Here’s the setup:
Single server that is a DC, DNS, DHCP and WINS server. Also hosts all file shares (user directories and shared folders) and printer shares.
Move everything over to the new server. Here’s how:
1.Build your new server
First thing, build you new server with the latest Windows 2003 software (we’ll stay on 2003 as that’s the most common right now). We’ll call the old server OLDDC and the new one NEWDC.
Give yourself a large C: partition, at least 25gb. The rest of can be partitioned into the D: drive. I don’t like to create a lot of partitions because they just cause more overhead for little purpose. ALWAYS keep your OS and data separate though!
As for the server, most places up through 100 users can easily get by with a single RAID controller running RAID5. You’ll see plenty of debate over this (RAID6, RAID10, etc) but I’ve had good luck with this configuration. 4gb of RAM for Windows Standard.
2. Promote the server to be the DC
a. Insert your new server into the domain. Make sure to install DNS, DHCP and WINS before continuing.
b. Run “DCPROMO” and make this a new DC in your domain.
c. Record your AD Recovery password!
d. Wait at least an hour or 2 to make sure everything gets replicated and you AD settles down.
3. Move your FSMO roles
a. RID, PDC and Infrastructure roles can be found in Active Directory Users and Computers by right clicking on your domain and click on the Operations Masters. Wait at least 30 seconds between changing each role to make sure the task gets kicked off before moving on to the next role.
b. Operations Master role can be found in Active Directory Domains and Trusts by right clicking on Active Directory Domains and Trusts (above the domain) and click on Operations Master.
c. Global Catalog can be found in Active Directory Sites and Services and drilling down to the NTDS settings of your server and right clicking on it. Check GC to create a new GC on that server.
d. Wait at least and hour, then drill down to the NTDS settings on OLDDC and uncheck the GC from it.
e. While not strictly FSMO roles, I like to click on each site in AD Sites and Services and make sure that the Licensing Site Settings and TS-Enterprise-License-Server are pointing to the new server.
4.Move the Schema Master
This role is often missed in AD migrations.
a. From command line, register the schema master DLL. “regsvr32 schmmgmt.dll”
b. Run “MMC” to give you a blank management console.
c. Click on “File”, “Add/Remove Snap-in”. Click on “Add”. Locate “Active Directory Schema” and click on “Add”. Click on “Close”, then click on “OK”.
d. Right click on “Active Directory Schema”. You’ll notice it attaches to your old DC. Click on “Change Domain Controller” and then specify your new domain controller.
e. Right click again, and click on “Operations Master”. Move the Schema master to your new server.
5.Migrate DNS
Since DNS was already installed on your new DC it should now have the full DNS structure downloaded. Verify this by opening the DNS MMC and seeing your data.
Point all of your static IP address devices to use your new server as their DNS server. Sorry, this is a manual process.
6.Migrate WINS
WINS is barely used in Windows domains, but I like to keep it as a last resort name resolution solution. Because of that, even in large environments, I tend to only have 1 WINS server. If you have very large remote offices and feel the need to replicate WINS make sure to setup a classic hub and spoke topology with only 1 hub server and each spoke replicates ONLY with the hub. Do not setup any circular replication.
Manually update your static IP address devices to use your new server as their WINS server.
7.Migrate DHCP
This is pulled from Microsoft document KB325475.
a. On OLDDC, go to a command prompt and type: netsh dhcp server export C:\dhcp.txt all
b. Copy C:\DHCP.TXT to the C:\ on NEWDC
c. On NEWDC type: netsh dhcp server import c:\dhcp.txt all
d. Open the DHCP MMC and right click on NEWDC. Click on Properties.
e. Click on Advanced. Change “Conflict detection attempts” to at least 2. This way the new DHCP server will PING an address before handing it out. This avoids IP conflicts.
f. Click on the “Credentials” button and put in your DHCP service account information in here. I would recommend creating a special SVC account for this instead of using the “Administrator” account. Click on “OK” twice to exit out of the window.
g. Right click on the NEWDC again and click on “Authorize”. The new scope is now active.
h. Make sure to update the scope options to use your new DNS and WINS IP addresses.
i. Now go to OLDDC and open up the DHCP MMC. Open up the server and right click on the old scope. Click on “Deactive” to turn off the old scope.
8. Migrate Printers
a. Download and install the Print Migrator (see references below) on NEWDC.
b. Run Print Migrator. Click View, then click on Target. Type in “\\OLDDC” and click on OK.
c. Click on Actions, then Backup. Save the *.CAB to the desktop on NEWDC. This will take a few minutes.
d. Click on View again, and click on Target. Type in “\\NEWDC” and click on OK.
e. Click on Actions then Restore. Point to the *.CAB you saved above and click on “OK”.
f. You may get an error message about Kernel level drivers. Click on “NO” (if you click YES it will cancel the restore).
g. Double check that all of your printers came over. You may have a couple that didn’t (any printer that uses a *.CAB file in it’s driver set will fail to restore using print migrator). Manually recreate those printers.
