Adding my first Windows 2003 DC in a 2000 AD

[George Spiro]

Hi,

I am planning to add my first Windows 2003 DC. It is to my understand I need
to follow the following procedure.

1. ADPrep /forestprep
2. ADPrep /domainprep

Its also to my understanding that I should run the following command due
that I have a Exchange 2000 Server.

3. ldifde.exe /i /f
inetOrgPersonFix.ldf /c "DC=mycorp,DC=com"

4. Then run DCPROMO on windows 2003 member server

I was wondering if I could do that during working hours or should I schedule
a downtime? Will AD be unresponsive during that time? Also is the order I am
running the commands right?
Also could someone please explain me why do I have to run that command for
Exchange?

George S.

Then run DCPROMO on windows 2003 member server

 

[Tomasz Onyszko]

Hi,

I am planning to add my first Windows 2003 DC. It is to my understand I need
to follow the following procedure.

1. ADPrep /forestprep
2. ADPrep /domainprep

Its also to my understanding that I should run the following command due
that I have a Exchange 2000 Server.

3. ldifde.exe /i /f
inetOrgPersonFix.ldf /c "DC=mycorp,DC=com"

4. Then run DCPROMO on windows 2003 member server

Different order of tasks, maybe You will find this useful:
http://blogs.dirteam.com/blogs/tomek/archive/2006/02/09/exending_schema.aspx

 

[George Spiro]

Different order of tasks, maybe You will find this useful:
http://blogs.dirteam.com/blogs/tomek/archive/2006/02/09/exending_schema.aspx

Will it cause a problem having Exchange 2000 and Windows 2003 AD Schema ?

That document comments on Exchange 2003 not 2000.

 

[Tomasz Onyszko]

Will it cause a problem having Exchange 2000 and Windows 2003 AD Schema ?

That document comments on Exchange 2003 not 2000.

yup - that's why You need this fix for InetOrgPerson

 

[George Spiro]

So to my understand I should run...

ADPrep /forestprep
ADPrep /domainprep

ldifde.exe /i /f
inetOrgPersonFix.ldf /c "DC=mycorp,DC=com"

in that order right?

G.

 

[Leif Pedersen [MVP]]

Hi,

No, the other way round:

ldifde.exe /i /f
inetOrgPersonFix.ldf /c "DC=mycorp,DC=com"
ADPrep /forestprep
ADPrep /domainprep

Leif

So to my understand I should run...

ADPrep /forestprep
ADPrep /domainprep

ldifde.exe /i /f
inetOrgPersonFix.ldf /c "DC=mycorp,DC=com"

in that order right?

G.

 

[Guest]

How to upgrade 2000 to 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;325379

Common mistakes
http://support.microsoft.com/kb/555040/en-us


--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

http://www.pbbergs.com/

So to my understand I should run...

ADPrep /forestprep
ADPrep /domainprep

ldifde.exe /i /f
inetOrgPersonFix.ldf /c "DC=mycorp,DC=com"

in that order right?

G.

 

[George Spiro]

Well Scenerio 2 shows that my order is right.

http://support.microsoft.com/default.aspx?scid=kb;en-us;325379

Hi,

No, the other way round:

ldifde.exe /i /f
inetOrgPersonFix.ldf /c "DC=mycorp,DC=com"
ADPrep /forestprep
ADPrep /domainprep

Leif

 

[Leif Pedersen [MVP]]

Hi,

Please read scenario 2 again - it says that if Exchange 2000 is installed
you should fix the potential mangled attributes and then run adprep.

Leif

 

[George Spiro]

How risky is this migration if you need to rate it on 10 and how long is the
process.

I have decided to do the following steps tell me what you guys think:

I have 2 DCs right now and adding a new one.

DC1 = Will stay up (Windows 2000 SP4)
DC2 = Will be demoted once DC3 will be up (Windows 2000SP4)
DC3 = Server that I will run dcpromo (Windows 2003)
EX1 = Exchange 2000 Server already part of AD

1. Move Global Catalog to DC1 using article
http://support.microsoft.com/?kbid=313994

2. Using Scenerio 2 in article http://support.microsoft.com/kb/314649
a Run ldifde -i -f inetorgpersonprevent.ldf -v -c DC=X "dn path for
forest root domain"
b ADPREP /forestprep
c ADPERP /domainprep

3. DCPROMO DC3

4. Verify DNS and Sysvol are replicating

5. DCPROMO DC2 ( to turn it into a member server )

Should I worry about transfering all FSMO roles to DC1?

G.

How to upgrade 2000 to 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;325379

Common mistakes
http://support.microsoft.com/kb/555040/en-us

 

[George Spiro]

My english is not that great but I read in Scenerio 2 that Exchange 2000 did
schema changes which it did when I initially installed it and I still didnt
run adprep /forestprep

What scenerio would you recommend me following?

 

[Leif Pedersen [MVP]]

Hi,

Problem lies in the adprep command. This will cause mangled attributes if
you don't fix this before running the command.

Therefore:

ldifde.exe /i /f
inetOrgPersonFix.ldf /c "DC=mycorp,DC=com"
ADPrep /forestprep
ADPrep /domainprep

I have done this numerous times and it haven't caused me any problems.

Leif

 

[Leif Pedersen [MVP]]

Hi,

It is not a risky operation (1 to 2).

I would also make DC3 a global catalog server (fault tolerance since
exchange and Outlook clients uses GC's a lot)

Make sure that clients no longer use DC2 as a DNS server

There should be no problems moving all FSMO roles to DC1.

Leif

 

[Tomasz Onyszko]

Well Scenerio 2 shows that my order is right.

In Your order You will end up with mangled attributes which is easy to
fix but why risk it.

 

[George Spiro]

But you do recommend me moving FSMO right?

G.
P.S I dont want to forget thanks alot all for the help.

 

[Tomasz Onyszko]

But you do recommend me moving FSMO right?

G.
P.S I dont want to forget thanks alot all for the help.

You have to move at least Schema FSMO to the machine which will serve
You to perform this operation.

 

[George Spiro]

But when you demote a server doesnt FSMO move to another DC automatically?

 

[Tomasz Onyszko]

But when you demote a server doesnt FSMO move to another DC automatically?

Dcpromo tries to move these roles but why rely on the dcpromo if You can
do it on Your own and be sure that everything works OK before getting
rid of DC

 

[Jorge de Almeida Pinto [MVP]]

yes, but it is a best practise to move it yourself as then you will decide
on what dc the fsmo will be hosted. If the dc makes the choice it will
choose a dc

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx
-----------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
-----------------------------------------------------------------------------


-----------------------------------------------------------------------------

But when you demote a server doesnt FSMO move to another DC automatically?

 

[George Spiro]

I just wanted to thank everyone with the help. I just finished migrating AD
to 2003 and working flawless.

G.


"Jorge de Almeida Pinto [MVP]"

yes, but it is a best practise to move it yourself as then you will decide
on what dc the fsmo will be hosted. If the dc makes the choice it will
choose a dc

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx