ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Small Business Server 2003 to 2012 R2 Migration and Virtualized Domain Controller Questions

    Scheduled Pinned Locked Moved IT Discussion
    windowswindows serversbswindows server 201small business seractive directorydomain controller
    321 Posts 12 Posters 100.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • garak0410G
      garak0410
      last edited by

      My RoboCopy tests have proven to be good so far. I see the domain level permissions! 🙂

      1 Reply Last reply Reply Quote 0
      • garak0410G
        garak0410 @scottalanmiller
        last edited by

        @scottalanmiller said:

        I told you about using the CNAME process at the beginning of this process 😉

        My memory is fading when I spend 2 hours trying to explain to our office manager why scanning in a 500 page project in our copier make it run out of memory and I cannot change that fact... 😞

        1 Reply Last reply Reply Quote 0
        • DashrenderD
          Dashrender
          last edited by

          You can only use the CNAME after you turn off the old server.

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender
            last edited by

            Don't forget, before you turn off the old server you should DCPromo it to remove it from the Active Directory. Then you can turn it off and delete the records from the DNS server.

            1 Reply Last reply Reply Quote 0
            • garak0410G
              garak0410
              last edited by

              These are the steps I have left in the list I've collated over the past few months:

              		§ Transfer FSMO Roles to new Server 2012 R2 Domain Controller
              			â–¡ Transfer all 5 or one at a time and start demoting your old Server 2003 DC's in the next step. But the key to remember is to NOT demote any of the current domain controllers that have any of your FSMO roles on them. Be sure to transfer them off first before proceeding to DC demotion.
              			â–¡ http://blogs.technet.com/b/canitpro/archive/2013/05/27/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012.aspx
              		§ Demote old Server 2003 Domain Controllers
              			â–¡ Run dcpromo and follow steps.
              				® Remember: Do NOT demote any domain controller that does not have FSMO roles on them.
              			â–¡ http://technet.microsoft.com/en-us/library/cc740017%28v=ws.10%29.aspx
              		§ Raise Domain Functional Level
              			â–¡ Raise the functional level by opening Active Directory Domains and Trusts. Then right click on domain and trusts and select "Raise Forest Functional Level"
              			â–¡ http://technet.microsoft.com/en-us/library/cc730985.aspx
              		§ Migration Complete! :)
              
              1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender
                last edited by

                Looks good.

                An FYI for you. If you demote a server that has a FSMO role on it - DCPromo will push the roll to another server (at least it did for me once). But do as the documentation says, move them yourself first.

                Heck, just to make sure everything is working well, I'd move all services (files/printers/av console, etc) off the old server, then after a few days to make sure that all works, I'd move the FSMO rolls then turn off the old server for a day or two. If your network continues with the old server turned off before you remove it from the domain, then you know everything has moved as needed. If when you turn the old server off, something breaks, you know you forgot something.

                garak0410G 1 Reply Last reply Reply Quote 1
                • garak0410G
                  garak0410 @Dashrender
                  last edited by

                  @Dashrender said:

                  Looks good.

                  An FYI for you. If you demote a server that has a FSMO role on it - DCPromo will push the roll to another server (at least it did for me once). But do as the documentation says, move them yourself first.

                  Heck, just to make sure everything is working well, I'd move all services (files/printers/av console, etc) off the old server, then after a few days to make sure that all works, I'd move the FSMO rolls then turn off the old server for a day or two. If your network continues with the old server turned off before you remove it from the domain, then you know everything has moved as needed. If when you turn the old server off, something breaks, you know you forgot something.

                  I may look at doing this. Moving the files over will coincide with login scripts to map the drives to the new file server. Since I cannot use the suggested CNAME option above until the old server is turned off, I'll for sure need to make sure our software code points to the new file server on selected sheets that have code that references the current file server.

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @Dashrender
                    last edited by

                    @Dashrender said:

                    You can only use the CNAME after you turn off the old server.

