We have finished migration from AD 2003 to AD 2008 last week in our class. Here are the class notes for the migration.
We first introduce first windows 2008 DC into existing Forest/Domain Windows 2003. We had to perform Forest prep and domain prep, before bringing first 08 DC. The schema updates done on the existing Win03 DC which was the FSMO roles owner, and we used Windows 2008 CD to do the schema updates/ Forest prep was first one and we did domain prep.
- adprep /forestprep
Our forest/Domain contained over 20.000 objects, users groups and etc. After successful Schema updates we are able to run DCPromo on the new windows 2008 server.
Couple things to remember
Add the server into domain before DCPromo, this way server will register A record, PTR if reverse lookup zone exist.
Reboot the server log into Domain with sufficient privileges and make sure server has static IP and no other NIC interface, if there is any disable it. Make sure server is configured with correct preferred DNS servers ( don’t point it to itself yet) because the server is not a DNS server yet, thus choose existing DNS server for successful DCPromo.
- Run DCPromo, use integrated DNS and make the server GC as well. Remember distributing ADDS database logs and sysVol and use best practices all the times.
- When DCPromo runs successfully reboot the server
- Make sure DC/DNS functioning correctly
- Verify SysVol is accessible and there Verify DNS is loaded Verify replication connections are working and replication is happening, give some time for KCC do its work
- When replication is working point the preferred DNS to its own IP and select neighbor DC/DNS as alternate
- At this point we have already replicated .Dit database and ready to move on with bringing additional DC’s.
- In place migrations in not my favorite thing to do, I like to perform fresh install and that being said if there is opportunity to do hardware refresh as well go ahead and do it, if not first decommission existing 03 DC get it out the domain peacefully and stick windows 2008 CD and perform fresh installation
- Finding in decommissioning existing 03 servers going forward
- First thing we have notices if replication is not working DCPromo would fail
Steps we have taken
- We fixed the replication issue and gone back to site and services deleted dynamic KCC connections and made sure, replication from source DC to destination was working
- We also point the server which is about to be decommissioned to neighbor DC/DNS server as its primary DNS otherwise DC promo would fail
- We made sure the time was syncing correctly with PDC emulator
- We eventually were able to DCPromo out the exiting 03 servers move form domain, delete the computer object from AD and gone back to site and services and delete the orphan server object
Also do remember all existing services need to be transferred to new domain controllers, such as DHCP,WINS,Certificate services, FSMO roles etc.
You may want to preserve IP addresses and if this is the case you will need to do IP address swap, which is fairly safe, all it takes is to re-boot the domain controller to allow the new dynamic records to get register in DNS.
remember all basic things we needed to check to make most of the problems go away and achieved successful migration of ADDS.
Oz Casey Dedeal
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +