ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Small Business Server 2003 to 2012 R2 Migration and Virtualized Domain Controller Questions

    Scheduled Pinned Locked Moved IT Discussion
    windowswindows serversbswindows server 201small business seractive directorydomain controller
    321 Posts 12 Posters 100.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • garak0410G
      garak0410
      last edited by

      Seems like "nerves" are creeping in again. Heading into this week, I thought this was all I really needed to do as far as the migration goes:

      •Order New Server
      •Configure
      •Install Windows Server 2012 R2
      •Download All Updates
      •Configure RAID Drives
      •Currently Set As:
      •Set Roles On Server
      •Hypervisor
      •Old Server Prep
      •Run dcdiag
      •Results
      •Services
      •IsmServ Service is stopped on [PINNSTRDC]
      •System Log
      •An Error Event occured. EventID: 0x00000457
      •8 Of These
      •Set Current Domain Functional Level to Windows Server 2003
      •Locate your FSMO Roles
      •All On Main Server
      •Schema Master
      •Domain naming master
      •Infrastructure Master
      •Relative ID (RID) Master
      •PDC Emulator
      •Prepare your Domain for your new Server 2012 R2 Domain Controllers
      •Run adprep /forstprep from the 2012 DVD on the old server.
      •Set Up Virtual Machines
      •Install Windows Server 2012 R2 and make it a Domain Controller
      •Add the AD role.
      •http://technet.microsoft.com/en-us/library/hh472162
      •After adding the AD DS role and DNS roles to your new Windows 2012 R2 Server simply click the link under Post-deployment configuration from your server manager titled "Promote this server to a Domain Controller"
      •Walk through the wizard and add your new domain controller to your existing domain.
      •Transfer FSMO Roles to new Server 2012 R2 Domain Controller
      •Transfer all 5 or one at a time and start demoting your old Server 2003 DC's in the next step. But the key to remember is to NOT demote any of the current domain controllers that have any of your FSMO roles on them. Be sure to transfer them off first before proceeding to DC demotion.
      •http://blogs.technet.com/b/canitpro/archive/2013/05/27/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012.aspx
      •Demote old Server 2003 Domain Controllers
      •Run dcpromo and follow steps.
      •Remember: Do NOT demote any domain controller that does not have FSMO roles on them.
      •http://technet.microsoft.com/en-us/library/cc740017(v=ws.10).aspx
      •Raise Domain Functional Level
      •Raise the functional level by opening Active Directory Domains and Trusts. Then right click on domain and trusts and select "Raise Forest Functional Level"
      •http://technet.microsoft.com/en-us/library/cc730985.aspx
      •Migration Complete! 🙂

      Now, got some considerations to make as far as splitting up my DC and file services...

      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller
        last edited by

        RAID configuration goes before any install.

        garak0410G 1 Reply Last reply Reply Quote 0
        • garak0410G
          garak0410 @scottalanmiller
          last edited by

          @scottalanmiller said:

          RAID configuration goes before any install.

          Right and that is done now. 🙂 I went with RAID 10 as you suggested! :0

          scottalanmillerS 1 Reply Last reply Reply Quote 1
          • scottalanmillerS
            scottalanmiller @garak0410
            last edited by

            @garak0410 said:

            @scottalanmiller said:

            RAID configuration goes before any install.

            Right and that is done now. 🙂 I went with RAID 10 as you suggested! :0

            Great 🙂

            1 Reply Last reply Reply Quote 0
            • DashrenderD
              Dashrender
              last edited by

              Looks like a good start. As Scott mentioned, some of the things in that list are out of order - but looks good.

              Now you need to add on all of the other migration things. Email, AV, DBs, Printers, Files, etc.

              1 Reply Last reply Reply Quote 0
              • garak0410G
                garak0410
                last edited by

                It seems like the more questions I ask, the more off course I get. LOL. I thought I "had this" going into my "penciled in" Friday evening migration.

                So, in the helpful but still perplexing discussion above, here's what remains and where I want to get back on course...

                • If I migrate, the domain remains the same, correct?

                • If I move the file server to a separate VM, as long as my domain name doesn't change, I should be good, right? That is, permissions to the file server should be OK?

                We have NO Email to migrate (no Exchange) and this isn't counting AV, Files, etc. I just want to get a successful migration in stone, in order first, and then will do the rest of it later...

                Thanks as always...wish I could buy everyone in here Pizza!

                DashrenderD 1 Reply Last reply Reply Quote 0
                • DashrenderD
                  Dashrender @garak0410
                  last edited by Dashrender

                  @garak0410 said:

                  • If I migrate, the domain remains the same, correct?

                  Yes

                  • If I move the file server to a separate VM, as long as my domain name doesn't change, I should be good, right? That is, permissions to the file server should be OK?

                  How would you move the file server without moving files? The only thing that makes a file server a file server is the files it serves. The permissions are what you set them to be. Using Robocopy will help in keeping them the same as they were in the old file server. (FYI - MS changed the default permissions on folders I think in Windows 2008 Server - I'd setup the root folder to be the same as the root folder on your old SBS server before you use Robocopy just to make sure don't run into more problems.

                  garak0410G 1 Reply Last reply Reply Quote 0
                  • garak0410G
                    garak0410 @Dashrender
                    last edited by

                    @Dashrender said:

                    @garak0410 said:

                    • If I migrate, the domain remains the same, correct?

                    Yes

                    • If I move the file server to a separate VM, as long as my domain name doesn't change, I should be good, right? That is, permissions to the file server should be OK?

                    How would you move the file server without moving files? The only thing that makes a file server a file server is the files it servers. The permissions are what you set them to be. Using Robocopy will help in keeping them the same as they were in the old file server. (FYI - MS changed the default permissions on folders I think in Windows 2008 Server - I'd setup the root folder to be the same as the root folder on your old SBS server before you use Robocopy just to make sure don't run into more problems.

                    Where do you want the pizza delivered? 🙂

                    I am moving the files AFTER I promote the new one and demote the other one, correct? Or in between the promotion and demotion? (and yes, plan on keeping them on the root of D)

                    DashrenderD 1 Reply Last reply Reply Quote 0
                    • DashrenderD
                      Dashrender @garak0410
                      last edited by

                      @garak0410 said:

                      I am moving the files AFTER I promote the new one and demote the other one, correct? Or in between the promotion and demotion? (and yes, plan on keeping them on the root of D)

                      Actually you could move the files anytime after you join the new server to the old Domain. Once that is done, the new server will understand the security principals of the domain and you'd be covered. Now, that being said, I would wait until after you promote the new server to an AD DS server, but you don't have to.

                      garak0410G 1 Reply Last reply Reply Quote 0
                      • garak0410G
                        garak0410 @Dashrender
                        last edited by

                        @Dashrender said:

                        @garak0410 said:

                        I am moving the files AFTER I promote the new one and demote the other one, correct? Or in between the promotion and demotion? (and yes, plan on keeping them on the root of D)

                        Actually you could move the files anytime after you join the new server to the old Domain. Once that is done, the new server will understand the security principals of the domain and you'd be covered. Now, that being said, I would wait until after you promote the new server to an AD DS server, but you don't have to.

                        And again, it doesn't matter if I have a separate file server now...same permissions, right? My new login scripts that map the drives will map to the new server...that is if I don't end up with time to do your recommendation of DFS.

                        1 Reply Last reply Reply Quote 0
                        • DashrenderD
                          Dashrender
                          last edited by

                          You have to set the permission. They don't magically appear. I don't mean to sound curt, I want to make sure we're on the same page. You'll have to set the permissions manually on the sharepoint itself (like your did years ago on the old server) and when using Robocopy supply the correct arguments so that file level permissions are kept during the file copy (I hope you have full access - If you don't I'm not sure how to get around that).

