Migration from NT4 to 2003 gone bad - Any ideas?

  • Thread starter Thread starter Leythos
  • Start date Start date
L

Leythos

I have a client that decided to migrate their NT4 domain to 2003 before
calling me, and now they have several problems.

The old NT4 domain was mydomainNT, PDC/BDC.

The DSN server is a linux box.

The DHCP server is a Linux box.

They started by upgrading, in place, from NT4 to 2003 on the PDC, and
created a domain of mycompany.mydomainNT.com. They are unsure about the
rest of the steps - figures.

They are having all sorts of problems with slow shares, etc... I expect
this since DNS is running on another box, not part of the domain, and
even DHCP is not configured with the proper scope options.

Since they have a 2003 domain, even if it's the wrong name, and all the
users accounts, can we do the following - rename the domain on the 2003
server to be mydomain.lan, without loosing any accounts, then setup DNS
and DHCP on the 2003, abandon the old DNS/DHCP linux boxes, and then
connect the XP Prof systems to the 2003 and expect them to come up with
the users profiles?
 
In
Leythos said:
I have a client that decided to migrate their NT4 domain to 2003
before calling me, and now they have several problems.

The old NT4 domain was mydomainNT, PDC/BDC.

The DSN server is a linux box.

The DHCP server is a Linux box.

They started by upgrading, in place, from NT4 to 2003 on the PDC, and
created a domain of mycompany.mydomainNT.com. They are unsure about
the rest of the steps - figures.

They are having all sorts of problems with slow shares, etc... I
expect this since DNS is running on another box, not part of the
domain, and even DHCP is not configured with the proper scope options.

Since they have a 2003 domain, even if it's the wrong name, and all
the users accounts, can we do the following - rename the domain on
the 2003 server to be mydomain.lan, without loosing any accounts,
then setup DNS and DHCP on the 2003, abandon the old DNS/DHCP linux
boxes, and then connect the XP Prof systems to the 2003 and expect
them to come up with the users profiles?

--
Click to expand...

I'm not sure if the Linux BIND DNS was setup properly, so to eliuminate the
obvious, and to make things easier, the very first thing to do is use MS
DNS. It's probably already installed by dcpromo, so make sure the current
zone called mydomainNT.com exists and updates are allowed. Then point this
DC and ALL of the clients to ONLY the DC for the DNS address in IP
properties. DO NOT USE ANY OTHER IP for DNS. THe idea is to only use the MS
DNS, since that's how AD works, it registers it's info in DNS and to find
anything in the domain, all machines query DNS for their locations. THen
configure a forwarder to the ISP's DNS server in DNS properties for
efficient Internet resolution.

Use MS DHCP, since the APIs work seemlessly with the DNS APIs for client
registration (Option 081 support), which the Linux DHCP doesn;t support.

Once that;s done, and insure all errors are removed, then we can concentrate
on renaming it.

After you configure the changes I mentioned, please post an *unedited*
ipconfig /all from the DC and one of the clients please. I would like to
insure the configuration is correct.


--
Regards,
Ace

G O E A G L E S !!!
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
In

I'm not sure if the Linux BIND DNS was setup properly, so to eliuminate the
obvious, and to make things easier, the very first thing to do is use MS
DNS. It's probably already installed by dcpromo, so make sure the current
zone called mydomainNT.com exists and updates are allowed. Then point this
DC and ALL of the clients to ONLY the DC for the DNS address in IP
properties. DO NOT USE ANY OTHER IP for DNS. THe idea is to only use the MS
DNS, since that's how AD works, it registers it's info in DNS and to find
anything in the domain, all machines query DNS for their locations. THen
configure a forwarder to the ISP's DNS server in DNS properties for
efficient Internet resolution.

Use MS DHCP, since the APIs work seemlessly with the DNS APIs for client
registration (Option 081 support), which the Linux DHCP doesn;t support.

Once that;s done, and insure all errors are removed, then we can concentrate
on renaming it.

After you configure the changes I mentioned, please post an *unedited*
ipconfig /all from the DC and one of the clients please. I would like to
insure the configuration is correct.
Click to expand...

Thanks - that was my advise to them too, setup the one 2003 server with
DNS/DHCP, disable the others, and get everyone using it.

The question still remains, if they change the domain name on the 2003
server, so that it doesn't end in .COM, will they loose all of their
user accounts/profiles?
 
Leythos,

There are domain rename tools that are available for WIndows 2003 that
should allow you to rename the domain without losing the accounts that have
been created. That being said, however, the tools are not easy to use and
there can be problems with renaming a domain. Plan VERY carefully before you
move forward with something like that.

JHK
 
Leythos,

There are domain rename tools that are available for WIndows 2003 that
should allow you to rename the domain without losing the accounts that have
been created. That being said, however, the tools are not easy to use and
there can be problems with renaming a domain. Plan VERY carefully before you
move forward with something like that.
Click to expand...