9. Move users to new printer shares
a. Download the MigratePrinters script from the “Migration Scripts” reference below.
b. Edit the first 2 lines to reflect the old server name (OLDDC) and the new server name (NEWDC).
c. Launch the VB script from your login script when users log in. If the user has a printer from the old server it will try to map that EXACT same printer on the new server. If this fails the script moves on to the next printer. If it succeeds in mapping the printer it will then determine if this was default printer as well and set that.
d. Do NOT rename the printers!
10.Migrate File Shares – Phase 1
a. Download and install the File Migration Utility from the reference link below onto NEWDC.
b. Create a new migration project.
c. Follow the New Project Wizard. I have not done the DFS portion, so typically uncheck this part. Set your default location to D:\ and Finish.
d. From the main server, click on “Add Server…” under the “Source file servers” pull down. Type in OLDDC.
e. Select the shares you wish to migrate. Be careful here. The File Migrator does not move shares within shares very well (if you have d:\share and d:\share\share shared, it’ll have all kinds of problems). Note the Target Share and Target location over to the right.
f. On the “View by” pull down, select “Target Volumes”. Click through every folder in this section.
g. Change the “Target Share” to what you want it to be (default adds the old server name, which is probably not what you want).
h. Change the “Target Location” on the right. Same problem, edit each folder as necessary.
i. Click on “Continue” and validate everything before starting (this may take a couple of minutes to come up).
j. Click on “Continue” to begin the phase 1 file copy. This will create new shares on the new server and begin copying files from the old server. It does NOT turn off access to the old server and can be run during business hours. Any files that are in use will be skipped. I sometimes call this step “pre-seeding”.
11.Migrate File Shares – Phase 2
a. Phase 1 will probably take several hours to complete. Once done schedule a downtime for the file server. Usually on the weekends.
b. It is possible to exit out of the File Migration utility and restart it later, just note the configuration file name so you can load that later.
c. When ready for Phase 2, click on “Continue” and confirm you wish to turn off the shares. This will turn off all access to the old server and copy all files that have changed since the phase 1 file copy.
d. When completed the File Migration utility will turn on the new shares and they will now be accessible.
e. Update your login script to reflect the shared folder change. If you don’t have a login script, now would be a good time to implement one. A simple script could look like:
NET USE S: /D
NET USE S: \\NEWDC\SHARED
12. Change User Folders
a. One of the shares you selected in steps 10 and 11 should have been the user’s private home directory.
b. You can manually go through Active Directory Users and Computers and update the profile tab on all users to point to the new home directory. Or:
c. You can run the ChgHomeDir script from the Migration Scripts reference below.
d. Edit the script and change the first line to be your search string. If you have multiple USER folders you can specify exactly which one you want to change. The first line is a search string, if the data is matched from this string then the home directory will be changed. The script searches the current home directory field.
e. Second line of the script is the path to the new users folder.
Alternate method:
————————
a. Simply multi-select (ctrl-click) the users you want to change.
b. Right click and click on properties
c. Click on the “Profile” tab
d. Click on “Home Folder”, click on “Connect” then select the drive letter and type the path: \\NEWDC\USERS\%USERNAME%
e. You’ll probably get an error message that the folders already exist, that’s OK. Click on “Cancel” to exit this window.
f. Copy the script to NEWDC and run it. A log will be created of every folder that was changed and what it was changed to.
13.Retire WINS
a. Open up WINS on NEWDC.
b. Drill down and right click on “Active Registrations”. Click on Delete Owner.
c. Locate OLDDC and select it. Click on “Replicate deletion to other servers (tombstone)” and click on “OK”.
14.Cleanup on OLDDC
a. Run DCPROMO on OLDDC, make sure you DO NOT select “This is the last domain controller in the domain”. That would be bad. Reboot as needed.
b. Uninstall DHCP and DNS from OLDDC
c. Remove OLDDC from the domain and power off.
15.Final Steps
a. At this point you have completed the migration.
b. Install Backup and Anti-Virus agents and any other software you typically use in your environment.
c. Rebuild OLDDC as a SpiceWorks server.
Conclusion
That’s it. Obviously, a lot of assumptions were used in this How-To and your mileage may vary on how useful some of these steps are.
Some gotcha’s & thoughts:
1. File Migration utility utilizes WMI and doesn’t work on NT4.0.
2. Until recently I never retired my old WINS servers and it wasn’t until I came to PC Connection that we saw thousand of bad entries! So retiring a WINS server should be done. If you don’t, then your old server will stay the owner of the record and ONLY the owner of the record can scavenge the records so they will sit in your WINS server forever (haven’t tried manually deleting, I expect that would work). You can do the “Delete Owner” step #13 however.
3. Scripts provided were created by me and have been used in production environments but they are use at your own risk. I make no warrantee or guarantee. Learn VB and know what it does before you run this in your own environment. The manual processes still work great 🙂
4. Please note that there is no interruption to the users until Step #11!
5. As recently noted, the Print Migrator is 32-bit application only and will not migrate to a 64-bit system. It will also not migrate 64-bit drivers. Additionally, it has problems with print drivers that use *.CAB files in their driver set (some HP printers do this) and those will not migrate.
Home