|
Home > Archive > 70-217 > November 2003 > Question about my project about upgrading NT
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Question about my project about upgrading NT
|
|
| walaking 2003-11-11, 11:42 am |
| Hi every one.
I am taking a class about windows 2000 administration and i have a project with question from upgrading windows NT to active directory. Can anyone please give me some advice or suggestions about this project. thanks a lot.
10 minutes presentation of your plan to upgrade from an Windows NT domain to Active Directory. You can choose either to upgrade to Windows 2000 or Windows 2003 but you must tell me why you are upgrading to either one and what is the benefit and disadvantages. Your company currently has 10,000 employees all over the world. You have 3 NT domains named twilight_zone, West_zone, and East_zone. The 3 domains are connected via T1 lines and bandwidth is critical. Tell me how many sites you will configure and why. You have DHCP assigning IP addresses, WINS, and Bind DNS running on a UNIX server. You will have to tell me your upgrade strategy. The upgrade must be transparent to the users and no downtime is acceptable. In addition, you must make sure that you must be able to roll back to the previous NT environment if you face some problems during the upgrade. You can change the environment and services like DNS but you must tell me the plan how to and why and make it transparent to any user | |
| em_ar_ducks 2003-11-11, 10:25 pm |
| Spend some time looking at case studies up on Microsoft's website.
Also check into the resource and planning white papers up there also in addition to the resource kits.
There is a ton of information up there, you just have to dig a little.
good luck!!! | |
| curiousgeorge 2003-11-12, 4:21 am |
| wala-
it would take much longer than 10 minutes to explain everything about an upgrade and reasons for it.
Just some points-
# of sites depends on your physical location as well as bandwidth. You have a west and east, but where is the twilight zone located? Based on your info, I would choose either 2 or 3 sites, but need more info.
First, and most important step, is to prepare for a rollback. Make sure you replicate everything to a BDC from each domain. Then take these BDC's and take them offline. This is your backup plan. If anything goes wrong, you can use these to rollback to the NT domains.
The DNS server that you use:
Must support the SRV RR (RFC 2052)
Supports the dynamic update protocol (RFC 2136).
Version 8.1.2 and later of BIND supports both the SRV RR and dynamic update. So if you have v 8.1.2 or higher, you don't have to worry about your bind DNS. If not, you need to switch to W2K DNS.
Begin the upgrade by upgrading the PDC's first. After you upgrade the PDC's, you are in mixed mode. If AD works, then proceed to upgrade all of your BDC's. If you need to rollback, take the W2K DC's offline, bring back the BDC's you took offline before the upgrade and promote them to PDC's.
Whether to upgrade to W2K or 2003? From the info you give, it's a tough decision. I would only say that I would choose 2003 because it is newer technology and has a few improvements from W2K that make administration easier.
Hard to believe, but W2K is now 4 years old. Upgrades at this point should be made to 2003.
Hope that helps.
Those are basic points to keep in mind. Good luck with the presentation. | |
| Jonoplunk 2003-11-12, 1:35 pm |
| Good points Curiousgeorge.
Walaking, you may want to mention whether you are going to stay in mixed mode or upgrade the domain to Native. Mixed mode will give you the option to convert the Domain back to an NT domain should you find you need to. By introducing a BDC back into the domain you can revert back to an NT domain. It may be worth mentioning something about this, at least get the point across that you are aware that the Domain will be operating in Mixed mode until you, the Administrator, decide to convert it to a Native domain.
As em_ar_ducks says, there are plenty of Deployment and Planning guides in MS Technet, it's just a matter of spending time going through this. Technet is an active resource which you will learn to embrace. | |
| walaking 2003-11-14, 3:43 pm |
| Thanks to em_ar_ducks, curiousgeorge, and Jonoplunk. Your advice r very useful, and i've checked the microsoft's web and there surely have plenty of info. sooo much @_@ hehe. But still I have a few questions.
1. I Synchronize the BDC with the PDC and take the rollback server offline. What exactly can I make it offline ? un-plug the network cable, or is there any other wizards I will have to use.
2. When I am upgrading the PDC to w2k with active directory. How do i keep those old user accounts, groups, and data? do they autometically become entries in the active directory? I read something asked me to copy SAM objects from the Registry to the AD database; the user accounts copy to the Users container......and others. Is that the only way I can do it ?