Yea, I've been reading up on it, and my advise to them was to save the
users data on a backup, wipe/reinstall using the proper methods. They
had never setup anything but a simple NT4 domain, could not even get
DHCP or DNS working on it, and though that doing an inplace upgrade to
2003 would just "work" :< The reason for the in-place was to save time,
but it's going to take more time to fix than to have done it properly.

I'm in the process of talking to them about ghosting the server, moving
it to a test network, doing the domain change, testing the change, and
then replacing the server with the fixed/changed one. I'm just glad that
they didn't install Exchange 2003 yet.
 
Yea, I've been reading up on it, and my advise to them was to save the
users data on a backup, wipe/reinstall using the proper methods. They
had never setup anything but a simple NT4 domain, could not even get
DHCP or DNS working on it, and though that doing an inplace upgrade to
2003 would just "work" :< The reason for the in-place was to save time,
but it's going to take more time to fix than to have done it properly.

I'm in the process of talking to them about ghosting the server, moving
it to a test network, doing the domain change, testing the change, and
then replacing the server with the fixed/changed one. I'm just glad that
they didn't install Exchange 2003 yet.
Click to expand...
Um, how do you intend re-adding the test server to the Domain? I don't
think that that can be done. Or am I misunderstanding what you intend.

Cheers,

Cliff
 
Um, how do you intend re-adding the test server to the Domain? I don't
think that that can be done. Or am I misunderstanding what you intend.
Click to expand...

I was going to keep the test server, start by making it a NT4 BDC, then
removing it from the network, then making it a PDC, then upgrading to
2003, then doing all the DSN/DHCP work, then testing XP clients against
it - to see if their profiles were retained, then shut-down the old PDC,
insert the new 2003 server in its place, restart all clients....
 
In
Leythos said:
I was going to keep the test server, start by making it a NT4 BDC,
then removing it from the network, then making it a PDC, then
upgrading to 2003, then doing all the DSN/DHCP work, then testing XP
clients against it - to see if their profiles were retained, then
shut-down the old PDC, insert the new 2003 server in its place,
restart all clients....


--
Click to expand...

Curious, you're talking about the rename function now, but have you
re-configured everything to use MS services? Are all the functional errors
gone?

Ace
 
In

Curious, you're talking about the rename function now, but have you
re-configured everything to use MS services? Are all the functional errors
gone?
Click to expand...

I'm trying to see if I can get them to move in the right direction -
renaming is going to happen, there is no question about that. They can
not use a .COM name for their network. What I want to do is get
everything working, after the domain name change, and then replace the
server with the 2003 one.

The problem is that they bought 2003, without any planning or testing,
or having ever used 2003, the migrated their only NT4 DC to 2003 and
just assumed a bunch of things along the way. Now they are using the
2003 box, but having a lot of problems, and they call me a week after
they've done this and want an easy fix - which there is none.

Since they said they were using a nix box for DNS and DHCP my first
suggestion was that we move the DNS/DHCP to the 2003 box so that we can
be sure we have it working and that everything is properly seeing the
2003 server.....

Since they used a .COM name for their network, and it's possible that it
will be a public name some day, we need to change it to
location.company.LAN to avoid problems. I don't want them to void all
the settings for shares and profiles. I've never had to rename a domain,
so I posted here for ideas/thoughts/advise.
 
In
Leythos said:
I'm trying to see if I can get them to move in the right direction -
renaming is going to happen, there is no question about that. They can
not use a .COM name for their network. What I want to do is get
everything working, after the domain name change, and then replace the
server with the 2003 one.

The problem is that they bought 2003, without any planning or testing,
or having ever used 2003, the migrated their only NT4 DC to 2003 and
just assumed a bunch of things along the way. Now they are using the
2003 box, but having a lot of problems, and they call me a week after
they've done this and want an easy fix - which there is none.

Since they said they were using a nix box for DNS and DHCP my first
suggestion was that we move the DNS/DHCP to the 2003 box so that we
can be sure we have it working and that everything is properly seeing
the 2003 server.....

Since they used a .COM name for their network, and it's possible that
it will be a public name some day, we need to change it to
location.company.LAN to avoid problems. I don't want them to void all
the settings for shares and profiles. I've never had to rename a
domain, so I posted here for ideas/thoughts/advise.
Click to expand...

No doubt, you posted to the right place! As for the rename, the system needs
to be functional prior to the renam operation, or the utility won't be able
to 'find'
the domain to rename it, if you know what I mean. That's why I was
concerned. DNS needs to be stable to stabilize AD. My suggestion is to
concentrate getting everything functional, .com or not, and then plan on the
rename.

I've seen same name domains (split-zones) work fine without too much
overhead.

Ace
 
Back
Top