                    That's only because a CNAME wasn't used before. If you used service names rather than host names from the beginning, as you will now, this becomes transparent and you no longer need to turn off the old system.

                    DashrenderD 1 Reply Last reply Reply Quote 0
                    • garak0410G
                      garak0410
                      last edited by

                      So what are some of the BPA's I can run to check to see if this last step is working? I did create a new user on the new server and it replicated back to the old one. 🙂

                      1 Reply Last reply Reply Quote 0
                      • DashrenderD
                        Dashrender @scottalanmiller
                        last edited by

                        @scottalanmiller said:

                        @Dashrender said:

                        You can only use the CNAME after you turn off the old server.

                        That's only because a CNAME wasn't used before. If you used service names rather than host names from the beginning, as you will now, this becomes transparent and you no longer need to turn off the old system.

                        This is a great point. garak - listen to this. Create a CNAME NOW, right now for that new server. Then use that new name for all of your new logon scripts. This will save you a ton of pain the next time this needs to happen.

                        Also, now is a good time to look at creating DFS shares instead of normal shares (OK not really instead of, but in addition to).

                        1 Reply Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller
                          last edited by

                          Yes. Just like you can't skip virtualization now, don't skip proper DNS management too.

                          1 Reply Last reply Reply Quote 0
                          • garak0410G
                            garak0410 @NetworkNerd
                            last edited by

                            @NetworkNerd said:

                            @garak0410 said:

                            Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct?

                            Something like this should suffice: robocopy /mir /sec /secfix "source" "destination"

                            Question...I want to just copy everything over from d$ on oldserver and copy to e$ on newserver. What's the best syntax for that? I am getting

                            ERROR : Invalid Parameter #3 : "/secfix"

                            Currently when trying this...

                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @garak0410
                              last edited by

                              @garak0410 /secfix needs more info. Add /copyall

                              http://technet.microsoft.com/en-us/library/cc733145.aspx

                              garak0410G 1 Reply Last reply Reply Quote 0
                              • garak0410G
                                garak0410 @scottalanmiller
                                last edited by garak0410

                                @scottalanmiller said:

                                @garak0410 /secfix needs more info. Add /copyall

                                http://technet.microsoft.com/en-us/library/cc733145.aspx

                                I added it and it still doesn't like secfix...maybe my syntax is still bad:

                                robocopy /mir /sec /secfix /copyall "\oldserver\d$" "\newserver\e$"

                                and the double \ is in there, just now showing up in the post...

                                1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller
                                  last edited by

                                  Use three backslashes for it to show up.

                                  1 Reply Last reply Reply Quote 0
                                  • scottalanmillerS
                                    scottalanmiller
                                    last edited by

                                    Why are using /sec and /secfix ? One or the other.

                                    garak0410G 1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller
                                      last edited by

                                      And I don't believe that you can mix /mir with /copyall

                                      1 Reply Last reply Reply Quote 0
                                      • garak0410G
                                        garak0410 @scottalanmiller
                                        last edited by

                                        @scottalanmiller said:

                                        Why are using /sec and /secfix ? One or the other.

                                        Because it was suggested earlier in this thread...LOL

                                        1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller
                                          last edited by

                                          /sec applies security, /secfix attempts to fix it. Pretty sure that they cannot be mixed.

                                          garak0410G 1 Reply Last reply Reply Quote 0
                                          • garak0410G
                                            garak0410 @scottalanmiller
                                            last edited by

                                            @scottalanmiller said:

                                            /sec applies security, /secfix attempts to fix it. Pretty sure that they cannot be mixed.

                                            Thanks dude...copying now.

                                            I am doing a copy now to test some login scripts before Friday. I'll run a fresh one on Friday evening. Getting closer...got another problem I'll make in another post...Anti-Virus migration isn't going "by the book."

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 7
                                            • 8
                                            • 9
                                            • 10
                                            • 11
                                            • 16
                                            • 17
                                            • 9 / 17
                                            • First post
                                              Last post