Small Business Server 2003 to 2012 R2 Migration and Virtualized Domain Controller Questions
- 
 @scottalanmiller said: @garak0410 said: @scottalanmiller said: Yes, the first one. OK, I realized that message was a warning so I put in my admin password and moved on...now, LOL, I get this:  LOL to the first bit. Is your 2003 box not authoritative for its zone? This is just like parenting. No real manual on how to do it. LOL Well, I got to this screen (covered up the domain name but I do see my current domain in REPLICATE FROM. OK to hit next?  
- 
 when you click Next the wizard should do the forest prep needed to allow you to install a windows 2012 server as a DC. 
- 
 Will BRB...got a heavily used printer down. 
- 
 OK, the paths looked good, so hitting next (masking out my actual domain and PC names) Review Options show this: Configure this server as an additional Active Directory domain controller for the domain "mydomain.local". Site Name: Default-First-Site-Name Additional Options: Read-only domain controller: No Global catalog: Yes DNS Server: Yes Update DNS Delegation: No Source DC: domainPC.mydomain.local Database folder: C:\Windows\NTDS Log file folder: C:\Windows\NTDS SYSVOL folder: C:\Windows\SYSVOL The DNS Server service will be configured on this computer. This computer will be configured to use this DNS server as its preferred DNS server. So, looking good here to continue to proceed? 
- 
 Looks good to me. 
- 
 
- 
 Ready to click FINISH First part of results not in screen shot: Windows Server 2012 R2 domain controllers have a default for the security setting named "Allow cryptography algorithms compatible with Windows NT 4.0" that prevents weaker cryptography algorithms when establishing security channel sessions. For more information about this setting, see Knowledge Base article 942564 (http://go.microsoft.com/fwlink/?LinkId=104751).  
- 
 As long as you don't have any NT servers or workstations connecting you should be good. I was concerned that maybe my XP machines might have an issue, but there hasn't been one! Click install. FYI, you might want to edit your photo, your domain name is listed there. 
- 
 @Dashrender said: As long as you don't have any NT servers or workstations connecting you should be good. I was concerned that maybe my XP machines might have an issue, but there hasn't been one! Click install. Clicking on INSTALL. I will not be demoting the old one until Friday evening... 
- 
 Why demote so soon? I would wait a bit longer than that. 
- 
 You have at least 15 days if not longer before this server will start shutting down on it's own. Give yourself plenty of time to make sure all things work. Did you setup DHCP for the client computers? 
- 
 Definitely wait a little while. My rule of thumb is no less than a week, even in really small environments. Gives me enough time to verify that there are no replication issues going on. Garak is giving me some 70-410 practice over on another forum  
- 
 It's looking good y'all! I'm gonna buy everyone pizza or coffee when this is done! The next step on my list is this: •Transfer FSMO Roles to new Server 2012 R2 Domain Controller 
  Transfer all 5 or one at a time and start demoting your old Server 2003 DC's in the next step. But the key to remember is to NOT demote any of the current domain controllers that have any of your FSMO roles on them. Be sure to transfer them off first before proceeding to DC demotion. Transfer all 5 or one at a time and start demoting your old Server 2003 DC's in the next step. But the key to remember is to NOT demote any of the current domain controllers that have any of your FSMO roles on them. Be sure to transfer them off first before proceeding to DC demotion.
  http://blogs.technet.com/b/canitpro/archive/2013/05/27/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012.aspx http://blogs.technet.com/b/canitpro/archive/2013/05/27/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012.aspxStick with this? 
- 
 @Dashrender said: You have at least 15 days if not longer before this server will start shutting down on it's own. Give yourself plenty of time to make sure all things work. 90 days I think. Need to look that up. 
- 
 And the timer doesn't start when this one is added. It starts when the FSMO roles are moved. 
- 
 OK, so what is really recommended next? Run off both DC's for a good while? Since my old DC was my file server as well, I am wanting to get that moved. So perhaps move on to that this Friday evening. That is where the DHCP may come into play. And changing some of our messy VBA apps code to point to new file server. 
- 
 Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct? 
- 
 @garak0410 said: Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct? Something like this should suffice: robocopy /mir /sec /secfix "source" "destination" 
- 
 @garak0410 said: Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct? It will keep permissions. What do you mean by echoing a server name? 
- 
 @garak0410 said: Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct? I am running a robocopy from an old file server to a new one right now. I have been slowly robycopying everything over to the new server. Yes it will keep all the permissions. 





