2003 upgrade gameplan

Just want to make sure I'm not overlooking anything....

We have an environment with 2 Windows 2000 Domain controllers. These servers are pretty old now and we have already purchased 2 new servers with Windows 2003 server.

Our environment is pretty simple, flat network (not routed), 200 users, 1 domain with a very simple OU and group structure.

My boss would like to keep the same name, but a different IP configuration for the new servers for various reasons.

I honestly don't have much experience with 2003 at the moment, which is why I want to know if I'm overlooking something.... Just because this looks too simple, I think I'm overlooking something.

Replicate
Demote Windows 2000 DC1
Clean up DNS references (if needed)
promote 2003 DC1 (pre configured with IP, name and DNS pointing to DC2)

Repeat procedure with DC2

Hmmmm, every time I look at this, I think it is too simple... What am i missing?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

RTmarc

Before you demote your Windows 2000 servers, you need to promote the 2003s. Personally, I'd promote both 2003 boxes and let them and the 2000s run side by side for a few days so that they have plenty of time to replicate everything. Transfer FSMO roles to the two 03 boxes (split the roles up) and then demote the 00 boxes. When the 00s are gone, raise the domain level to 2003 Native and you are set.

Edit: This is a matter of preference, but because both of your 03 boxes are going to be running DNS, I'd have them look at themselves first for DNS and then use the other server as a secondary.

Megadeth4168

RTmarc wrote:

Before you demote your Windows 2000 servers, you need to promote the 2003s. Personally, I'd promote both 2003 boxes and let them and the 2000s run side by side for a few days so that they have plenty of time to replicate everything. Transfer FSMO roles to the two 03 boxes (split the roles up) and then demote the 00 boxes. When the 00s are gone, raise the domain level are you are set.

The only issue is that I was told to have the New server maintain the same name as the old servers.
I think your idea is better (to run the servers parallel for a while). I'll see if my boss is open to the idea of having a new name for the new servers.

RTmarc

I wouldn't worry about the name at this point. You should be able to rename the new DCs to whatever you want after the 00s are out of the way with no problems.

Here's an article you can some options for renaming your DC:
http://www.petri.co.il/windows_2003_domain_controller_rename.htm

Straight from Microsoft:
http://technet2.microsoft.com/windowsserver/en/library/aad1169a-f0d2-47d5-b0ea-989081ce62be1033.mspx?mfr=true

sprkymrk

Definately promote your 2003 DC's FIRST. Otherwise you will effectively be creating a new domain. None of your users will have accounts, permissions will be hosed, etc.

Megadeth4168

sprkymrk wrote:

definitely promote your 2003 DC's FIRST. Otherwise you will effectively be creating a new domain. None of your users will have accounts, permissions will be hosed, etc.

Yeah, that is what I was planning, just, the original plan was to replace one DC at a time.... DC2 probably was going to still be online for about a week before being replaced with the new DC2. I know it didn't really come across that way in my first post though.

blargoe

Another possibility would be

Transfer all roles from DC1 to DC2
Turn off old DC1
Install W2003 on new server, update, name it DC1 with same IP, join domain, install DNS service
DCPromo
Let run for a day or two
Transfer roles from second old DC2 to new DC1
Repeat above steps for DC2

sprkymrk

Megadeth4168 wrote:

sprkymrk wrote:

definitely promote your 2003 DC's FIRST. Otherwise you will effectively be creating a new domain. None of your users will have accounts, permissions will be hosed, etc.

Yeah, that is what I was planning, just, the original plan was to replace one DC at a time.... DC2 probably was going to still be online for about a week before being replaced with the new DC2. I know it didn't really come across that way in my first post though.

Oh, I can see that now after re-reading your post. Your plan makes sense then. I should have known you knew what you were doing!

Megadeth4168

There are some good Idea's here! From the look of things, I would have to say that I'm confident that this will go smoothly! Thanks for all the feedback!

Haha! I'm excited! I can't wait until we get our CALs next week so I can set this up!

Megadeth4168

OK! The server replacement was a huge success! I ended up talking my boss into naming the new server something different.

We hit one road block along the way.... I kept getting errors when I attempted to run AdPrep /forestprep

After a bit of looking into this I discovered that the server hosting the Schema Master and Domain naming Master had been deleted! Apparently, I found out that sometime a few years back that server had crashed..... What the Admin did at the time was put a new hard drive in, ended bringing up the server as the same name and promoted it... Even though it was the same name it was not the same SID. I explained why it was getting errors and I then seized control of those role and everything worked fine after that.....

So far so good, no problems with anyone logging in today and everything is running smoothly. Next week we will Replace DC2!

Thanks for the help guys!

Megadeth4168

Everything is working great!

RTmarc

Good deal. Just don't forget to separate the FSMO roles and raise the domain level once you have decommisioned the second server and have the new 03 box running.