win2003 upgrade backout plan...

F

foolonthehill

I am wondering if there is an easy backout plan in the

Win2000 to Win2003 AD upgrade

similar to the NT4 to 2000/2003 upgrade.

I have a very small win2k domain (single domain in the forest) that
is not yet serving users, but has a single application installed which
relies on some accounts that i would like to preserve. There are only
two DCs - both win2k. Can I take one offline, upgrade the other and
then bring the second back online when everything is verfied ? And if
the upgrade goes poorly, can i shutdown the upgraded DC and remove it
from AD in the second DC and seize the roles ?

any advice would be helpful.

thanks.
 
T

Tom Ausburne

There may be several ways of doing this but here is the way I would
do it.

1. Turn off one domain controller (DC1) and unplug it from the
network. Make sure it has all 5 FSMO roles.

2. Seize the roles to DC2.

3. Do a Metadata cleanup on DC2 to remove any references to DC1.

216498 HOW TO: Remove Data in Active Directory After an Unsuccessful
Domain
http://support.microsoft.com/?id=216498

4. Perform the upgrade to 2003 and test your application.


If all goes well:

1. With DC1 still off the network, do a DCPROMO /FORCEREMOVAL to
make it a stand alone server.

332199 Using the DCPROMO /FORCEREMOVAL Command to Force the Demotion
of Active
http://support.microsoft.com/?id=332199

2. Join the new domain and then run dcpromo to make it a DC again.



If you need to go back to 2000:

1. Take DC2 offline for a format/reinstall.

2. Bring up DC1 and perform a metadata cleanup on DC1 to remove any
references to DC2.

3. When you have Windows 2000 back on DC2 join it to the domain and
promote it.


All of the above assumes that the application can run on either DC.
There is also a consideration of secure channel passwords. Should
any of the clients reset the secure channel password with DC2 while
DC1 is down, those clients would not be able to talk to DC1 if you
have to regress. Resetting the secure channel or
disjoining/rejoining the domain should fix that problem.

As always it's best to test in a lab environment if you have the
resources.


Tom Ausburne (MSFT)
Windows 2000 Directory Services
This posting is provided "AS IS" with no warranties, and confers no
rights.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Migration plan to Win2003 1
How to Fallback NT Domain incase of fail 14
Add new 2003 DC 2
Win2000 DC logon with domain admin account problem 3
Demote one Win200 DC and upgrade another to Win2003 3
Upgrade to Win2003: Any sequence needed ? 1
Upgrade to Windows 2003 Domain ?? 1
error raise domain function from win2000 to win2003 0

Top