3. And also how do I eliminate the downtime? While I am upgrading the PDC. The BDC will take over the PDC role or should I do anything else? After PDC become w2k server w/ active directory, How does the w2k server take back the domain controller role from BDC.
4 Last question is after i upgrade NT to w2k, will the settings of DHCP and WINS remain the same? Or i will have to configure it again?
Thank you sooooooooo much. I really learned a lot from doing this project. | |
| walaking 2003-11-14, 4:12 pm |
| Hi it's me again.
I have another question which is... When i am upgrading nt4 to w2k. Should I join the domain? or should i create a tree? or a forest? Say if I create a new forest root, can I still use the same old domain name? and also how do i communicate with another 2 domains? W2k doesnt have that trusted relationship rite? i read it's called transitive trusts which is easiler to deal with. Am i correct? Sorry i am very unclear about this part. Pleeeeeeease help. Thanks so much. thank u thank u thank u  | |
| curiousgeorge 2003-11-15, 1:26 am |
| See... I told you it will take more than 10 minutes to explain all of this.
1. Taking a BDC offline just means unplugging the NIC so it's not communicating on the network.
2. Users and groups will automatically transfer into Active Directory under the Users container.
3. BDC's will take care of the network during the upgrade of the PDC. Actually, M$ suggests that you take your PDC offline while you are doing the actual upgrade so no password changes will be sent to it. After the upgrade, the new Windows 2000 DC has a FSMO role called the PDC Emulator (that's an hour long topic in itself).
4. WINS and DHCP will not be affected during the upgrade. However, you will want to eventually upgrade your DHCP servers to W2K so you can take advantage of dynamic updates with DNS.
Lastly, during the upgrade of your first domain, you will want to say it is a new domain in a new forrest. It is considered new because it is referring to a W2K domain. When you upgrade the other domains, you will choose a new domain (or child domain) in an existing forrest. Keep all domain names the same.
After you upgrade your PDC to W2K DC, the upgraded DC contains the PDC Emulator role and recognizes the trust relationships that were set up.
What you are creating is called an "In Place upgrade" which means you are making an exact replica of your NT domain structure. The benefit of this is that the SIDs on your users and groups won't change. That means you won't have problems with user's gaining access to resources after the upgrade because all of their ACL's remain intact (that's another hour long conversation).
There are also Parallel upgrades and Hybrid upgrades, but it will take too long to explain those here.
This is a good link on the migration process:
NT to 2000 migration steps
Glad you're learning. Good luck with the presentation! | |
|
|
| walaking 2003-11-15, 3:40 pm |
| Sorry it's me again.
Another minor question is.
Say if my Unix DNS is working. I have one DHCP server, one WINS. And after i upgraded my NT PDC to w2k DC. How do I let the network recognize those servers? will it autometically pick up? Or should I change any settings? can you be specific which settings should I make if there r any. Thanks a million. | |
| curiousgeorge 2003-11-15, 4:24 pm |
| The only adjustments that are needed are in DNS. As you are upgrading the NT domain controllers, new records called service records (SRV records) are automatically created in DNS. SRV records are what lets the other computers know where W2K DC's are located. That's why your DNS must support SRV records. Without SRV records, computers would not be able to locate a W2K DC.
All of this happens automatically during the upgrade process. You don't have to do anything with WINS or DHCP.
However, if you want to have dynamic updates in DNS, you will have to upgrade your DHCP servers to W2K as well. It's all in the link I posted earlier.
Here's another link with a little more info:
NT migration info
Great questions. Glad to see you're learning this stuff. | |
|
|
| vsoldiers 2003-11-23, 1:35 pm |
| I HAVE THE SAME PROJECT DUE! I HOPE WE DON"T HAVE THE SAME PROFESSOR!!! DAMN LETS TALK SO WE DON"T present the same thing. | |
| curiousgeorge 2003-11-26, 2:17 am |
| Just tell the Professor you both know the same implementation specialist. 
All migrations have these top level issues. The dialog gets fun when you get into more deep discussions of custom application compatabilities, security requirements, timelines, milestones, support staff, transfer of knowledge, etc.
Let me know how the presentations go. |
|
|
|
|
