NT domain to Active Directory

ARH

Distinguished
Apr 2, 2004
7
0
18,510
Archived from groups: microsoft.public.windowsnt.domain (More info?)

I am replacing a Windows NT domain controller with a new server running
windows 2003 server. This is a small installation with 10-15 client
computers and as many users. Other than the domain controller/active
directory roll, this server will be used to serve files.



Ideally, I could bring the new server up making it a domain controller on
the existing domain, migrate the computer and user accounts to the new
server and finally bring the NT domain controller off-line.



Alternatively, I could create a new active directory domain on the 2003
server and manually create user accounts and manually move all the client
computers.



I have experience with the later, but not the former.



Can anyone help me sort out the steps needed for the migration approach? It
seems like a more elegant method, but not as much of a sure thing for me as
I have taken this path before.



I have searched newsgroup archives that referenced Microsoft Articles. I
have read the ADMT help file and briefly talked to an NT admin on the
subject.



Conceptually, I need to do the following:



1. Bring up the 2003 server as a member domain controller of the existing
domain (PDC Emulator?).

2. Migrate user and computer accounts

3. Take the NT domain controller off-line.

4. Perhaps, tell the 2003 server that there are not longer any NT domain
controllers for the domain.



Conceptually, it sounds simple. Reading all the information and having not
done this before it seems like the steps are detailed and that missing one
of the details could botch the effort.



TIA for any help with this!
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsnt.domain (More info?)

You cannot make the Win2k3 machine a domain controller at all in the
existing NT4 domain. It will have to either join as a member server and then
be promoted to a DC AFTER the NT4 domain is migrated to a Win2k3 AD domain
or install it as a completely seperate domain and use ADMT to migrate the
users/computer accounts. If your current domain name is what you want to
keep I would upgrade the current NT4 PDC to Win2k3 and this will upgrade
your domain to Win2k3 Active Directory domain. Then you could promote the
new box using DCPROMO to a Domain Controller and move all the FSMO roles to
this new machine. This will make this machine have all the user/computer
accounts and allow you to not have to use ADMT. This would de transparent to
the client machines and probably be quicker. Also once the original NT4
machine is upgraded to Win2k3 then you could Dcpromo this machine back to a
member server and they new Win2k3 DC will have all the roles and your domail
will be in tact. The only issue on this approach is the license for the
original NT4 machine that is now a Win2k3 machine. If this machine is not
going to be used ultimately than after your migration you could just remove
that machine and thus not need a license. Make sure you fully understand how
DNS needs to be used as this is critical for AD to work correctly. The
safest way before doing anything would be to bring in a new NT4 BDC, promote
to PDC, and upgrade this machine to Win2k3 as this would cause your original
NTPDC to become a BDC in case the upgrade fails you can just promote this
machine back to a PDC and no one will know any failed upgrade took place.

--
Scott Harding
MCSE, MCSA, A+, Network+
Microsoft MVP - Windows NT Server

"arh" <arh@nospam.com> wrote in message
news:D8gbc.371$Zw.351@nwrddc02.gnilink.net...
> I am replacing a Windows NT domain controller with a new server running
> windows 2003 server. This is a small installation with 10-15 client
> computers and as many users. Other than the domain controller/active
> directory roll, this server will be used to serve files.
>
>
>
> Ideally, I could bring the new server up making it a domain controller on
> the existing domain, migrate the computer and user accounts to the new
> server and finally bring the NT domain controller off-line.
>
>
>
> Alternatively, I could create a new active directory domain on the 2003
> server and manually create user accounts and manually move all the client
> computers.
>
>
>
> I have experience with the later, but not the former.
>
>
>
> Can anyone help me sort out the steps needed for the migration approach?
It
> seems like a more elegant method, but not as much of a sure thing for me
as
> I have taken this path before.
>
>
>
> I have searched newsgroup archives that referenced Microsoft Articles. I
> have read the ADMT help file and briefly talked to an NT admin on the
> subject.
>
>
>
> Conceptually, I need to do the following:
>
>
>
> 1. Bring up the 2003 server as a member domain controller of the existing
> domain (PDC Emulator?).
>
> 2. Migrate user and computer accounts
>
> 3. Take the NT domain controller off-line.
>
> 4. Perhaps, tell the 2003 server that there are not longer any NT domain
> controllers for the domain.
>
>
>
> Conceptually, it sounds simple. Reading all the information and having
not
> done this before it seems like the steps are detailed and that missing one
> of the details could botch the effort.
>
>
>
> TIA for any help with this!
>
>
>
>