No announcement yet.

Windows 2000 migration to Windows 2003

  • Filter
  • Time
  • Show
Clear All
new posts

  • Windows 2000 migration to Windows 2003

    I recently took over a new client who currently has a 2000 DC. It appears that their last IT firm tried to do a migration from the 2000 DC to a new server that is running 2003. Somewhere along the lines the migration failed horribly and the client now has numerous issues.

    To start with, one of the main problems is that they are using a single-label domain. The domain is customer-name instead of something like or .local.

    Second problem I can see is that in the migration only two of the FSMO roles came over to the 2003 DC. The PDC and Infrastructure roles are on 2003 while all others remain on the 2000DC.

    Since there are so many problems I was thinking that it might be best to create an entirely new domain on the 2003 box and give it a correct domain name. DNS and DHCP are all screwed up now as well so setting those up fresh should help as well.

    My thoughts on how to go about this:

    1. First transfer all FSMO roles back to the 2000 server and make sure that clients can connect to the 2000 DC.

    2. Run dcpromo on the 2003 box and make it back into a member server.

    3. Make sure DNS and DHCP are working on 2000 box and then remove DNS and DHCP from the 2003 box.

    4. Run dcpromo on the 2003 box and make it a DC with a new domain of customer-name.local.

    5. Migrate the user ad accounts from the 2000 DC to the 2003 DC.

    6. Configure DNS and DHCP for the new domain.

    I would like any thoughts or ideas on if this will work, if there's a better way to do it, any issues I might run into or any thoughts in general. My biggest concern is that I don't want to lose any data on the 2003 box as they are using it as a DC currently. I don't want to lose any user settings or profiles either.

    Any help would be greatly appreciated.


  • #2
    Re: Windows 2000 migration to Windows 2003

    Personally I wouldn't do a migration. I would create new user accounts in the new domain and start again with resource permissions etc. It just means a completely clean break; and while I know that it means that data transfer could get uncomfortable, I'd rather have that than the utter disastrous mess that migrations and SID history cause. ESPECIALLY IF, as I suspect, permissions to resources are not managed using the Microsoft design model - Accounts into Global groups, Global groups into Local groups, give Local groups permissions. If it IS managed this way and there are no mistakes, maybe a Migration will go OK - but if it isn't perfect I would forget it.

    I'm assuming that the only servers present are the ones you mention... so your files will be on the 2000 box at the moment... once you have your new domain ready to accept users and so on, you should start moving workstations onto the new domain and get them to map drives to the old file server using their old credentials. Once everyone is over to the new domain, you could map them to the new file shares on the new server. In between times, run a ROBOCOPY job every night to copy the changed data from old server to new - this will ensure that the data is fully up to date right up until the switch.

    The data switch should occur over a weekend; it should simply be a case of setting up a logon script which deletes all drive mappings and creates new ones to the new data.

    For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

    Anything you say will be misquoted and used against you