1 / 13

Windows Server 2003 La migrazione da Windows NT 4.0 a Windows Server 2003

Windows Server 2003 La migrazione da Windows NT 4.0 a Windows Server 2003. Relatore: Corrado.Cappucci@pipeline.it MCSE - MCT. Upgrading Domains. The Domain Upgrade Process. A domain upgrade: Upgrades a PDC to Windows Server 2003 and Active Directory

olive
Download Presentation

Windows Server 2003 La migrazione da Windows NT 4.0 a Windows Server 2003

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows Server 2003La migrazione da Windows NT 4.0a Windows Server 2003 Relatore: Corrado.Cappucci@pipeline.it MCSE - MCT

  2. Upgrading Domains

  3. The Domain Upgrade Process • A domain upgrade: • Upgrades a PDC to Windows Server 2003 and Active Directory • Maintains existing users, groups, computers, and applications Prevent domain controller overload 1 Upgrade the PDC to Windows Server 2003 2 3 Install and configure DNS Install Active Directory 4 5 Verify domain controller operations Upgrade Windows NT 4.0 BDCs 6

  4. Effects of a Domain Upgrade on Groups

  5. Acct1 Effects of a Domain Upgrade on Trust Relationships Windows NT 4.0 Domains Windows Server 2003 Domains Upgrade 2 One-Way Non-Transitive Trust 2-Way TransitiveTrust 2-Way TransitiveTrust ForestRoot Acct2 2-Way TransitiveTrust Acct1 Acct2 One-Way Non-Transitive Trust One-Way Non-Transitive Trust Res1 Res1 To protect resource security: Audit memberships in all administrative groups 1 2 Review DACLs for important resources

  6. What happens during a PDC upgrade? • The forest functional level can be set at either: • Windows 2000 mixed • Windows Server 2003 interim • Security level permissions are set at either: • Permissions compatible with pre-Windows 2000 • Permissions compatible only with Windows 2000 orWindows Server 2003 • The upgraded PDC holds the PDC emulator operations master role Implications of Upgrading a PDC

  7. Add a newly installed domain controller 1 Transfer operations master roles 2 Reformat disk on upgraded domain controller and perform a clean installation 3 Transfer back any operations master roles 4 How to Upgrade a Windows NT 4.0 PDC To upgrade a PDC: Best practice to add additional domain controllers: Select Upgrade for the installation type 1 Configure partitions as NTFS 2 Verify that you are using a static IP address 3 Configure DNS client settings 4 Install Active Directory 5 Process minimizes adverse effects from any corrupted data on the PDCprior to upgrade

  8. How to Verify Domain Controller Operations At this point a complete recovery is still possible without any data loss To verify Active Directory is functional: Verify trust relationships 1 Verify new user accounts can be created 2 3 Verify new user object replication Verify successful logon 4 Diagnostic tools: • Use dcdiag.exe to verify the Active Directory service • Use Repadmin.exe/showreps to verify the parent domain • Use nltest.exe/bdc_query:domainname to verify the BDC replication status

  9. How to Develop a Recovery Plan for a Domain Upgrade Recovery plan:Details steps to roll back directory services migration Rollback strategy:A plan to return production environment to the state before changes To ensure that a domain can be rolled back: • Add a BDC to any domain that contains only a single domain controller • Document configuration of services and applications • Back up all services and applications to tape • Synchronize all BDCs with PDC • Take a fully synchronized BDC offline before upgrades are performed • Periodically start protected BDC while still in Windows 2000 mixed domain Recovery tasks: • Remove all computers running Windows Server 2003 • Promote the offline BDC to a PDC

  10. On the domain controller to be upgraded, browse to HKEY_LOCAL_MACHINE\SYSTEM\ CurrentControlSet\Services\Netlogon\Parameters 1 Add the REG_DWORD entry NT4Emulator with the value 1 2 Repeat the procedure on each domain controller 3 After additional domain controllers have been added, set the value of the NT4Emulator registry key to 0, or delete the key 4 How to Prevent the Domain Controller from Overloading Overload occurs when too many client computers request authentication from too few domain controllers

  11. On the client computer, browse to HKEY_LOCAL_MACHINE\ SYSTEM\CurrentControlSet\Services\Netlogon\Parameters 1 Change the DWORD value 2 Use NeutralizeNT4Emulator for the new entry name 3 Double-click the new entry name 4 In the Edit DWORD Value dialog box, type 1 5 Click Registry, and then click Exit 6 How to Neutralize Windows NT 4.0 Domain Controller Emulation The Active Directory installation will fail if the domain controller is configured to prevent domain controller overload

  12. How to Add Additional Domain Controllers Add additional domain controllers for fault tolerance and load balancing • Add new servers running Windows Server 2003 to the domain and then install Active Directory • Take a Windows NT 4.0 BDC offline, reformat hard disk, then install Windows Server 2003 and Active Directory • Upgrade a Windows NT 4.0 BDC to Windows Server 2003 Options: Process for upgrading a Windows NT 4.0 BDC: Upgrade operating system to Windows Server 2003 1 Run the Active Directory Installation Wizard 2

  13. To complete the domain upgrade: Reconfigure the DNS service 1 Add Windows NT 4.0 BDCs to the domain if necessary 2 Eliminate anonymous connections to domain controllers 3 Raise domain and forest functional levels 4 Move users and computers to an OU 5 How to Complete the Upgrade

More Related