Windows 2000 to windows 2003

G

gurvinder.nijjar

We are currently running a native windows 2000 forest and domain, which has
4 sites and subnet. We are only running windows 2000 domain controllers We
have recently acquired a new company which is running a windows 2003 Forest
and a domain, where they have only windows 2003 domain controllers. We want
to connect the domains together.

From what I have been told so far the best way to connect to the domain is a
trust between the domain(s) in each domain as we have only oen domain in
each forest and it is best to make a two way trust
between the domains and that will allow uscross-auth and secure resources
fairly easily.

We also want to upgrade our windows 2000 native domain to windows 2003. In
our windows 2000 domain we have ran forestprep and domainprep but have not
yet installed exchange 2003. So would it be OK to run adrep/forestprep and
adrep/domainprep. Are there any issues with this, do we need any backups
before we do this.

Also once we have done this successfully, the next step would be install a
new windows 2003 server and dcpromo so that we have a running a windows 2003
domain controller. Would this then automatically put us in the windows 2000
forest functional level and windows domain functional level. Also once we
have the windows 2003 DC, would it be best to move the OM roles to this
server. ANy problems with doing this.

Can anyone confirm the above scenarios
 
B

Brian Desmond [MVP]

OK. Let's Look at this one step at a time. My comments on each part of your
message are inline below.

--
Thanks,
Brian Desmond
Windows Server MVP

www.briandesmond.com


gurvinder.nijjar said:
We are currently running a native windows 2000 forest and domain, which
has
4 sites and subnet. We are only running windows 2000 domain controllers
We
have recently acquired a new company which is running a windows 2003
Forest
and a domain, where they have only windows 2003 domain controllers. We
want
to connect the domains together.

From what I have been told so far the best way to connect to the domain is
a trust between the domain(s) in each domain as we have only oen domain in
each forest and it is best to make a two way trust
between the domains and that will allow uscross-auth and secure resources
fairly easily.

This is correct.

We also want to upgrade our windows 2000 native domain to windows 2003.
In our windows 2000 domain we have ran forestprep and domainprep but have
not yet installed exchange 2003. So would it be OK to run
adrep/forestprep and adrep/domainprep. Are there any issues with this, do
we need any backups before we do this.

Of course you need backups. The changes are major. You should be backing up
your domain/forest nightly anyway.
Also once we have done this successfully, the next step would be install a
new windows 2003 server and dcpromo so that we have a running a windows
2003 domain controller. Would this then automatically put us in the
windows 2000 forest functional level and windows domain functional level.
Also once we have the windows 2003 DC, would it be best to move the OM
roles to this server. ANy problems with doing this.

You will not automatically change functional levels. You can move to 2000
Domain/Forest functional levels once you have no NT4 BDCs. You can move to
2003 forest/domain functional levels once you have no NT or 2000 DCs.

Eventually you'll need to move the FSMOs to the new DCs as you upgrade. The
PDC Emulator and RID Master you need to place in a logical location based on
where your downlevel machines are if you have them. If you are a one site
setup, I'd move them now.
 
C

Cliff Pratt

gurvinder.nijjar said:
Are there any issues with this, do we need any backups
before we do this.
What Brian says, but in particular, I second his comments about backups.
I personally would almost certainly take extra backups before a major
upgrade on the basis that you can't have too many backups!

Have at least some idea of how you would recover if things go wrong. I
recall vividly having an upgrade go wrong and suddenly realising that
although I had the backups, I hadn't a clue as to how to start to
recover the situation! Of course I *did* get it back in the end.

Cheers,

Cliff
 
G

gurvinder.nijjar

OK, we have backups.

But running adprep before or after Exchange 2003 Forest prep or domain prep
are there any issues.
 
K

kj

TEST your backups !

--
/kj
gurvinder.nijjar said:
OK, we have backups.

But running adprep before or after Exchange 2003 Forest prep or domain
prep are there any issues.
 
J

Jorge_de_Almeida_Pinto

We are currently running a native windows 2000 forest and
domain, which has
4 sites and subnet. We are only running windows 2000 domain
controllers We
have recently acquired a new company which is running a
windows 2003 Forest
and a domain, where they have only windows 2003 domain
controllers. We want
to connect the domains together.

From what I have been told so far the best way to connect to
the domain is a
trust between the domain(s) in each domain as we have only oen
domain in
each forest and it is best to make a two way trust
between the domains and that will allow uscross-auth and
secure resources
fairly easily.

We also want to upgrade our windows 2000 native domain to
windows 2003. In
our windows 2000 domain we have ran forestprep and domainprep
but have not
yet installed exchange 2003. So would it be OK to run
adrep/forestprep and
adrep/domainprep. Are there any issues with this, do we need
any backups
before we do this.

Also once we have done this successfully, the next step would
be install a
new windows 2003 server and dcpromo so that we have a running
a windows 2003
domain controller. Would this then automatically put us in
the windows 2000
forest functional level and windows domain functional level.
Also once we
have the windows 2003 DC, would it be best to move the OM
roles to this
server. ANy problems with doing this.

Can anyone confirm the above scenario

also take a look at the following articles as they may answer your
questions..

See:
* MS-KBQ314649_W2K3 ADPREP Command Causes Mangled Attributes in W2K
Forests That Contain E2K Servers
* MS-KBQ325379_How to Upgrade Windows 2000 Domain Controllers to
Windows Server 2003
* MS-KBQ555040_Common Mistakes When Upgrade Windows 2000 Domain To
Windows 2003
* MS-KBQ324392_Enhancements to Adprep.exe in Windows Server 2003
Service Pack 1 and in hotfix 324392
Also see:
http://www.microsoft.com/technet/pr...elp/bc5ebbdb-a8d7-4761-b38a-e207baa73419.mspx)
http://www.petri.co.il/windows_2003_adprep.htm
MS-KBQ555038_How to enable Windows 98-ME-NT clients to logon to
Windows 2003 based Domains
* MS-KBQ887426_Incorrect Schema extension for OS X prevents ForestPrep
from completing in Windows 2000
* MS-KBQ555262_Common Mistakes When Upgrading Exchange 5.5-2000 To a
Exchange 2003
* MS-KBQ822942_Considerations When You Upgrade to Exchange Server 2003
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top