Windows Server 2008 AD

Hi All,
Am not sure if this will be the right place to put this topic.Well,i have been in a comfort zone dealing with Windows Server 2003.Just last week,my boss bought 2 servers and he asked me to install Windows Server 2008 for 2 of our branch companies then configure seconday DC on both.I believe its something that I can do.I just wanted to know from those who have already used Windows Server 2008 if there are any big differences between 2003 and 2008.Anything i shud pay attention to?Going through some documentation to check things out.

Thanx all

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

dynamik

Nah, for the most part, it just builds on what was in Server 2003. If you can already do that, you'll be fine.

Download a trial and play around with it in a VM: http://www.microsoft.com/windowsserver2008/en/us/trial-software.aspx

DjScientist

dynamik wrote: »

Nah, for the most part, it just builds on what was in Server 2003. If you can already do that, you'll be fine.

Download a trial and play around with it in a VM: Windows Server 2008 Trial Software

Thanx man,i will do just that.Am comfortable with Server 2003 so i guese it shudn't be a problem but if for some reasons i run into any problem,I will share

Non-Profit Techie

2008 rocks. Dont worry about a thing. you might even want to learn about RODCs for those remote offices.

Claymoore

You'll need to extend the schema for 2008:
Adprep

You'll need Vista and RSAT to manage the new features:
Download details: Microsoft Remote Server Administration Tools for Windows Vista

You'll also need to make sure you have a local drive without system files or the sysvol in order to back up the system state. The first 2008 DC I installed I set up just like all the 2003 DCs I have installed by using two partitions, one for the OS and one for the sysvol. Server 2008 backup is different and will only let you back up the system state to a local hard drive, but only one without system files on it. Fortunately I had some disks lying around as a result of some server consolidations and I installed another hard drive just for the backups.
Windows Administration: Active Directory Backup and Restore in Windows Server 2008

If you want to use BitLocker you will need yet another partition so the split load boot will work.
Description of the BitLocker Drive Preparation Tool
Security: Advances in BitLocker Drive Encryption
Security: Keys to Protecting Data with BitLocker Drive Encryption

Finally, you will want to download and distribute the XP Client Side Extensions to support the new Group Policy Preferences:
Download details: Group Policy Preference Client Side Extensions for Windows XP (KB943729)

But other than that, it's just like Server 2003.

BradH

Right... but before you do the new DC's will you also be wanting to upgrade the DC you have now to 2008 as well or do you intend on leaving your current infrastructure as 2003?

Cause if your going to leave the current DC you have at 2003, then you won't remember be able to extend your 2008 boxes higher than a 2003 function level for that domain.

However if you were going to raise your entire domain function level to 2008 then that is a different story.

Also he bought 2 servers and wants a secondary DC on both? I would have thought 4 servers would be needed for that setup

If I was going to bring it all up to 2008, then I would do the following

1. Bring 1 2008 sever online. Set it up ready to promote to the current DC you have running at your main office.

2. DCpromo but only at a 2003 function level. Let natural replication take place so that you now have a 2008 server connected as a DC.

3. Decommision your original 2003 server with a DCpromo. Get it out of your network. You have a copy on the 2008 server so it's no big deal now.

3. Adprep /domainprep and Adprep /forestprep - This will prepare the old 2003 schema to be updated to the 2008 schema. It's not going to hurt anything running this.

4. Raise function levels for domain and forest to 2008.

5. Back everything up!!! Do at least a wbadmin /START SYSTEMSTATEBACKUP

6. Lastly, this is only migration of the 2003 box to 2008 as a DC, if you have an file shares on there you need to also sort those out however I hope you have a file server setup in your network for that otherwise you might have problems doing this and then turning off your original 2003 server. But thats a simple issue and your problem

Ok, so now your on a 2008 corporate platform. You can now add your branch offices from there including Read-Only Domain controllers, Fine grained password policy, DFS-R, Global NameZones, application deployment via Group Policy (really easy in 2008 - need client side extensions installed on your clients from Vista and below) and run the OS Server core which uses a crap load less overhead when it comes to running!

Of course you can still run 2003 at your branch office, however you won't be able to utilise the new 2008 features unless your entire domain is at a 2008 function level. But you have given little info as to what you want

Now, I think (I think) I got this right. Please correct me if I forgot anything...doing my exam in May on 640.