                          garak0410G 1 Reply Last reply Reply Quote 0
                          • garak0410G
                            garak0410 @Dashrender
                            last edited by

                            @Dashrender said:

                            You have to set the permission. They don't magically appear. I don't mean to sound curt, I want to make sure we're on the same page. You'll have to set the permissions manually on the sharepoint itself (like your did years ago on the old server) and when using Robocopy supply the correct arguments so that file level permissions are kept during the file copy (I hope you have full access - If you don't I'm not sure how to get around that).

                            Not curt at all. I'll clarify in the morning...thanks for the help!

                            1 Reply Last reply Reply Quote 0
                            • JaredBuschJ
                              JaredBusch
                              last edited by

                              You will use robo copy more than one time. This can all be done at anytime:

                              • Turn up your new server
                              • Copy files with robocopy
                              • Go to Share management and add share permissions
                              • test shares

                              Now wait until maintenance window

                              • rerun robocopy to get changes
                              • change logon scripts
                              • disable sharing on old server
                              • force all workstations to reboot

                              Old server should still be online for YOU to get data from, but all users should now be on new file server.

                              1 Reply Last reply Reply Quote 0
                              • DashrenderD
                                Dashrender
                                last edited by

                                Something I haven't seen mentioned here, When you join another DC to your SBS Domain, you have either 15 or 25 days (I just can't remember now) to turn off the old SBS server or it will start turning itself off - FYI.

                                scottalanmillerS 1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller @Dashrender
                                  last edited by

                                  @Dashrender said:

                                  Something I haven't seen mentioned here, When you join another DC to your SBS Domain, you have either 15 or 25 days (I just can't remember now) to turn off the old SBS server or it will start turning itself off - FYI.

                                  That timer only starts after you promote it. As a member DC it can be there indefinitely.

                                  NetworkNerdN 1 Reply Last reply Reply Quote 0
                                  • NetworkNerdN
                                    NetworkNerd @scottalanmiller
                                    last edited by NetworkNerd

                                    @scottalanmiller said:

                                    @Dashrender said:

                                    Something I haven't seen mentioned here, When you join another DC to your SBS Domain, you have either 15 or 25 days (I just can't remember now) to turn off the old SBS server or it will start turning itself off - FYI.

                                    That timer only starts after you promote it. As a member DC it can be there indefinitely.

                                    Good thing - I just added a new DC to a SBS 2003 domain this afternoon as a member DC and then saw this thread. I was starting to worry a little after that previous comment.

                                    1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller
                                      last edited by

                                      SBS has to be a forest root but can have as many members as you want.

                                      JaredBuschJ 1 Reply Last reply Reply Quote 0
                                      • JaredBuschJ
                                        JaredBusch @scottalanmiller
                                        last edited by

                                        @scottalanmiller said:

                                        SBS has to be a forest root but can have as many members as you want.

                                        Yes, it was even sold in a premium package that included a standard server license and a SQL license to install on an second box.

                                        1 Reply Last reply Reply Quote 0
                                        • garak0410G
                                          garak0410
                                          last edited by

                                          Good Morning Everyone. Reading the latest updates and slept some of the fear off. 🙂

                                          Right now, I've created my two virtual machines and I am downloading updates to them.

                                          VM1: Domain Controller. 2GB of RAM, 1 CPU
                                          VM2: File Server (called services01): 4GB RAM, 2 CPU (this will also host the backup software and antivirus)

                                          When complete, I will let you know. The steps I mentioned several posts ago, I can actually complete up to the demotion and promotion part, correct? Even if the new server will contain the migrated domain name?

                                          1 Reply Last reply Reply Quote 0
                                          • JaredBuschJ
                                            JaredBusch
                                            last edited by JaredBusch

                                            Correct you can do everything except the demote/promote parts. The new servers should be joined to the domain as member servers. There is no restriction on member servers.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 16
                                            • 17
                                            • 2 / 17
                                            • First post
                                              Last post