computers and tried again with the same results. I am also unable
to move the w32time service off of the former PDC as when I try and do that
it gives me an error message in DCDIAG and says it isn't able to replicate.

Did I forget something from the migration guide or is this some DNS or FSMO
issue that I'm just not thinking through clearly.


.

Relevant Pages

  • Re: W32Time Errors
    ... the time service is running on the Windows 2000 PDC and there are ... All of the client machines are using internal DNS, ... I setup a Windows 2000 Domain. ... Is the Time service running on the 2000 machine? ...
    (microsoft.public.windows.server.networking)
  • Re: NT4 to 2003 problem w/ Mandatory profiles
    ... Alright I'm going onsite w/ the client in just a bit I'll give that a try. ... just a single PDC and like 10 Windows XP clients. ... new lockdown I implemented mandatory profiles. ...
    (microsoft.public.windows.server.migration)
  • RE: NT4 to 2003 problem w/ Mandatory profiles
    ... Please make sure you move a GC to the new Windows 2003 R2 DC. ... | outlined in the Windows Server 2003 Migration Guide. ... | I did that and then removed the BDC and brought several more client ... | lockdown I implemented mandatory profiles. ...
    (microsoft.public.windows.server.migration)
  • Re: Setting Account Lockout Policies with a NT PDC
    ... When you connect the Win2K client to the the ... the domain account will be ignored simply b/c the ... the NT PDC, simply go to the PDC, open User Manager ... > PDC is a Windows NT Server ...
    (Focus-Microsoft)
  • URGENT! Legacy clients logon and connection unstable problem
    ... I just migrated from Windows 2000 Server PDC to Windows 2003 Server ... I found that several minutes after the client machine starts I can browse it ...
    (microsoft.public.win2000.security)
Quantcast